Canonical USN OVAL Generator 1 5.11.1 2024-05-04T09:24:46 Copyright (C) 2024 Canonical LTD. All rights reserved. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for more details. You should have received a copy of the GNU General Public License version 3 along with this program. If not, see http://www.gnu.org/licenses/. Ubuntu 23.10 USN-6374-1 fixed vulnerabilities in Mutt. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that Mutt incorrectly handled certain email header contents. If a user were tricked into opening a specially crafted message, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-4874, CVE-2023-4875) Update Instructions: Run `sudo pro fix USN-6374-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 2.2.9-1ubuntu0.23.10.1 No subscription required Medium CVE-2023-4874 CVE-2023-4875 Ubuntu 23.10 USN-6402-1 fixed vulnerabilities in LibTomMath. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service (DoS). Update Instructions: Run `sudo pro fix USN-6402-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtommath-dev - 1.2.0-6ubuntu0.23.10.1 libtommath-doc - 1.2.0-6ubuntu0.23.10.1 libtommath1 - 1.2.0-6ubuntu0.23.10.1 No subscription required Medium CVE-2023-36328 Ubuntu 23.10 It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37706) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-27585) Original advisory details: It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37706) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2022-21723, CVE-2022-23537, CVE-2022-23547, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24793, CVE-2022-31031, CVE-2022-39244) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-21722) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-27585) Update Instructions: Run `sudo pro fix USN-6422-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jami - 20230206.0~ds2-1.3ubuntu0.1 jami-daemon - 20230206.0~ds2-1.3ubuntu0.1 No subscription required Medium CVE-2021-37706 CVE-2023-27585 Ubuntu 23.10 USN-6423-1 fixed a vulnerability in CUE. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6423-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcue-dev - 2.2.1-4ubuntu1 libcue2 - 2.2.1-4ubuntu1 No subscription required Medium CVE-2023-43641 Ubuntu 23.10 USN-6425-1 fixed vulnerabilities in Samba. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. (CVE-2023-4091) Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. (CVE-2023-4154) Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2023-42669) Kirin van der Veer discovered that Samba incorrectly handled certain RPC service listeners. A remote attacker could possibly use this issue to cause Samba to start multiple incompatible RPC listeners, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-42670) Update Instructions: Run `sudo pro fix USN-6425-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldb-tools - 2:2.7.2+samba4.18.6+dfsg-1ubuntu2.1 libldb-dev - 2:2.7.2+samba4.18.6+dfsg-1ubuntu2.1 libldb2 - 2:2.7.2+samba4.18.6+dfsg-1ubuntu2.1 python3-ldb - 2:2.7.2+samba4.18.6+dfsg-1ubuntu2.1 python3-ldb-dev - 2:2.7.2+samba4.18.6+dfsg-1ubuntu2.1 No subscription required ctdb - 2:4.18.6+dfsg-1ubuntu2.1 libnss-winbind - 2:4.18.6+dfsg-1ubuntu2.1 libpam-winbind - 2:4.18.6+dfsg-1ubuntu2.1 libsmbclient - 2:4.18.6+dfsg-1ubuntu2.1 libsmbclient-dev - 2:4.18.6+dfsg-1ubuntu2.1 libwbclient-dev - 2:4.18.6+dfsg-1ubuntu2.1 libwbclient0 - 2:4.18.6+dfsg-1ubuntu2.1 python3-samba - 2:4.18.6+dfsg-1ubuntu2.1 registry-tools - 2:4.18.6+dfsg-1ubuntu2.1 samba - 2:4.18.6+dfsg-1ubuntu2.1 samba-ad-dc - 2:4.18.6+dfsg-1ubuntu2.1 samba-ad-provision - 2:4.18.6+dfsg-1ubuntu2.1 samba-common - 2:4.18.6+dfsg-1ubuntu2.1 samba-common-bin - 2:4.18.6+dfsg-1ubuntu2.1 samba-dev - 2:4.18.6+dfsg-1ubuntu2.1 samba-dsdb-modules - 2:4.18.6+dfsg-1ubuntu2.1 samba-libs - 2:4.18.6+dfsg-1ubuntu2.1 samba-testsuite - 2:4.18.6+dfsg-1ubuntu2.1 samba-vfs-modules - 2:4.18.6+dfsg-1ubuntu2.1 smbclient - 2:4.18.6+dfsg-1ubuntu2.1 winbind - 2:4.18.6+dfsg-1ubuntu2.1 No subscription required Medium CVE-2023-4091 CVE-2023-4154 CVE-2023-42669 CVE-2023-42670 Ubuntu 23.10 USN-6427-1 fixed a vulnerability in .NET. This update provides the corresponding update for .NET 8. Original advisory details: It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6427-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-8.0 - 8.0.0~rc2-0ubuntu1 aspnetcore-targeting-pack-8.0 - 8.0.0~rc2-0ubuntu1 dotnet-apphost-pack-8.0 - 8.0.0~rc2-0ubuntu1 dotnet-host-8.0 - 8.0.0~rc2-0ubuntu1 dotnet-hostfxr-8.0 - 8.0.0~rc2-0ubuntu1 dotnet-runtime-8.0 - 8.0.0~rc2-0ubuntu1 dotnet-targeting-pack-8.0 - 8.0.0~rc2-0ubuntu1 No subscription required dotnet8 - 8.0.100-8.0.0~rc2-0ubuntu1 No subscription required dotnet-sdk-8.0 - 8.0.100~rc2-0ubuntu1 dotnet-sdk-8.0-source-built-artifacts - 8.0.100~rc2-0ubuntu1 dotnet-templates-8.0 - 8.0.100~rc2-0ubuntu1 netstandard-targeting-pack-2.1-8.0 - 8.0.100~rc2-0ubuntu1 No subscription required Medium CVE-2023-44487 Ubuntu 23.10 USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546) Update Instructions: Run `sudo pro fix USN-6429-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 8.2.1-1ubuntu3.1 libcurl3-gnutls - 8.2.1-1ubuntu3.1 libcurl3-nss - 8.2.1-1ubuntu3.1 libcurl4 - 8.2.1-1ubuntu3.1 libcurl4-doc - 8.2.1-1ubuntu3.1 libcurl4-gnutls-dev - 8.2.1-1ubuntu3.1 libcurl4-nss-dev - 8.2.1-1ubuntu3.1 libcurl4-openssl-dev - 8.2.1-1ubuntu3.1 No subscription required High CVE-2023-38545 CVE-2023-38546 Ubuntu 23.10 It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6433-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 10.01.2~dfsg1-0ubuntu2.1 ghostscript-doc - 10.01.2~dfsg1-0ubuntu2.1 ghostscript-x - 10.01.2~dfsg1-0ubuntu2.1 libgs-common - 10.01.2~dfsg1-0ubuntu2.1 libgs-dev - 10.01.2~dfsg1-0ubuntu2.1 libgs10 - 10.01.2~dfsg1-0ubuntu2.1 libgs10-common - 10.01.2~dfsg1-0ubuntu2.1 libgs9-common - 10.01.2~dfsg1-0ubuntu2.1 No subscription required Medium CVE-2023-43115 Ubuntu 23.10 Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-36799) It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-44487) Update Instructions: Run `sudo pro fix USN-6438-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-6.0 - 6.0.123-0ubuntu1 aspnetcore-targeting-pack-6.0 - 6.0.123-0ubuntu1 dotnet-apphost-pack-6.0 - 6.0.123-0ubuntu1 dotnet-host - 6.0.123-0ubuntu1 dotnet-hostfxr-6.0 - 6.0.123-0ubuntu1 dotnet-runtime-6.0 - 6.0.123-0ubuntu1 dotnet-sdk-6.0 - 6.0.123-0ubuntu1 dotnet-sdk-6.0-source-built-artifacts - 6.0.123-0ubuntu1 dotnet-targeting-pack-6.0 - 6.0.123-0ubuntu1 dotnet-templates-6.0 - 6.0.123-0ubuntu1 dotnet6 - 6.0.123-0ubuntu1 netstandard-targeting-pack-2.1 - 6.0.123-0ubuntu1 No subscription required aspnetcore-runtime-7.0 - 7.0.112-0ubuntu1 aspnetcore-targeting-pack-7.0 - 7.0.112-0ubuntu1 dotnet-apphost-pack-7.0 - 7.0.112-0ubuntu1 dotnet-host-7.0 - 7.0.112-0ubuntu1 dotnet-hostfxr-7.0 - 7.0.112-0ubuntu1 dotnet-runtime-7.0 - 7.0.112-0ubuntu1 dotnet-sdk-7.0 - 7.0.112-0ubuntu1 dotnet-sdk-7.0-source-built-artifacts - 7.0.112-0ubuntu1 dotnet-targeting-pack-7.0 - 7.0.112-0ubuntu1 dotnet-templates-7.0 - 7.0.112-0ubuntu1 dotnet7 - 7.0.112-0ubuntu1 netstandard-targeting-pack-2.1-7.0 - 7.0.112-0ubuntu1 No subscription required Medium CVE-2023-36799 CVE-2023-44487 Ubuntu 23.10 USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799](https://ubuntu.com/security/CVE-2023-36799) was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-36799) It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-44487) Update Instructions: Run `sudo pro fix USN-6438-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-6.0 - 6.0.124-0ubuntu1~23.10.1 aspnetcore-targeting-pack-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet-apphost-pack-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet-host - 6.0.124-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet-runtime-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet-sdk-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet-sdk-6.0-source-built-artifacts - 6.0.124-0ubuntu1~23.10.1 dotnet-targeting-pack-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet-templates-6.0 - 6.0.124-0ubuntu1~23.10.1 dotnet6 - 6.0.124-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1 - 6.0.124-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-7.0 - 7.0.113-0ubuntu1~23.10.1 aspnetcore-targeting-pack-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-apphost-pack-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-host-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-runtime-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-sdk-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-sdk-7.0-source-built-artifacts - 7.0.113-0ubuntu1~23.10.1 dotnet-targeting-pack-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet-templates-7.0 - 7.0.113-0ubuntu1~23.10.1 dotnet7 - 7.0.113-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-7.0 - 7.0.113-0ubuntu1~23.10.1 No subscription required Medium CVE-2023-36799 https://launchpad.net/bugs/2040207 https://launchpad.net/bugs/2040208 Ubuntu 23.10 Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6448-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsofia-sip-ua-dev - 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 libsofia-sip-ua-glib-dev - 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 libsofia-sip-ua-glib3 - 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 libsofia-sip-ua0 - 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 sofia-sip-bin - 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 sofia-sip-doc - 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 No subscription required Medium CVE-2023-32307 Ubuntu 23.10 Tony Battersby discovered that OpenSSL incorrectly handled key and initialization vector (IV) lengths. This could lead to truncation issues and result in loss of confidentiality for some symmetric cipher modes. (CVE-2023-5363) Juerg Wullschleger discovered that OpenSSL incorrectly handled the AES-SIV cipher. This could lead to empty data entries being ignored, resulting in certain applications being misled. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-2975) It was discovered that OpenSSL incorrectly handled checking excessively long DH keys or parameters. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3446, CVE-2023-3817) Update Instructions: Run `sudo pro fix USN-6450-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 3.0.10-1ubuntu2.1 libssl-doc - 3.0.10-1ubuntu2.1 libssl3 - 3.0.10-1ubuntu2.1 openssl - 3.0.10-1ubuntu2.1 No subscription required Medium CVE-2023-2975 CVE-2023-3446 CVE-2023-3817 CVE-2023-5363 Ubuntu 23.10 It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. (CVE-2023-3896) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-4733, CVE-2023-4750) It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4734) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-4735, CVE-2023-5344) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-4738) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-4751) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4752, CVE-2023-5535) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4781) It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-5441) Update Instructions: Run `sudo pro fix USN-6452-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:9.0.1672-1ubuntu2.1 vim-athena - 2:9.0.1672-1ubuntu2.1 vim-common - 2:9.0.1672-1ubuntu2.1 vim-doc - 2:9.0.1672-1ubuntu2.1 vim-gtk3 - 2:9.0.1672-1ubuntu2.1 vim-gui-common - 2:9.0.1672-1ubuntu2.1 vim-motif - 2:9.0.1672-1ubuntu2.1 vim-nox - 2:9.0.1672-1ubuntu2.1 vim-runtime - 2:9.0.1672-1ubuntu2.1 vim-tiny - 2:9.0.1672-1ubuntu2.1 xxd - 2:9.0.1672-1ubuntu2.1 No subscription required Medium CVE-2023-3896 CVE-2023-4733 CVE-2023-4734 CVE-2023-4735 CVE-2023-4738 CVE-2023-4750 CVE-2023-4751 CVE-2023-4752 CVE-2023-4781 CVE-2023-5344 CVE-2023-5441 CVE-2023-5535 Ubuntu 23.10 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5367) Sri discovered that the X.Org X Server incorrectly handled detroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5380) Update Instructions: Run `sudo pro fix USN-6453-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xnest - 2:21.1.7-3ubuntu2.1 xorg-server-source - 2:21.1.7-3ubuntu2.1 xserver-common - 2:21.1.7-3ubuntu2.1 xserver-xephyr - 2:21.1.7-3ubuntu2.1 xserver-xorg-core - 2:21.1.7-3ubuntu2.1 xserver-xorg-dev - 2:21.1.7-3ubuntu2.1 xserver-xorg-legacy - 2:21.1.7-3ubuntu2.1 xvfb - 2:21.1.7-3ubuntu2.1 No subscription required xwayland - 2:23.2.0-1ubuntu0.1 No subscription required Medium CVE-2023-5367 CVE-2023-5380 Ubuntu 23.10 Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6454-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-10-generic - 6.5.0-10.10 linux-buildinfo-6.5.0-10-generic-64k - 6.5.0-10.10 linux-cloud-tools-6.5.0-10 - 6.5.0-10.10 linux-cloud-tools-6.5.0-10-generic - 6.5.0-10.10 linux-cloud-tools-common - 6.5.0-10.10 linux-doc - 6.5.0-10.10 linux-headers-6.5.0-10 - 6.5.0-10.10 linux-headers-6.5.0-10-generic - 6.5.0-10.10 linux-headers-6.5.0-10-generic-64k - 6.5.0-10.10 linux-image-6.5.0-10-generic - 6.5.0-10.10 linux-image-6.5.0-10-generic-64k - 6.5.0-10.10 linux-image-uc-6.5.0-10-generic - 6.5.0-10.10 linux-image-uc-6.5.0-10-generic-64k - 6.5.0-10.10 linux-image-unsigned-6.5.0-10-generic - 6.5.0-10.10 linux-image-unsigned-6.5.0-10-generic-64k - 6.5.0-10.10 linux-lib-rust-6.5.0-10-generic - 6.5.0-10.10 linux-libc-dev - 6.5.0-10.10 linux-modules-6.5.0-10-generic - 6.5.0-10.10 linux-modules-6.5.0-10-generic-64k - 6.5.0-10.10 linux-modules-extra-6.5.0-10-generic - 6.5.0-10.10 linux-modules-ipu6-6.5.0-10-generic - 6.5.0-10.10 linux-modules-ivsc-6.5.0-10-generic - 6.5.0-10.10 linux-modules-iwlwifi-6.5.0-10-generic - 6.5.0-10.10 linux-source-6.5.0 - 6.5.0-10.10 linux-tools-6.5.0-10 - 6.5.0-10.10 linux-tools-6.5.0-10-generic - 6.5.0-10.10 linux-tools-6.5.0-10-generic-64k - 6.5.0-10.10 linux-tools-common - 6.5.0-10.10 linux-tools-host - 6.5.0-10.10 No subscription required linux-buildinfo-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-buildinfo-6.5.0-10-lowlatency-64k - 6.5.0-10.10.1 linux-cloud-tools-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-headers-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-headers-6.5.0-10-lowlatency-64k - 6.5.0-10.10.1 linux-image-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-image-6.5.0-10-lowlatency-64k - 6.5.0-10.10.1 linux-image-unsigned-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-image-unsigned-6.5.0-10-lowlatency-64k - 6.5.0-10.10.1 linux-lowlatency-cloud-tools-6.5.0-10 - 6.5.0-10.10.1 linux-lowlatency-cloud-tools-common - 6.5.0-10.10.1 linux-lowlatency-headers-6.5.0-10 - 6.5.0-10.10.1 linux-lowlatency-lib-rust-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-lowlatency-tools-6.5.0-10 - 6.5.0-10.10.1 linux-lowlatency-tools-common - 6.5.0-10.10.1 linux-lowlatency-tools-host - 6.5.0-10.10.1 linux-modules-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-modules-6.5.0-10-lowlatency-64k - 6.5.0-10.10.1 linux-modules-iwlwifi-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-tools-6.5.0-10-lowlatency - 6.5.0-10.10.1 linux-tools-6.5.0-10-lowlatency-64k - 6.5.0-10.10.1 No subscription required linux-cloud-tools-lowlatency - 6.5.0.10.10.10 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.10.10.10 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.10.10.10 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.10.10.10 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.10.10.10 linux-headers-lowlatency - 6.5.0.10.10.10 linux-headers-lowlatency-64k - 6.5.0.10.10.10 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.10.10.10 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.10.10.10 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.10.10.10 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.10.10.10 linux-headers-lowlatency-hwe-20.04 - 6.5.0.10.10.10 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.10.10.10 linux-headers-lowlatency-hwe-22.04 - 6.5.0.10.10.10 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.10.10.10 linux-image-lowlatency - 6.5.0.10.10.10 linux-image-lowlatency-64k - 6.5.0.10.10.10 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.10.10.10 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.10.10.10 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.10.10.10 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.10.10.10 linux-image-lowlatency-hwe-20.04 - 6.5.0.10.10.10 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.10.10.10 linux-image-lowlatency-hwe-22.04 - 6.5.0.10.10.10 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.10.10.10 linux-lowlatency - 6.5.0.10.10.10 linux-lowlatency-64k - 6.5.0.10.10.10 linux-lowlatency-64k-hwe-20.04 - 6.5.0.10.10.10 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.10.10.10 linux-lowlatency-64k-hwe-22.04 - 6.5.0.10.10.10 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.10.10.10 linux-lowlatency-hwe-20.04 - 6.5.0.10.10.10 linux-lowlatency-hwe-20.04-edge - 6.5.0.10.10.10 linux-lowlatency-hwe-22.04 - 6.5.0.10.10.10 linux-lowlatency-hwe-22.04-edge - 6.5.0.10.10.10 linux-modules-iwlwifi-lowlatency - 6.5.0.10.10.10 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.10.10.10 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.10.10.10 linux-tools-lowlatency - 6.5.0.10.10.10 linux-tools-lowlatency-64k - 6.5.0.10.10.10 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.10.10.10 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.10.10.10 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.10.10.10 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.10.10.10 linux-tools-lowlatency-hwe-20.04 - 6.5.0.10.10.10 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.10.10.10 linux-tools-lowlatency-hwe-22.04 - 6.5.0.10.10.10 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.10.10.10 No subscription required linux-cloud-tools-generic - 6.5.0.10.12 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.10.12 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.10.12 linux-cloud-tools-virtual - 6.5.0.10.12 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.10.12 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.10.12 linux-crashdump - 6.5.0.10.12 linux-generic - 6.5.0.10.12 linux-generic-64k - 6.5.0.10.12 linux-generic-64k-hwe-22.04 - 6.5.0.10.12 linux-generic-64k-hwe-22.04-edge - 6.5.0.10.12 linux-generic-hwe-22.04 - 6.5.0.10.12 linux-generic-hwe-22.04-edge - 6.5.0.10.12 linux-generic-lpae - 6.5.0.10.12 linux-headers-generic - 6.5.0.10.12 linux-headers-generic-64k - 6.5.0.10.12 linux-headers-generic-64k-hwe-22.04 - 6.5.0.10.12 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.10.12 linux-headers-generic-hwe-22.04 - 6.5.0.10.12 linux-headers-generic-hwe-22.04-edge - 6.5.0.10.12 linux-headers-generic-lpae - 6.5.0.10.12 linux-headers-kvm - 6.5.0.10.12 linux-headers-oem-22.04 - 6.5.0.10.12 linux-headers-virtual - 6.5.0.10.12 linux-headers-virtual-hwe-22.04 - 6.5.0.10.12 linux-headers-virtual-hwe-22.04-edge - 6.5.0.10.12 linux-image-extra-virtual - 6.5.0.10.12 linux-image-extra-virtual-hwe-22.04 - 6.5.0.10.12 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.10.12 linux-image-generic - 6.5.0.10.12 linux-image-generic-64k - 6.5.0.10.12 linux-image-generic-64k-hwe-22.04 - 6.5.0.10.12 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.10.12 linux-image-generic-hwe-22.04 - 6.5.0.10.12 linux-image-generic-hwe-22.04-edge - 6.5.0.10.12 linux-image-generic-lpae - 6.5.0.10.12 linux-image-kvm - 6.5.0.10.12 linux-image-oem-22.04 - 6.5.0.10.12 linux-image-uc-generic - 6.5.0.10.12 linux-image-uc-generic-hwe-22.04 - 6.5.0.10.12 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.10.12 linux-image-virtual - 6.5.0.10.12 linux-image-virtual-hwe-22.04 - 6.5.0.10.12 linux-image-virtual-hwe-22.04-edge - 6.5.0.10.12 linux-kvm - 6.5.0.10.12 linux-modules-ipu6-generic - 6.5.0.10.12 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.10.12 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.10.12 linux-modules-ipu6-oem-22.04 - 6.5.0.10.12 linux-modules-ivsc-generic - 6.5.0.10.12 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.10.12 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.10.12 linux-modules-ivsc-oem-22.04 - 6.5.0.10.12 linux-modules-iwlwifi-generic - 6.5.0.10.12 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.10.12 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.10.12 linux-modules-iwlwifi-oem-22.04 - 6.5.0.10.12 linux-oem-22.04 - 6.5.0.10.12 linux-source - 6.5.0.10.12 linux-tools-generic - 6.5.0.10.12 linux-tools-generic-64k - 6.5.0.10.12 linux-tools-generic-64k-hwe-22.04 - 6.5.0.10.12 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.10.12 linux-tools-generic-hwe-22.04 - 6.5.0.10.12 linux-tools-generic-hwe-22.04-edge - 6.5.0.10.12 linux-tools-generic-lpae - 6.5.0.10.12 linux-tools-kvm - 6.5.0.10.12 linux-tools-oem-22.04 - 6.5.0.10.12 linux-tools-virtual - 6.5.0.10.12 linux-tools-virtual-hwe-22.04 - 6.5.0.10.12 linux-tools-virtual-hwe-22.04-edge - 6.5.0.10.12 linux-virtual - 6.5.0.10.12 linux-virtual-hwe-22.04 - 6.5.0.10.12 linux-virtual-hwe-22.04-edge - 6.5.0.10.12 No subscription required High CVE-2023-42756 CVE-2023-4921 CVE-2023-5197 Ubuntu 23.10 Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6454-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1006-raspi - 6.5.0-1006.8 linux-headers-6.5.0-1006-raspi - 6.5.0-1006.8 linux-image-6.5.0-1006-raspi - 6.5.0-1006.8 linux-modules-6.5.0-1006-raspi - 6.5.0-1006.8 linux-modules-extra-6.5.0-1006-raspi - 6.5.0-1006.8 linux-raspi-headers-6.5.0-1006 - 6.5.0-1006.8 linux-raspi-tools-6.5.0-1006 - 6.5.0-1006.8 linux-tools-6.5.0-1006-raspi - 6.5.0-1006.8 No subscription required linux-azure-cloud-tools-6.5.0-1008 - 6.5.0-1008.8 linux-azure-headers-6.5.0-1008 - 6.5.0-1008.8 linux-azure-tools-6.5.0-1008 - 6.5.0-1008.8 linux-buildinfo-6.5.0-1008-azure - 6.5.0-1008.8 linux-buildinfo-6.5.0-1008-gcp - 6.5.0-1008.8 linux-cloud-tools-6.5.0-1008-azure - 6.5.0-1008.8 linux-gcp-headers-6.5.0-1008 - 6.5.0-1008.8 linux-gcp-tools-6.5.0-1008 - 6.5.0-1008.8 linux-headers-6.5.0-1008-azure - 6.5.0-1008.8 linux-headers-6.5.0-1008-gcp - 6.5.0-1008.8 linux-image-6.5.0-1008-azure - 6.5.0-1008.8 linux-image-6.5.0-1008-azure-fde - 6.5.0-1008.8 linux-image-6.5.0-1008-gcp - 6.5.0-1008.8 linux-image-unsigned-6.5.0-1008-azure - 6.5.0-1008.8 linux-image-unsigned-6.5.0-1008-gcp - 6.5.0-1008.8 linux-modules-6.5.0-1008-azure - 6.5.0-1008.8 linux-modules-6.5.0-1008-gcp - 6.5.0-1008.8 linux-modules-extra-6.5.0-1008-azure - 6.5.0-1008.8 linux-modules-extra-6.5.0-1008-gcp - 6.5.0-1008.8 linux-modules-iwlwifi-6.5.0-1008-azure - 6.5.0-1008.8 linux-modules-iwlwifi-6.5.0-1008-gcp - 6.5.0-1008.8 linux-tools-6.5.0-1008-azure - 6.5.0-1008.8 linux-tools-6.5.0-1008-gcp - 6.5.0-1008.8 No subscription required linux-aws-cloud-tools-6.5.0-1009 - 6.5.0-1009.9 linux-aws-headers-6.5.0-1009 - 6.5.0-1009.9 linux-aws-tools-6.5.0-1009 - 6.5.0-1009.9 linux-buildinfo-6.5.0-1009-aws - 6.5.0-1009.9 linux-cloud-tools-6.5.0-1009-aws - 6.5.0-1009.9 linux-headers-6.5.0-1009-aws - 6.5.0-1009.9 linux-image-6.5.0-1009-aws - 6.5.0-1009.9 linux-image-unsigned-6.5.0-1009-aws - 6.5.0-1009.9 linux-modules-6.5.0-1009-aws - 6.5.0-1009.9 linux-modules-extra-6.5.0-1009-aws - 6.5.0-1009.9 linux-tools-6.5.0-1009-aws - 6.5.0-1009.9 No subscription required linux-buildinfo-6.5.0-1011-oracle - 6.5.0-1011.11 linux-headers-6.5.0-1011-oracle - 6.5.0-1011.11 linux-image-6.5.0-1011-oracle - 6.5.0-1011.11 linux-image-unsigned-6.5.0-1011-oracle - 6.5.0-1011.11 linux-modules-6.5.0-1011-oracle - 6.5.0-1011.11 linux-modules-extra-6.5.0-1011-oracle - 6.5.0-1011.11 linux-modules-iwlwifi-6.5.0-1011-oracle - 6.5.0-1011.11 linux-oracle-headers-6.5.0-1011 - 6.5.0-1011.11 linux-oracle-tools-6.5.0-1011 - 6.5.0-1011.11 linux-tools-6.5.0-1011-oracle - 6.5.0-1011.11 No subscription required linux-headers-raspi - 6.5.0.1006.7 linux-headers-raspi-nolpae - 6.5.0.1006.7 linux-image-raspi - 6.5.0.1006.7 linux-image-raspi-nolpae - 6.5.0.1006.7 linux-modules-extra-raspi - 6.5.0.1006.7 linux-modules-extra-raspi-nolpae - 6.5.0.1006.7 linux-raspi - 6.5.0.1006.7 linux-raspi-nolpae - 6.5.0.1006.7 linux-tools-raspi - 6.5.0.1006.7 linux-tools-raspi-nolpae - 6.5.0.1006.7 No subscription required linux-azure - 6.5.0.1008.10 linux-azure-fde - 6.5.0.1008.10 linux-cloud-tools-azure - 6.5.0.1008.10 linux-headers-azure - 6.5.0.1008.10 linux-image-azure - 6.5.0.1008.10 linux-image-azure-fde - 6.5.0.1008.10 linux-modules-extra-azure - 6.5.0.1008.10 linux-modules-iwlwifi-azure - 6.5.0.1008.10 linux-tools-azure - 6.5.0.1008.10 No subscription required linux-gcp - 6.5.0.1008.8 linux-headers-gcp - 6.5.0.1008.8 linux-image-gcp - 6.5.0.1008.8 linux-modules-extra-gcp - 6.5.0.1008.8 linux-modules-iwlwifi-gcp - 6.5.0.1008.8 linux-tools-gcp - 6.5.0.1008.8 No subscription required linux-aws - 6.5.0.1009.9 linux-headers-aws - 6.5.0.1009.9 linux-image-aws - 6.5.0.1009.9 linux-modules-extra-aws - 6.5.0.1009.9 linux-tools-aws - 6.5.0.1009.9 No subscription required linux-headers-oracle - 6.5.0.1011.11 linux-image-oracle - 6.5.0.1011.11 linux-modules-iwlwifi-oracle - 6.5.0.1011.11 linux-oracle - 6.5.0.1011.11 linux-tools-oracle - 6.5.0.1011.11 No subscription required High CVE-2023-42756 CVE-2023-4921 CVE-2023-5197 Ubuntu 23.10 Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6454-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1005-laptop - 6.5.0-1005.8 linux-headers-6.5.0-1005-laptop - 6.5.0-1005.8 linux-image-6.5.0-1005-laptop - 6.5.0-1005.8 linux-laptop-headers-6.5.0-1005 - 6.5.0-1005.8 linux-laptop-tools-6.5.0-1005 - 6.5.0-1005.8 linux-laptop-tools-common - 6.5.0-1005.8 linux-laptop-tools-host - 6.5.0-1005.8 linux-modules-6.5.0-1005-laptop - 6.5.0-1005.8 linux-tools-6.5.0-1005-laptop - 6.5.0-1005.8 No subscription required linux-headers-laptop-23.10 - 6.5.0.1005.8 linux-image-laptop-23.10 - 6.5.0.1005.8 linux-laptop-23.10 - 6.5.0.1005.8 linux-tools-laptop-23.10 - 6.5.0.1005.8 No subscription required High CVE-2023-42756 CVE-2023-4921 CVE-2023-5197 Ubuntu 23.10 Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6454-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1003-starfive - 6.5.0-1003.4 linux-headers-6.5.0-1003-starfive - 6.5.0-1003.4 linux-image-6.5.0-1003-starfive - 6.5.0-1003.4 linux-modules-6.5.0-1003-starfive - 6.5.0-1003.4 linux-modules-extra-6.5.0-1003-starfive - 6.5.0-1003.4 linux-starfive-headers-6.5.0-1003 - 6.5.0-1003.4 linux-starfive-tools-6.5.0-1003 - 6.5.0-1003.4 linux-tools-6.5.0-1003-starfive - 6.5.0-1003.4 No subscription required linux-headers-starfive - 6.5.0.1003.5 linux-image-starfive - 6.5.0.1003.5 linux-starfive - 6.5.0.1003.5 linux-tools-starfive - 6.5.0.1003.5 No subscription required High CVE-2023-42756 CVE-2023-4921 CVE-2023-5197 Ubuntu 23.10 It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-42117) It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-42119) Update Instructions: Run `sudo pro fix USN-6455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.96-17ubuntu2.1 exim4-base - 4.96-17ubuntu2.1 exim4-config - 4.96-17ubuntu2.1 exim4-daemon-heavy - 4.96-17ubuntu2.1 exim4-daemon-light - 4.96-17ubuntu2.1 exim4-dev - 4.96-17ubuntu2.1 eximon4 - 4.96-17ubuntu2.1 No subscription required Medium CVE-2023-42117 CVE-2023-42119 Ubuntu 23.10 Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-35.html https://www.oracle.com/security-alerts/cpuoct2023.html Update Instructions: Run `sudo pro fix USN-6459-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.35-0ubuntu0.23.10.1 libmysqlclient21 - 8.0.35-0ubuntu0.23.10.1 mysql-client - 8.0.35-0ubuntu0.23.10.1 mysql-client-8.0 - 8.0.35-0ubuntu0.23.10.1 mysql-client-core-8.0 - 8.0.35-0ubuntu0.23.10.1 mysql-router - 8.0.35-0ubuntu0.23.10.1 mysql-server - 8.0.35-0ubuntu0.23.10.1 mysql-server-8.0 - 8.0.35-0ubuntu0.23.10.1 mysql-server-core-8.0 - 8.0.35-0ubuntu0.23.10.1 mysql-source-8.0 - 8.0.35-0ubuntu0.23.10.1 mysql-testsuite - 8.0.35-0ubuntu0.23.10.1 mysql-testsuite-8.0 - 8.0.35-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-22032 CVE-2023-22059 CVE-2023-22064 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22112 CVE-2023-22114 Ubuntu 23.10 It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. (CVE-2023-34058) Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. (CVE-2023-34059) Update Instructions: Run `sudo pro fix USN-6463-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:12.3.0-1ubuntu0.1 open-vm-tools-containerinfo - 2:12.3.0-1ubuntu0.1 open-vm-tools-desktop - 2:12.3.0-1ubuntu0.1 open-vm-tools-dev - 2:12.3.0-1ubuntu0.1 open-vm-tools-salt-minion - 2:12.3.0-1ubuntu0.1 open-vm-tools-sdmp - 2:12.3.0-1ubuntu0.1 No subscription required Medium CVE-2023-34058 CVE-2023-34059 Ubuntu 23.10 Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-5724, CVE-2023-5728, CVE-2023-5730, CVE-2023-5732) Kelsey Gilbert discovered that Thunderbird did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Shaheen Fazim discovered that Thunderbird did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-dev - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-gnome-support - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-af - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ar - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ast - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-be - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bg - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bn - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bn-bd - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-br - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ca - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cak - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cs - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cy - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-da - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-de - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-dsb - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-el - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en-gb - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en-us - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es-ar - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es-es - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-et - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-eu - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fa - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fi - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fr - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fy - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fy-nl - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ga - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ga-ie - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-gd - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-gl - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-he - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hr - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hsb - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hu - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hy - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-id - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-is - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-it - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ja - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ka - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-kab - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-kk - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ko - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-lt - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-lv - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-mk - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ms - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nb - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nb-no - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nl - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nn - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nn-no - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pa - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pa-in - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pl - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-br - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-pt - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-rm - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ro - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ru - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-si - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sk - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sl - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sq - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sr - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sv - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sv-se - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ta - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ta-lk - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-th - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-tr - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-uk - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-uz - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-vi - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-cn - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hans - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hant - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-tw - 1:115.4.1+build1-0ubuntu0.23.10.1 thunderbird-mozsymbols - 1:115.4.1+build1-0ubuntu0.23.10.1 xul-ext-calendar-timezones - 1:115.4.1+build1-0ubuntu0.23.10.1 xul-ext-gdata-provider - 1:115.4.1+build1-0ubuntu0.23.10.1 xul-ext-lightning - 1:115.4.1+build1-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-5721 CVE-2023-5732 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5730 Ubuntu 23.10 It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-40743) Update Instructions: Run `sudo pro fix USN-6470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaxis-java - 1.4-28+deb10u1build0.23.10.1 libaxis-java-doc - 1.4-28+deb10u1build0.23.10.1 No subscription required Medium CVE-2023-40743 Ubuntu 23.10 It was discovered that libsndfile contained multiple arithmetic overflows. If a user or automated system were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6471-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsndfile1 - 1.2.2-1ubuntu0.23.10.1 libsndfile1-dev - 1.2.2-1ubuntu0.23.10.1 sndfile-programs - 1.2.2-1ubuntu0.23.10.1 No subscription required Medium CVE-2022-33065 Ubuntu 23.10 It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091) It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-43804) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-45803) Update Instructions: Run `sudo pro fix USN-6473-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.26.16-1ubuntu0.1 No subscription required Medium CVE-2018-25091 CVE-2023-43804 CVE-2023-45803 Ubuntu 23.10 USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091) It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-43804) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-45803) Update Instructions: Run `sudo pro fix USN-6473-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pip - 23.2+dfsg-1ubuntu0.1 python3-pip-whl - 23.2+dfsg-1ubuntu0.1 No subscription required Medium CVE-2018-25091 CVE-2023-43804 CVE-2023-45803 Ubuntu 23.10 It was discovered that Memcached incorrectly handled certain multiget requests in proxy mode. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-46852) It was discovered that Memcached incorrectly handled certain proxy requests in proxy mode. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-46853) Update Instructions: Run `sudo pro fix USN-6476-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: memcached - 1.6.21-1ubuntu0.23.10.1 No subscription required Medium CVE-2023-46852 CVE-2023-46853 Ubuntu 23.10 It was discovered that the procps-ng ps tool incorrectly handled memory. An attacker could possibly use this issue to cause procps-ng to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6477-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libproc2-0 - 2:4.0.3-1ubuntu1.23.10.1 libproc2-dev - 2:4.0.3-1ubuntu1.23.10.1 procps - 2:4.0.3-1ubuntu1.23.10.1 No subscription required Low CVE-2023-4016 Ubuntu 23.10 Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. (CVE-2023-36558) Piotr Bazydlo discovered that .NET did not properly handle untrusted URIs provided to System.Net.WebRequest.Create. An attacker could possibly use this issue to inject arbitrary commands to backend FTP servers. (CVE-2023-36049) Update Instructions: Run `sudo pro fix USN-6480-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-6.0 - 6.0.125-0ubuntu1~23.10.1 aspnetcore-targeting-pack-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet-apphost-pack-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet-host - 6.0.125-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet-runtime-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet-sdk-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet-sdk-6.0-source-built-artifacts - 6.0.125-0ubuntu1~23.10.1 dotnet-targeting-pack-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet-templates-6.0 - 6.0.125-0ubuntu1~23.10.1 dotnet6 - 6.0.125-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1 - 6.0.125-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-7.0 - 7.0.114-0ubuntu1~23.10.1 aspnetcore-targeting-pack-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-apphost-pack-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-host-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-runtime-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-sdk-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-sdk-7.0-source-built-artifacts - 7.0.114-0ubuntu1~23.10.1 dotnet-targeting-pack-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet-templates-7.0 - 7.0.114-0ubuntu1~23.10.1 dotnet7 - 7.0.114-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-7.0 - 7.0.114-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-8.0 - 8.0.0-0ubuntu1~23.10.1 aspnetcore-targeting-pack-8.0 - 8.0.0-0ubuntu1~23.10.1 dotnet-apphost-pack-8.0 - 8.0.0-0ubuntu1~23.10.1 dotnet-host-8.0 - 8.0.0-0ubuntu1~23.10.1 dotnet-hostfxr-8.0 - 8.0.0-0ubuntu1~23.10.1 dotnet-runtime-8.0 - 8.0.0-0ubuntu1~23.10.1 dotnet-targeting-pack-8.0 - 8.0.0-0ubuntu1~23.10.1 No subscription required dotnet-sdk-8.0 - 8.0.100-0ubuntu1~23.10.1 dotnet-sdk-8.0-source-built-artifacts - 8.0.100-0ubuntu1~23.10.1 dotnet-templates-8.0 - 8.0.100-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-8.0 - 8.0.100-0ubuntu1~23.10.1 No subscription required dotnet8 - 8.0.100-8.0.0-0ubuntu1~23.10.1 No subscription required Medium CVE-2023-36049 CVE-2023-36558 Ubuntu 23.10 It was discovered that FRR incorrectly handled certain malformed NLRI data. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. (CVE-2023-46752) It was discovered that FRR incorrectly handled certain BGP UPDATE messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. (CVE-2023-46753) Update Instructions: Run `sudo pro fix USN-6481-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr - 8.4.4-1.1ubuntu1.1 frr-doc - 8.4.4-1.1ubuntu1.1 frr-pythontools - 8.4.4-1.1ubuntu1.1 frr-rpki-rtrlib - 8.4.4-1.1ubuntu1.1 frr-snmp - 8.4.4-1.1ubuntu1.1 No subscription required Medium CVE-2023-46752 CVE-2023-46753 Ubuntu 23.10 Neeraj Pal discovered that HTML Tidy incorrectly handled parsing certain HTML data. If a user or automated system were tricked into parsing specially crafted HTML data, a remote attacker could cause HTML Tidy to consume resources, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtidy-dev - 2:5.6.0-11ubuntu0.23.10.1 libtidy5deb1 - 2:5.6.0-11ubuntu0.23.10.1 tidy - 2:5.6.0-11ubuntu0.23.10.1 No subscription required Medium CVE-2021-33391 Ubuntu 23.10 It was discovered that OpenVPN incorrectly handled the --fragment option in certain configurations. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. (CVE-2023-46849) It was discovered that OpenVPN incorrectly handled certain memory operations. A remote attacker could use this issue to cause OpenVPN to crash, obtain sensitive information, or possibly execute arbitrary code. (CVE-2023-46850) Update Instructions: Run `sudo pro fix USN-6484-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvpn - 2.6.5-0ubuntu1.1 No subscription required Medium CVE-2023-46849 CVE-2023-46850 Ubuntu 23.10 Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel(R) Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang (resulting in a denial of service), gain access to sensitive information or possibly escalate their privileges. Update Instructions: Run `sudo pro fix USN-6485-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20231114.0ubuntu0.23.10.1 No subscription required High CVE-2023-23583 Ubuntu 23.10 It was discovered that iniParser incorrectly handled certain files. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-6486-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libiniparser-dev - 4.1-6ubuntu0.23.10.1 libiniparser-doc - 4.1-6ubuntu0.23.10.1 libiniparser1 - 4.1-6ubuntu0.23.10.1 No subscription required Medium CVE-2023-33461 Ubuntu 23.10 Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473) Update Instructions: Run `sudo pro fix USN-6487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: avahi-autoipd - 0.8-10ubuntu1.1 avahi-daemon - 0.8-10ubuntu1.1 avahi-discover - 0.8-10ubuntu1.1 avahi-dnsconfd - 0.8-10ubuntu1.1 avahi-ui-utils - 0.8-10ubuntu1.1 avahi-utils - 0.8-10ubuntu1.1 gir1.2-avahi-0.6 - 0.8-10ubuntu1.1 libavahi-client-dev - 0.8-10ubuntu1.1 libavahi-client3 - 0.8-10ubuntu1.1 libavahi-common-data - 0.8-10ubuntu1.1 libavahi-common-dev - 0.8-10ubuntu1.1 libavahi-common3 - 0.8-10ubuntu1.1 libavahi-compat-libdnssd-dev - 0.8-10ubuntu1.1 libavahi-compat-libdnssd1 - 0.8-10ubuntu1.1 libavahi-core-dev - 0.8-10ubuntu1.1 libavahi-core7 - 0.8-10ubuntu1.1 libavahi-glib-dev - 0.8-10ubuntu1.1 libavahi-glib1 - 0.8-10ubuntu1.1 libavahi-gobject-dev - 0.8-10ubuntu1.1 libavahi-gobject0 - 0.8-10ubuntu1.1 libavahi-ui-gtk3-0 - 0.8-10ubuntu1.1 libavahi-ui-gtk3-dev - 0.8-10ubuntu1.1 python3-avahi - 0.8-10ubuntu1.1 No subscription required Medium CVE-2023-38469 CVE-2023-38470 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 Ubuntu 23.10 Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: charon-cmd - 5.9.11-1ubuntu1.1 charon-systemd - 5.9.11-1ubuntu1.1 libcharon-extauth-plugins - 5.9.11-1ubuntu1.1 libcharon-extra-plugins - 5.9.11-1ubuntu1.1 libstrongswan - 5.9.11-1ubuntu1.1 libstrongswan-extra-plugins - 5.9.11-1ubuntu1.1 libstrongswan-standard-plugins - 5.9.11-1ubuntu1.1 strongswan - 5.9.11-1ubuntu1.1 strongswan-charon - 5.9.11-1ubuntu1.1 strongswan-libcharon - 5.9.11-1ubuntu1.1 strongswan-nm - 5.9.11-1ubuntu1.1 strongswan-pki - 5.9.11-1ubuntu1.1 strongswan-starter - 5.9.11-1ubuntu1.1 strongswan-swanctl - 5.9.11-1ubuntu1.1 No subscription required Medium CVE-2023-41913 Ubuntu 23.10 Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6490-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.42.2-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-4.1 - 2.42.2-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-6.0 - 2.42.2-0ubuntu0.23.10.1 gir1.2-webkit-6.0 - 2.42.2-0ubuntu0.23.10.1 gir1.2-webkit2-4.0 - 2.42.2-0ubuntu0.23.10.1 gir1.2-webkit2-4.1 - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-18 - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-bin - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-dev - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-0 - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-dev - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-1 - 2.42.2-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-dev - 2.42.2-0ubuntu0.23.10.1 libwebkit2gtk-4.0-37 - 2.42.2-0ubuntu0.23.10.1 libwebkit2gtk-4.0-dev - 2.42.2-0ubuntu0.23.10.1 libwebkit2gtk-4.0-doc - 2.42.2-0ubuntu0.23.10.1 libwebkit2gtk-4.1-0 - 2.42.2-0ubuntu0.23.10.1 libwebkit2gtk-4.1-dev - 2.42.2-0ubuntu0.23.10.1 libwebkitgtk-6.0-4 - 2.42.2-0ubuntu0.23.10.1 libwebkitgtk-6.0-dev - 2.42.2-0ubuntu0.23.10.1 webkit2gtk-driver - 2.42.2-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-41983 CVE-2023-42852 Ubuntu 23.10 On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured. Update Instructions: Run `sudo pro fix USN-6493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hibagent - 1.0.1+git20230216.9ac1209f7-0ubuntu1.23.10.1 No subscription required None https://launchpad.net/bugs/2043739 Ubuntu 23.10 It was discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6498-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr - 8.4.4-1.1ubuntu1.2 frr-doc - 8.4.4-1.1ubuntu1.2 frr-pythontools - 8.4.4-1.1ubuntu1.2 frr-rpki-rtrlib - 8.4.4-1.1ubuntu1.2 frr-snmp - 8.4.4-1.1ubuntu1.2 No subscription required Medium CVE-2023-38406 CVE-2023-38407 CVE-2023-47234 CVE-2023-47235 Ubuntu 23.10 It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-6499-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.8.1-4ubuntu1.1 gnutls-doc - 3.8.1-4ubuntu1.1 libgnutls-dane0 - 3.8.1-4ubuntu1.1 libgnutls-openssl27 - 3.8.1-4ubuntu1.1 libgnutls28-dev - 3.8.1-4ubuntu1.1 libgnutls30 - 3.8.1-4ubuntu1.1 No subscription required Medium CVE-2023-5981 Ubuntu 23.10 Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-46724) Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-46728) Keran Mu and Jianjun Chen discovered that Squid incorrectly handled the chunked decoder. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. (CVE-2023-46846) Joshua Rogers discovered that Squid incorrectly handled HTTP Digest Authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46847) Joshua Rogers discovered that Squid incorrectly handled certain FTP urls. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46848) Update Instructions: Run `sudo pro fix USN-6500-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 6.1-2ubuntu1.1 squid-cgi - 6.1-2ubuntu1.1 squid-common - 6.1-2ubuntu1.1 squid-openssl - 6.1-2ubuntu1.1 squid-purge - 6.1-2ubuntu1.1 squidclient - 6.1-2ubuntu1.1 No subscription required Medium CVE-2023-46724 CVE-2023-46728 CVE-2023-46846 CVE-2023-46847 CVE-2023-46848 Ubuntu 23.10 It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6501-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.12.1-1ubuntu0.1 No subscription required Medium CVE-2023-46118 Ubuntu 23.10 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service (host kernel crash). (CVE-2023-5090) It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5345) Murray McAllister discovered that the VMware Virtual GPU DRM driver in the Linux kernel did not properly handle memory objects when storing surfaces, leading to a use-after-free vulnerability. A local attacker in a guest VM could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5633) Update Instructions: Run `sudo pro fix USN-6503-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1004-starfive - 6.5.0-1004.5 linux-headers-6.5.0-1004-starfive - 6.5.0-1004.5 linux-image-6.5.0-1004-starfive - 6.5.0-1004.5 linux-modules-6.5.0-1004-starfive - 6.5.0-1004.5 linux-modules-extra-6.5.0-1004-starfive - 6.5.0-1004.5 linux-starfive-headers-6.5.0-1004 - 6.5.0-1004.5 linux-starfive-tools-6.5.0-1004 - 6.5.0-1004.5 linux-tools-6.5.0-1004-starfive - 6.5.0-1004.5 No subscription required linux-buildinfo-6.5.0-1006-laptop - 6.5.0-1006.9 linux-headers-6.5.0-1006-laptop - 6.5.0-1006.9 linux-image-6.5.0-1006-laptop - 6.5.0-1006.9 linux-laptop-headers-6.5.0-1006 - 6.5.0-1006.9 linux-laptop-tools-6.5.0-1006 - 6.5.0-1006.9 linux-laptop-tools-common - 6.5.0-1006.9 linux-laptop-tools-host - 6.5.0-1006.9 linux-modules-6.5.0-1006-laptop - 6.5.0-1006.9 linux-tools-6.5.0-1006-laptop - 6.5.0-1006.9 No subscription required linux-buildinfo-6.5.0-1007-raspi - 6.5.0-1007.9 linux-headers-6.5.0-1007-raspi - 6.5.0-1007.9 linux-image-6.5.0-1007-raspi - 6.5.0-1007.9 linux-modules-6.5.0-1007-raspi - 6.5.0-1007.9 linux-modules-extra-6.5.0-1007-raspi - 6.5.0-1007.9 linux-raspi-headers-6.5.0-1007 - 6.5.0-1007.9 linux-raspi-tools-6.5.0-1007 - 6.5.0-1007.9 linux-tools-6.5.0-1007-raspi - 6.5.0-1007.9 No subscription required linux-aws-cloud-tools-6.5.0-1010 - 6.5.0-1010.10 linux-aws-headers-6.5.0-1010 - 6.5.0-1010.10 linux-aws-tools-6.5.0-1010 - 6.5.0-1010.10 linux-buildinfo-6.5.0-1010-aws - 6.5.0-1010.10 linux-cloud-tools-6.5.0-1010-aws - 6.5.0-1010.10 linux-headers-6.5.0-1010-aws - 6.5.0-1010.10 linux-image-6.5.0-1010-aws - 6.5.0-1010.10 linux-image-unsigned-6.5.0-1010-aws - 6.5.0-1010.10 linux-modules-6.5.0-1010-aws - 6.5.0-1010.10 linux-modules-extra-6.5.0-1010-aws - 6.5.0-1010.10 linux-tools-6.5.0-1010-aws - 6.5.0-1010.10 No subscription required linux-buildinfo-6.5.0-1012-oracle - 6.5.0-1012.12 linux-headers-6.5.0-1012-oracle - 6.5.0-1012.12 linux-image-6.5.0-1012-oracle - 6.5.0-1012.12 linux-image-unsigned-6.5.0-1012-oracle - 6.5.0-1012.12 linux-modules-6.5.0-1012-oracle - 6.5.0-1012.12 linux-modules-extra-6.5.0-1012-oracle - 6.5.0-1012.12 linux-modules-iwlwifi-6.5.0-1012-oracle - 6.5.0-1012.12 linux-oracle-headers-6.5.0-1012 - 6.5.0-1012.12 linux-oracle-tools-6.5.0-1012 - 6.5.0-1012.12 linux-tools-6.5.0-1012-oracle - 6.5.0-1012.12 No subscription required linux-buildinfo-6.5.0-13-generic - 6.5.0-13.13 linux-buildinfo-6.5.0-13-generic-64k - 6.5.0-13.13 linux-cloud-tools-6.5.0-13 - 6.5.0-13.13 linux-cloud-tools-6.5.0-13-generic - 6.5.0-13.13 linux-cloud-tools-common - 6.5.0-13.13 linux-doc - 6.5.0-13.13 linux-headers-6.5.0-13 - 6.5.0-13.13 linux-headers-6.5.0-13-generic - 6.5.0-13.13 linux-headers-6.5.0-13-generic-64k - 6.5.0-13.13 linux-image-6.5.0-13-generic - 6.5.0-13.13 linux-image-6.5.0-13-generic-64k - 6.5.0-13.13 linux-image-uc-6.5.0-13-generic - 6.5.0-13.13 linux-image-uc-6.5.0-13-generic-64k - 6.5.0-13.13 linux-image-unsigned-6.5.0-13-generic - 6.5.0-13.13 linux-image-unsigned-6.5.0-13-generic-64k - 6.5.0-13.13 linux-lib-rust-6.5.0-13-generic - 6.5.0-13.13 linux-libc-dev - 6.5.0-13.13 linux-modules-6.5.0-13-generic - 6.5.0-13.13 linux-modules-6.5.0-13-generic-64k - 6.5.0-13.13 linux-modules-extra-6.5.0-13-generic - 6.5.0-13.13 linux-modules-ipu6-6.5.0-13-generic - 6.5.0-13.13 linux-modules-ivsc-6.5.0-13-generic - 6.5.0-13.13 linux-modules-iwlwifi-6.5.0-13-generic - 6.5.0-13.13 linux-source-6.5.0 - 6.5.0-13.13 linux-tools-6.5.0-13 - 6.5.0-13.13 linux-tools-6.5.0-13-generic - 6.5.0-13.13 linux-tools-6.5.0-13-generic-64k - 6.5.0-13.13 linux-tools-common - 6.5.0-13.13 linux-tools-host - 6.5.0-13.13 No subscription required linux-buildinfo-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-buildinfo-6.5.0-13-lowlatency-64k - 6.5.0-13.13.1 linux-cloud-tools-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-headers-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-headers-6.5.0-13-lowlatency-64k - 6.5.0-13.13.1 linux-image-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-image-6.5.0-13-lowlatency-64k - 6.5.0-13.13.1 linux-image-unsigned-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-image-unsigned-6.5.0-13-lowlatency-64k - 6.5.0-13.13.1 linux-lowlatency-cloud-tools-6.5.0-13 - 6.5.0-13.13.1 linux-lowlatency-cloud-tools-common - 6.5.0-13.13.1 linux-lowlatency-headers-6.5.0-13 - 6.5.0-13.13.1 linux-lowlatency-lib-rust-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-lowlatency-tools-6.5.0-13 - 6.5.0-13.13.1 linux-lowlatency-tools-common - 6.5.0-13.13.1 linux-lowlatency-tools-host - 6.5.0-13.13.1 linux-modules-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-modules-6.5.0-13-lowlatency-64k - 6.5.0-13.13.1 linux-modules-iwlwifi-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-tools-6.5.0-13-lowlatency - 6.5.0-13.13.1 linux-tools-6.5.0-13-lowlatency-64k - 6.5.0-13.13.1 No subscription required linux-headers-starfive - 6.5.0.1004.6 linux-image-starfive - 6.5.0.1004.6 linux-starfive - 6.5.0.1004.6 linux-tools-starfive - 6.5.0.1004.6 No subscription required linux-headers-laptop-23.10 - 6.5.0.1006.9 linux-image-laptop-23.10 - 6.5.0.1006.9 linux-laptop-23.10 - 6.5.0.1006.9 linux-tools-laptop-23.10 - 6.5.0.1006.9 No subscription required linux-headers-raspi - 6.5.0.1007.8 linux-headers-raspi-nolpae - 6.5.0.1007.8 linux-image-raspi - 6.5.0.1007.8 linux-image-raspi-nolpae - 6.5.0.1007.8 linux-modules-extra-raspi - 6.5.0.1007.8 linux-modules-extra-raspi-nolpae - 6.5.0.1007.8 linux-raspi - 6.5.0.1007.8 linux-raspi-nolpae - 6.5.0.1007.8 linux-tools-raspi - 6.5.0.1007.8 linux-tools-raspi-nolpae - 6.5.0.1007.8 No subscription required linux-aws - 6.5.0.1010.10 linux-headers-aws - 6.5.0.1010.10 linux-image-aws - 6.5.0.1010.10 linux-modules-extra-aws - 6.5.0.1010.10 linux-tools-aws - 6.5.0.1010.10 No subscription required linux-headers-oracle - 6.5.0.1012.12 linux-image-oracle - 6.5.0.1012.12 linux-modules-iwlwifi-oracle - 6.5.0.1012.12 linux-oracle - 6.5.0.1012.12 linux-tools-oracle - 6.5.0.1012.12 No subscription required linux-cloud-tools-lowlatency - 6.5.0.13.13.11 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.13.13.11 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.13.13.11 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.13.13.11 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.13.13.11 linux-headers-lowlatency - 6.5.0.13.13.11 linux-headers-lowlatency-64k - 6.5.0.13.13.11 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.13.13.11 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.13.13.11 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.13.13.11 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.13.13.11 linux-headers-lowlatency-hwe-20.04 - 6.5.0.13.13.11 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.13.13.11 linux-headers-lowlatency-hwe-22.04 - 6.5.0.13.13.11 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.13.13.11 linux-image-lowlatency - 6.5.0.13.13.11 linux-image-lowlatency-64k - 6.5.0.13.13.11 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.13.13.11 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.13.13.11 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.13.13.11 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.13.13.11 linux-image-lowlatency-hwe-20.04 - 6.5.0.13.13.11 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.13.13.11 linux-image-lowlatency-hwe-22.04 - 6.5.0.13.13.11 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.13.13.11 linux-lowlatency - 6.5.0.13.13.11 linux-lowlatency-64k - 6.5.0.13.13.11 linux-lowlatency-64k-hwe-20.04 - 6.5.0.13.13.11 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.13.13.11 linux-lowlatency-64k-hwe-22.04 - 6.5.0.13.13.11 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.13.13.11 linux-lowlatency-hwe-20.04 - 6.5.0.13.13.11 linux-lowlatency-hwe-20.04-edge - 6.5.0.13.13.11 linux-lowlatency-hwe-22.04 - 6.5.0.13.13.11 linux-lowlatency-hwe-22.04-edge - 6.5.0.13.13.11 linux-modules-iwlwifi-lowlatency - 6.5.0.13.13.11 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.13.13.11 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.13.13.11 linux-tools-lowlatency - 6.5.0.13.13.11 linux-tools-lowlatency-64k - 6.5.0.13.13.11 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.13.13.11 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.13.13.11 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.13.13.11 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.13.13.11 linux-tools-lowlatency-hwe-20.04 - 6.5.0.13.13.11 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.13.13.11 linux-tools-lowlatency-hwe-22.04 - 6.5.0.13.13.11 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.13.13.11 No subscription required linux-cloud-tools-generic - 6.5.0.13.15 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.13.15 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.13.15 linux-cloud-tools-virtual - 6.5.0.13.15 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.13.15 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.13.15 linux-crashdump - 6.5.0.13.15 linux-generic - 6.5.0.13.15 linux-generic-64k - 6.5.0.13.15 linux-generic-64k-hwe-22.04 - 6.5.0.13.15 linux-generic-64k-hwe-22.04-edge - 6.5.0.13.15 linux-generic-hwe-22.04 - 6.5.0.13.15 linux-generic-hwe-22.04-edge - 6.5.0.13.15 linux-generic-lpae - 6.5.0.13.15 linux-headers-generic - 6.5.0.13.15 linux-headers-generic-64k - 6.5.0.13.15 linux-headers-generic-64k-hwe-22.04 - 6.5.0.13.15 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.13.15 linux-headers-generic-hwe-22.04 - 6.5.0.13.15 linux-headers-generic-hwe-22.04-edge - 6.5.0.13.15 linux-headers-generic-lpae - 6.5.0.13.15 linux-headers-kvm - 6.5.0.13.15 linux-headers-oem-22.04 - 6.5.0.13.15 linux-headers-virtual - 6.5.0.13.15 linux-headers-virtual-hwe-22.04 - 6.5.0.13.15 linux-headers-virtual-hwe-22.04-edge - 6.5.0.13.15 linux-image-extra-virtual - 6.5.0.13.15 linux-image-extra-virtual-hwe-22.04 - 6.5.0.13.15 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.13.15 linux-image-generic - 6.5.0.13.15 linux-image-generic-64k - 6.5.0.13.15 linux-image-generic-64k-hwe-22.04 - 6.5.0.13.15 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.13.15 linux-image-generic-hwe-22.04 - 6.5.0.13.15 linux-image-generic-hwe-22.04-edge - 6.5.0.13.15 linux-image-generic-lpae - 6.5.0.13.15 linux-image-kvm - 6.5.0.13.15 linux-image-oem-22.04 - 6.5.0.13.15 linux-image-uc-generic - 6.5.0.13.15 linux-image-uc-generic-hwe-22.04 - 6.5.0.13.15 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.13.15 linux-image-virtual - 6.5.0.13.15 linux-image-virtual-hwe-22.04 - 6.5.0.13.15 linux-image-virtual-hwe-22.04-edge - 6.5.0.13.15 linux-kvm - 6.5.0.13.15 linux-modules-ipu6-generic - 6.5.0.13.15 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.13.15 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.13.15 linux-modules-ipu6-oem-22.04 - 6.5.0.13.15 linux-modules-ivsc-generic - 6.5.0.13.15 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.13.15 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.13.15 linux-modules-ivsc-oem-22.04 - 6.5.0.13.15 linux-modules-iwlwifi-generic - 6.5.0.13.15 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.13.15 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.13.15 linux-modules-iwlwifi-oem-22.04 - 6.5.0.13.15 linux-oem-22.04 - 6.5.0.13.15 linux-source - 6.5.0.13.15 linux-tools-generic - 6.5.0.13.15 linux-tools-generic-64k - 6.5.0.13.15 linux-tools-generic-64k-hwe-22.04 - 6.5.0.13.15 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.13.15 linux-tools-generic-hwe-22.04 - 6.5.0.13.15 linux-tools-generic-hwe-22.04-edge - 6.5.0.13.15 linux-tools-generic-lpae - 6.5.0.13.15 linux-tools-kvm - 6.5.0.13.15 linux-tools-oem-22.04 - 6.5.0.13.15 linux-tools-virtual - 6.5.0.13.15 linux-tools-virtual-hwe-22.04 - 6.5.0.13.15 linux-tools-virtual-hwe-22.04-edge - 6.5.0.13.15 linux-virtual - 6.5.0.13.15 linux-virtual-hwe-22.04 - 6.5.0.13.15 linux-virtual-hwe-22.04-edge - 6.5.0.13.15 No subscription required High CVE-2023-31085 CVE-2023-4244 CVE-2023-5090 CVE-2023-5345 CVE-2023-5633 Ubuntu 23.10 It was discovered that tracker-miners incorrectly handled sandboxing. If a second security issue was discovered in tracker-miners, an attacker could possibly use this issue in combination with it to escape the sandbox. Update Instructions: Run `sudo pro fix USN-6504-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tracker-extract - 3.4.6-0ubuntu0.23.10.1 tracker-miner-fs - 3.4.6-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-5557 Ubuntu 23.10 It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6505-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.55.1-1ubuntu0.1 libnghttp2-dev - 1.55.1-1ubuntu0.1 libnghttp2-doc - 1.55.1-1ubuntu0.1 nghttp2 - 1.55.1-1ubuntu0.1 nghttp2-client - 1.55.1-1ubuntu0.1 nghttp2-proxy - 1.55.1-1ubuntu0.1 nghttp2-server - 1.55.1-1ubuntu0.1 No subscription required Medium CVE-2023-44487 Ubuntu 23.10 David Shoon discovered that the Apache HTTP Server mod_macro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2023-31122) Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and Choongin Lee discovered that the Apache HTTP Server incorrectly handled certain HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-43622) Will Dormann and David Warren discovered that the Apache HTTP Server incorrectly handled memory when handling HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2023-45802) Update Instructions: Run `sudo pro fix USN-6506-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.57-2ubuntu2.1 apache2-bin - 2.4.57-2ubuntu2.1 apache2-data - 2.4.57-2ubuntu2.1 apache2-dev - 2.4.57-2ubuntu2.1 apache2-doc - 2.4.57-2ubuntu2.1 apache2-ssl-dev - 2.4.57-2ubuntu2.1 apache2-suexec-custom - 2.4.57-2ubuntu2.1 apache2-suexec-pristine - 2.4.57-2ubuntu2.1 apache2-utils - 2.4.57-2ubuntu2.1 libapache2-mod-md - 2.4.57-2ubuntu2.1 libapache2-mod-proxy-uwsgi - 2.4.57-2ubuntu2.1 No subscription required Medium CVE-2023-31122 CVE-2023-43622 CVE-2023-45802 Ubuntu 23.10 It was discovered that GlusterFS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GlusterFS to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6507-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glusterfs-cli - 10.3-5ubuntu0.1 glusterfs-client - 10.3-5ubuntu0.1 glusterfs-common - 10.3-5ubuntu0.1 glusterfs-server - 10.3-5ubuntu0.1 libgfapi0 - 10.3-5ubuntu0.1 libgfchangelog0 - 10.3-5ubuntu0.1 libgfrpc0 - 10.3-5ubuntu0.1 libgfxdr0 - 10.3-5ubuntu0.1 libglusterd0 - 10.3-5ubuntu0.1 libglusterfs-dev - 10.3-5ubuntu0.1 libglusterfs0 - 10.3-5ubuntu0.1 No subscription required Medium CVE-2022-48340 Ubuntu 23.10 Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6212) It was discovered that Thudnerbird did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Thunderbird incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Thunderbird incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Thudnerbird incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered that Thunderbird incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6515-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-dev - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-gnome-support - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-af - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ar - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ast - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-be - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-bg - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-bn - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-bn-bd - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-br - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ca - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-cak - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-cs - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-cy - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-da - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-de - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-dsb - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-el - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-en - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-en-gb - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-en-us - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-es - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-es-ar - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-es-es - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-et - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-eu - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fa - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fi - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fr - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fy - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fy-nl - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ga - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ga-ie - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-gd - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-gl - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-he - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hr - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hsb - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hu - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hy - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-id - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-is - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-it - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ja - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ka - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-kab - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-kk - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ko - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-lt - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-lv - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-mk - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ms - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nb - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nb-no - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nl - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nn - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nn-no - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pa - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pa-in - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pl - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pt - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-br - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-pt - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-rm - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ro - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ru - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-si - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sk - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sl - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sq - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sr - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sv - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sv-se - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ta - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ta-lk - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-th - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-tr - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-uk - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-uz - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-vi - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-cn - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hans - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hant - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-tw - 1:115.5.0+build1-0ubuntu0.23.10.1 thunderbird-mozsymbols - 1:115.5.0+build1-0ubuntu0.23.10.1 xul-ext-calendar-timezones - 1:115.5.0+build1-0ubuntu0.23.10.1 xul-ext-gdata-provider - 1:115.5.0+build1-0ubuntu0.23.10.1 xul-ext-lightning - 1:115.5.0+build1-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6212 Ubuntu 23.10 It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-48522) Nathan Mills discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-47038) Update Instructions: Run `sudo pro fix USN-6517-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libperl-dev - 5.36.0-9ubuntu1.1 libperl5.36 - 5.36.0-9ubuntu1.1 perl - 5.36.0-9ubuntu1.1 perl-base - 5.36.0-9ubuntu1.1 perl-debug - 5.36.0-9ubuntu1.1 perl-doc - 5.36.0-9ubuntu1.1 perl-modules-5.36 - 5.36.0-9ubuntu1.1 No subscription required Medium CVE-2022-48522 CVE-2023-47038 Ubuntu 23.10 It was discovered that GIMP incorrectly handled certain image files. If a user were tricked into opening a specially crafted image, an attacker could use this issue to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6521-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gimp - 2.10.34-1ubuntu0.23.10.1 gimp-data - 2.10.34-1ubuntu0.23.10.1 libgimp2.0 - 2.10.34-1ubuntu0.23.10.1 libgimp2.0-dev - 2.10.34-1ubuntu0.23.10.1 libgimp2.0-doc - 2.10.34-1ubuntu0.23.10.1 No subscription required Medium CVE-2022-30067 CVE-2022-32990 CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 Ubuntu 23.10 It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-41877) It was discovered that FreeRDP incorrectly handled certain surface updates. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-39352, CVE-2023-39356) Update Instructions: Run `sudo pro fix USN-6522-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.10.0+dfsg1-1.1ubuntu1.1 freerdp2-shadow-x11 - 2.10.0+dfsg1-1.1ubuntu1.1 freerdp2-wayland - 2.10.0+dfsg1-1.1ubuntu1.1 freerdp2-x11 - 2.10.0+dfsg1-1.1ubuntu1.1 libfreerdp-client2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libfreerdp-server2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libfreerdp-shadow-subsystem2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libfreerdp-shadow2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libfreerdp2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libuwac0-0 - 2.10.0+dfsg1-1.1ubuntu1.1 libuwac0-dev - 2.10.0+dfsg1-1.1ubuntu1.1 libwinpr-tools2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libwinpr2-2 - 2.10.0+dfsg1-1.1ubuntu1.1 libwinpr2-dev - 2.10.0+dfsg1-1.1ubuntu1.1 winpr-utils - 2.10.0+dfsg1-1.1ubuntu1.1 No subscription required Medium CVE-2022-41877 CVE-2023-39352 CVE-2023-39356 Ubuntu 23.10 It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6526-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gst-plugins-bad-1.0 - 1.22.4-1ubuntu1.1 gstreamer1.0-opencv - 1.22.4-1ubuntu1.1 gstreamer1.0-plugins-bad - 1.22.4-1ubuntu1.1 gstreamer1.0-plugins-bad-apps - 1.22.4-1ubuntu1.1 libgstreamer-opencv1.0-0 - 1.22.4-1ubuntu1.1 libgstreamer-plugins-bad1.0-0 - 1.22.4-1ubuntu1.1 libgstreamer-plugins-bad1.0-dev - 1.22.4-1ubuntu1.1 No subscription required Medium CVE-2023-37329 CVE-2023-40474 CVE-2023-40475 CVE-2023-40476 CVE-2023-44429 CVE-2023-44446 Ubuntu 23.10 Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081) Update Instructions: Run `sudo pro fix USN-6527-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.21+9-0ubuntu1~23.10 openjdk-11-doc - 11.0.21+9-0ubuntu1~23.10 openjdk-11-jdk - 11.0.21+9-0ubuntu1~23.10 openjdk-11-jdk-headless - 11.0.21+9-0ubuntu1~23.10 openjdk-11-jre - 11.0.21+9-0ubuntu1~23.10 openjdk-11-jre-headless - 11.0.21+9-0ubuntu1~23.10 openjdk-11-jre-zero - 11.0.21+9-0ubuntu1~23.10 openjdk-11-source - 11.0.21+9-0ubuntu1~23.10 No subscription required openjdk-17-demo - 17.0.9+9-1~23.10 openjdk-17-doc - 17.0.9+9-1~23.10 openjdk-17-jdk - 17.0.9+9-1~23.10 openjdk-17-jdk-headless - 17.0.9+9-1~23.10 openjdk-17-jre - 17.0.9+9-1~23.10 openjdk-17-jre-headless - 17.0.9+9-1~23.10 openjdk-17-jre-zero - 17.0.9+9-1~23.10 openjdk-17-source - 17.0.9+9-1~23.10 No subscription required openjdk-21-demo - 21.0.1+12-2~23.10 openjdk-21-doc - 21.0.1+12-2~23.10 openjdk-21-jdk - 21.0.1+12-2~23.10 openjdk-21-jdk-headless - 21.0.1+12-2~23.10 openjdk-21-jre - 21.0.1+12-2~23.10 openjdk-21-jre-headless - 21.0.1+12-2~23.10 openjdk-21-jre-zero - 21.0.1+12-2~23.10 openjdk-21-source - 21.0.1+12-2~23.10 No subscription required Medium CVE-2023-22025 CVE-2023-22081 Ubuntu 23.10 It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode blocks in certain situations. An attacker could possibly use this to cause a denial of service. (CVE-2022-40433) Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that the CORBA implementation in OpenJDK did not properly perform deserialization of IOR string objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-22067) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081) Update Instructions: Run `sudo pro fix USN-6528-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u392-ga-1~23.10 openjdk-8-doc - 8u392-ga-1~23.10 openjdk-8-jdk - 8u392-ga-1~23.10 openjdk-8-jdk-headless - 8u392-ga-1~23.10 openjdk-8-jre - 8u392-ga-1~23.10 openjdk-8-jre-headless - 8u392-ga-1~23.10 openjdk-8-jre-zero - 8u392-ga-1~23.10 openjdk-8-source - 8u392-ga-1~23.10 No subscription required Medium CVE-2023-22025 CVE-2023-22067 CVE-2023-22081 Ubuntu 23.10 It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-38562, CVE-2022-25802, CVE-2023-41259, CVE-2023-41260) Update Instructions: Run `sudo pro fix USN-6529-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: request-tracker4 - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-apache2 - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-clients - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-db-mysql - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-db-postgresql - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-db-sqlite - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-doc-html - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-fcgi - 4.4.4+dfsg-2ubuntu1.23.10.1 rt4-standalone - 4.4.4+dfsg-2ubuntu1.23.10.1 No subscription required Medium CVE-2021-38562 CVE-2022-25802 CVE-2023-41259 CVE-2023-41260 Ubuntu 23.10 Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. (CVE-2023-46218) Maksymilian Arciemowicz discovered that curl incorrectly handled long file names when saving HSTS data. This could result in curl losing HSTS data, and subsequent requests to a site would be done without it, contrary to expectations. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-46219) Update Instructions: Run `sudo pro fix USN-6535-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 8.2.1-1ubuntu3.2 libcurl3-gnutls - 8.2.1-1ubuntu3.2 libcurl3-nss - 8.2.1-1ubuntu3.2 libcurl4 - 8.2.1-1ubuntu3.2 libcurl4-doc - 8.2.1-1ubuntu3.2 libcurl4-gnutls-dev - 8.2.1-1ubuntu3.2 libcurl4-nss-dev - 8.2.1-1ubuntu3.2 libcurl4-openssl-dev - 8.2.1-1ubuntu3.2 No subscription required Medium CVE-2023-46218 CVE-2023-46219 Ubuntu 23.10 Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Yikebaer Aizezi discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability when handling inode extent metadata. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-45898) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6536-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1005-starfive - 6.5.0-1005.6 linux-headers-6.5.0-1005-starfive - 6.5.0-1005.6 linux-image-6.5.0-1005-starfive - 6.5.0-1005.6 linux-modules-6.5.0-1005-starfive - 6.5.0-1005.6 linux-modules-extra-6.5.0-1005-starfive - 6.5.0-1005.6 linux-starfive-headers-6.5.0-1005 - 6.5.0-1005.6 linux-starfive-tools-6.5.0-1005 - 6.5.0-1005.6 linux-tools-6.5.0-1005-starfive - 6.5.0-1005.6 No subscription required linux-buildinfo-6.5.0-1007-laptop - 6.5.0-1007.10 linux-headers-6.5.0-1007-laptop - 6.5.0-1007.10 linux-image-6.5.0-1007-laptop - 6.5.0-1007.10 linux-laptop-headers-6.5.0-1007 - 6.5.0-1007.10 linux-laptop-tools-6.5.0-1007 - 6.5.0-1007.10 linux-modules-6.5.0-1007-laptop - 6.5.0-1007.10 linux-tools-6.5.0-1007-laptop - 6.5.0-1007.10 No subscription required linux-buildinfo-6.5.0-1008-raspi - 6.5.0-1008.11 linux-headers-6.5.0-1008-raspi - 6.5.0-1008.11 linux-image-6.5.0-1008-raspi - 6.5.0-1008.11 linux-modules-6.5.0-1008-raspi - 6.5.0-1008.11 linux-modules-extra-6.5.0-1008-raspi - 6.5.0-1008.11 linux-raspi-headers-6.5.0-1008 - 6.5.0-1008.11 linux-raspi-tools-6.5.0-1008 - 6.5.0-1008.11 linux-tools-6.5.0-1008-raspi - 6.5.0-1008.11 No subscription required linux-aws-cloud-tools-6.5.0-1011 - 6.5.0-1011.11 linux-aws-headers-6.5.0-1011 - 6.5.0-1011.11 linux-aws-tools-6.5.0-1011 - 6.5.0-1011.11 linux-buildinfo-6.5.0-1011-aws - 6.5.0-1011.11 linux-cloud-tools-6.5.0-1011-aws - 6.5.0-1011.11 linux-headers-6.5.0-1011-aws - 6.5.0-1011.11 linux-image-6.5.0-1011-aws - 6.5.0-1011.11 linux-image-unsigned-6.5.0-1011-aws - 6.5.0-1011.11 linux-modules-6.5.0-1011-aws - 6.5.0-1011.11 linux-modules-extra-6.5.0-1011-aws - 6.5.0-1011.11 linux-tools-6.5.0-1011-aws - 6.5.0-1011.11 No subscription required linux-buildinfo-6.5.0-1013-oracle - 6.5.0-1013.13 linux-headers-6.5.0-1013-oracle - 6.5.0-1013.13 linux-image-6.5.0-1013-oracle - 6.5.0-1013.13 linux-image-unsigned-6.5.0-1013-oracle - 6.5.0-1013.13 linux-modules-6.5.0-1013-oracle - 6.5.0-1013.13 linux-modules-extra-6.5.0-1013-oracle - 6.5.0-1013.13 linux-modules-iwlwifi-6.5.0-1013-oracle - 6.5.0-1013.13 linux-oracle-headers-6.5.0-1013 - 6.5.0-1013.13 linux-oracle-tools-6.5.0-1013 - 6.5.0-1013.13 linux-tools-6.5.0-1013-oracle - 6.5.0-1013.13 No subscription required linux-buildinfo-6.5.0-14-generic - 6.5.0-14.14 linux-buildinfo-6.5.0-14-generic-64k - 6.5.0-14.14 linux-cloud-tools-6.5.0-14 - 6.5.0-14.14 linux-cloud-tools-6.5.0-14-generic - 6.5.0-14.14 linux-cloud-tools-common - 6.5.0-14.14 linux-doc - 6.5.0-14.14 linux-headers-6.5.0-14 - 6.5.0-14.14 linux-headers-6.5.0-14-generic - 6.5.0-14.14 linux-headers-6.5.0-14-generic-64k - 6.5.0-14.14 linux-image-6.5.0-14-generic - 6.5.0-14.14 linux-image-6.5.0-14-generic-64k - 6.5.0-14.14 linux-image-uc-6.5.0-14-generic - 6.5.0-14.14 linux-image-uc-6.5.0-14-generic-64k - 6.5.0-14.14 linux-image-unsigned-6.5.0-14-generic - 6.5.0-14.14 linux-image-unsigned-6.5.0-14-generic-64k - 6.5.0-14.14 linux-lib-rust-6.5.0-14-generic - 6.5.0-14.14 linux-libc-dev - 6.5.0-14.14 linux-modules-6.5.0-14-generic - 6.5.0-14.14 linux-modules-6.5.0-14-generic-64k - 6.5.0-14.14 linux-modules-extra-6.5.0-14-generic - 6.5.0-14.14 linux-modules-ipu6-6.5.0-14-generic - 6.5.0-14.14 linux-modules-ivsc-6.5.0-14-generic - 6.5.0-14.14 linux-modules-iwlwifi-6.5.0-14-generic - 6.5.0-14.14 linux-source-6.5.0 - 6.5.0-14.14 linux-tools-6.5.0-14 - 6.5.0-14.14 linux-tools-6.5.0-14-generic - 6.5.0-14.14 linux-tools-6.5.0-14-generic-64k - 6.5.0-14.14 linux-tools-common - 6.5.0-14.14 linux-tools-host - 6.5.0-14.14 No subscription required linux-buildinfo-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-buildinfo-6.5.0-14-lowlatency-64k - 6.5.0-14.14.1 linux-cloud-tools-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-headers-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-headers-6.5.0-14-lowlatency-64k - 6.5.0-14.14.1 linux-image-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-image-6.5.0-14-lowlatency-64k - 6.5.0-14.14.1 linux-image-unsigned-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-image-unsigned-6.5.0-14-lowlatency-64k - 6.5.0-14.14.1 linux-lowlatency-cloud-tools-6.5.0-14 - 6.5.0-14.14.1 linux-lowlatency-cloud-tools-common - 6.5.0-14.14.1 linux-lowlatency-headers-6.5.0-14 - 6.5.0-14.14.1 linux-lowlatency-lib-rust-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-lowlatency-tools-6.5.0-14 - 6.5.0-14.14.1 linux-lowlatency-tools-common - 6.5.0-14.14.1 linux-lowlatency-tools-host - 6.5.0-14.14.1 linux-modules-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-modules-6.5.0-14-lowlatency-64k - 6.5.0-14.14.1 linux-modules-iwlwifi-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-tools-6.5.0-14-lowlatency - 6.5.0-14.14.1 linux-tools-6.5.0-14-lowlatency-64k - 6.5.0-14.14.1 No subscription required linux-headers-starfive - 6.5.0.1005.7 linux-image-starfive - 6.5.0.1005.7 linux-starfive - 6.5.0.1005.7 linux-tools-starfive - 6.5.0.1005.7 No subscription required linux-headers-laptop-23.10 - 6.5.0.1007.10 linux-image-laptop-23.10 - 6.5.0.1007.10 linux-laptop-23.10 - 6.5.0.1007.10 linux-tools-laptop-23.10 - 6.5.0.1007.10 No subscription required linux-headers-raspi - 6.5.0.1008.9 linux-headers-raspi-nolpae - 6.5.0.1008.9 linux-image-raspi - 6.5.0.1008.9 linux-image-raspi-nolpae - 6.5.0.1008.9 linux-modules-extra-raspi - 6.5.0.1008.9 linux-modules-extra-raspi-nolpae - 6.5.0.1008.9 linux-raspi - 6.5.0.1008.9 linux-raspi-nolpae - 6.5.0.1008.9 linux-tools-raspi - 6.5.0.1008.9 linux-tools-raspi-nolpae - 6.5.0.1008.9 No subscription required linux-aws - 6.5.0.1011.11 linux-headers-aws - 6.5.0.1011.11 linux-image-aws - 6.5.0.1011.11 linux-modules-extra-aws - 6.5.0.1011.11 linux-tools-aws - 6.5.0.1011.11 No subscription required linux-headers-oracle - 6.5.0.1013.13 linux-image-oracle - 6.5.0.1013.13 linux-modules-iwlwifi-oracle - 6.5.0.1013.13 linux-oracle - 6.5.0.1013.13 linux-tools-oracle - 6.5.0.1013.13 No subscription required linux-cloud-tools-lowlatency - 6.5.0.14.14.12 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.14.14.12 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.14.14.12 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.14.14.12 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.14.14.12 linux-headers-lowlatency - 6.5.0.14.14.12 linux-headers-lowlatency-64k - 6.5.0.14.14.12 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.14.14.12 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.14.14.12 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.14.14.12 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.14.14.12 linux-headers-lowlatency-hwe-20.04 - 6.5.0.14.14.12 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.14.14.12 linux-headers-lowlatency-hwe-22.04 - 6.5.0.14.14.12 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.14.14.12 linux-image-lowlatency - 6.5.0.14.14.12 linux-image-lowlatency-64k - 6.5.0.14.14.12 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.14.14.12 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.14.14.12 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.14.14.12 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.14.14.12 linux-image-lowlatency-hwe-20.04 - 6.5.0.14.14.12 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.14.14.12 linux-image-lowlatency-hwe-22.04 - 6.5.0.14.14.12 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.14.14.12 linux-lowlatency - 6.5.0.14.14.12 linux-lowlatency-64k - 6.5.0.14.14.12 linux-lowlatency-64k-hwe-20.04 - 6.5.0.14.14.12 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.14.14.12 linux-lowlatency-64k-hwe-22.04 - 6.5.0.14.14.12 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.14.14.12 linux-lowlatency-hwe-20.04 - 6.5.0.14.14.12 linux-lowlatency-hwe-20.04-edge - 6.5.0.14.14.12 linux-lowlatency-hwe-22.04 - 6.5.0.14.14.12 linux-lowlatency-hwe-22.04-edge - 6.5.0.14.14.12 linux-modules-iwlwifi-lowlatency - 6.5.0.14.14.12 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.14.14.12 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.14.14.12 linux-tools-lowlatency - 6.5.0.14.14.12 linux-tools-lowlatency-64k - 6.5.0.14.14.12 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.14.14.12 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.14.14.12 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.14.14.12 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.14.14.12 linux-tools-lowlatency-hwe-20.04 - 6.5.0.14.14.12 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.14.14.12 linux-tools-lowlatency-hwe-22.04 - 6.5.0.14.14.12 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.14.14.12 No subscription required linux-cloud-tools-generic - 6.5.0.14.16 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.14.16 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.14.16 linux-cloud-tools-virtual - 6.5.0.14.16 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.14.16 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.14.16 linux-crashdump - 6.5.0.14.16 linux-generic - 6.5.0.14.16 linux-generic-64k - 6.5.0.14.16 linux-generic-64k-hwe-22.04 - 6.5.0.14.16 linux-generic-64k-hwe-22.04-edge - 6.5.0.14.16 linux-generic-hwe-22.04 - 6.5.0.14.16 linux-generic-hwe-22.04-edge - 6.5.0.14.16 linux-generic-lpae - 6.5.0.14.16 linux-headers-generic - 6.5.0.14.16 linux-headers-generic-64k - 6.5.0.14.16 linux-headers-generic-64k-hwe-22.04 - 6.5.0.14.16 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.14.16 linux-headers-generic-hwe-22.04 - 6.5.0.14.16 linux-headers-generic-hwe-22.04-edge - 6.5.0.14.16 linux-headers-generic-lpae - 6.5.0.14.16 linux-headers-kvm - 6.5.0.14.16 linux-headers-oem-22.04 - 6.5.0.14.16 linux-headers-virtual - 6.5.0.14.16 linux-headers-virtual-hwe-22.04 - 6.5.0.14.16 linux-headers-virtual-hwe-22.04-edge - 6.5.0.14.16 linux-image-extra-virtual - 6.5.0.14.16 linux-image-extra-virtual-hwe-22.04 - 6.5.0.14.16 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.14.16 linux-image-generic - 6.5.0.14.16 linux-image-generic-64k - 6.5.0.14.16 linux-image-generic-64k-hwe-22.04 - 6.5.0.14.16 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.14.16 linux-image-generic-hwe-22.04 - 6.5.0.14.16 linux-image-generic-hwe-22.04-edge - 6.5.0.14.16 linux-image-generic-lpae - 6.5.0.14.16 linux-image-kvm - 6.5.0.14.16 linux-image-oem-22.04 - 6.5.0.14.16 linux-image-uc-generic - 6.5.0.14.16 linux-image-uc-generic-hwe-22.04 - 6.5.0.14.16 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.14.16 linux-image-virtual - 6.5.0.14.16 linux-image-virtual-hwe-22.04 - 6.5.0.14.16 linux-image-virtual-hwe-22.04-edge - 6.5.0.14.16 linux-kvm - 6.5.0.14.16 linux-modules-ipu6-generic - 6.5.0.14.16 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.14.16 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.14.16 linux-modules-ipu6-oem-22.04 - 6.5.0.14.16 linux-modules-ivsc-generic - 6.5.0.14.16 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.14.16 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.14.16 linux-modules-ivsc-oem-22.04 - 6.5.0.14.16 linux-modules-iwlwifi-generic - 6.5.0.14.16 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.14.16 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.14.16 linux-modules-iwlwifi-oem-22.04 - 6.5.0.14.16 linux-oem-22.04 - 6.5.0.14.16 linux-source - 6.5.0.14.16 linux-tools-generic - 6.5.0.14.16 linux-tools-generic-64k - 6.5.0.14.16 linux-tools-generic-64k-hwe-22.04 - 6.5.0.14.16 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.14.16 linux-tools-generic-hwe-22.04 - 6.5.0.14.16 linux-tools-generic-hwe-22.04-edge - 6.5.0.14.16 linux-tools-generic-lpae - 6.5.0.14.16 linux-tools-kvm - 6.5.0.14.16 linux-tools-oem-22.04 - 6.5.0.14.16 linux-tools-virtual - 6.5.0.14.16 linux-tools-virtual-hwe-22.04 - 6.5.0.14.16 linux-tools-virtual-hwe-22.04-edge - 6.5.0.14.16 linux-virtual - 6.5.0.14.16 linux-virtual-hwe-22.04 - 6.5.0.14.16 linux-virtual-hwe-22.04-edge - 6.5.0.14.16 No subscription required Medium CVE-2023-39189 CVE-2023-42754 CVE-2023-45898 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 23.10 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Yikebaer Aizezi discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability when handling inode extent metadata. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-45898) Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service (host kernel crash). (CVE-2023-5090) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5345) Murray McAllister discovered that the VMware Virtual GPU DRM driver in the Linux kernel did not properly handle memory objects when storing surfaces, leading to a use-after-free vulnerability. A local attacker in a guest VM could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5633) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6537-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1010-gcp - 6.5.0-1010.10 linux-gcp-headers-6.5.0-1010 - 6.5.0-1010.10 linux-gcp-tools-6.5.0-1010 - 6.5.0-1010.10 linux-headers-6.5.0-1010-gcp - 6.5.0-1010.10 linux-image-6.5.0-1010-gcp - 6.5.0-1010.10 linux-image-unsigned-6.5.0-1010-gcp - 6.5.0-1010.10 linux-modules-6.5.0-1010-gcp - 6.5.0-1010.10 linux-modules-extra-6.5.0-1010-gcp - 6.5.0-1010.10 linux-modules-iwlwifi-6.5.0-1010-gcp - 6.5.0-1010.10 linux-tools-6.5.0-1010-gcp - 6.5.0-1010.10 No subscription required linux-gcp - 6.5.0.1010.10 linux-headers-gcp - 6.5.0.1010.10 linux-image-gcp - 6.5.0.1010.10 linux-modules-extra-gcp - 6.5.0.1010.10 linux-modules-iwlwifi-gcp - 6.5.0.1010.10 linux-tools-gcp - 6.5.0.1010.10 No subscription required High CVE-2023-31085 CVE-2023-39189 CVE-2023-4244 CVE-2023-42754 CVE-2023-45898 CVE-2023-5090 CVE-2023-5158 CVE-2023-5178 CVE-2023-5345 CVE-2023-5633 CVE-2023-5717 Ubuntu 23.10 Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-5868) Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. (CVE-2023-5869) Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations. (CVE-2023-5870) Update Instructions: Run `sudo pro fix USN-6538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 15.5-0ubuntu0.23.10.1 libecpg-dev - 15.5-0ubuntu0.23.10.1 libecpg6 - 15.5-0ubuntu0.23.10.1 libpgtypes3 - 15.5-0ubuntu0.23.10.1 libpq-dev - 15.5-0ubuntu0.23.10.1 libpq5 - 15.5-0ubuntu0.23.10.1 postgresql-15 - 15.5-0ubuntu0.23.10.1 postgresql-client-15 - 15.5-0ubuntu0.23.10.1 postgresql-doc-15 - 15.5-0ubuntu0.23.10.1 postgresql-plperl-15 - 15.5-0ubuntu0.23.10.1 postgresql-plpython3-15 - 15.5-0ubuntu0.23.10.1 postgresql-pltcl-15 - 15.5-0ubuntu0.23.10.1 postgresql-server-dev-15 - 15.5-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 Ubuntu 23.10 It was discovered that the python-cryptography Cipher.update_into function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-23931) It was dicovered that python-cryptography incorrectly handled loading certain PKCS7 certificates. A remote attacker could possibly use this issue to cause python-cryptography to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-49083) Update Instructions: Run `sudo pro fix USN-6539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-cryptography-doc - 38.0.4-4ubuntu0.23.10.1 python3-cryptography - 38.0.4-4ubuntu0.23.10.1 No subscription required Medium CVE-2023-23931 CVE-2023-49083 Ubuntu 23.10 It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable. Update Instructions: Run `sudo pro fix USN-6540-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bluetooth - 5.68-0ubuntu1.1 bluez - 5.68-0ubuntu1.1 bluez-cups - 5.68-0ubuntu1.1 bluez-hcidump - 5.68-0ubuntu1.1 bluez-meshd - 5.68-0ubuntu1.1 bluez-obexd - 5.68-0ubuntu1.1 bluez-tests - 5.68-0ubuntu1.1 libbluetooth-dev - 5.68-0ubuntu1.1 libbluetooth3 - 5.68-0ubuntu1.1 No subscription required Medium CVE-2023-45866 Ubuntu 23.10 It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar - 1.34+dfsg-1.2ubuntu1.1 tar-scripts - 1.34+dfsg-1.2ubuntu1.1 No subscription required Medium CVE-2023-39804 Ubuntu 23.10 Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6545-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.42.3-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-4.1 - 2.42.3-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-6.0 - 2.42.3-0ubuntu0.23.10.1 gir1.2-webkit-6.0 - 2.42.3-0ubuntu0.23.10.1 gir1.2-webkit2-4.0 - 2.42.3-0ubuntu0.23.10.1 gir1.2-webkit2-4.1 - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-18 - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-bin - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-dev - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-0 - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-dev - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-1 - 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-dev - 2.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.0-37 - 2.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.0-dev - 2.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.0-doc - 2.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.1-0 - 2.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.1-dev - 2.42.3-0ubuntu0.23.10.1 libwebkitgtk-6.0-4 - 2.42.3-0ubuntu0.23.10.1 libwebkitgtk-6.0-dev - 2.42.3-0ubuntu0.23.10.1 webkit2gtk-driver - 2.42.3-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-42916 CVE-2023-42917 Ubuntu 23.10 Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary GStreamer plugins. (CVE-2023-6185) Reginaldo Silva discovered that LibreOffice incorrectly handled certain non-typical hyperlinks. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary scripts. (CVE-2023-6186) Update Instructions: Run `sudo pro fix USN-6546-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 4:0.9+LibO7.6.4-0ubuntu0.23.10.1 No subscription required libreoffice-wiki-publisher - 4:1.2.0+LibO7.6.4-0ubuntu0.23.10.1 No subscription required fonts-opensymbol - 4:102.12+LibO7.6.4-0ubuntu0.23.10.1 No subscription required gir1.2-lokdocview-0.1 - 4:7.6.4-0ubuntu0.23.10.1 libjuh-java - 4:7.6.4-0ubuntu0.23.10.1 libjurt-java - 4:7.6.4-0ubuntu0.23.10.1 liblibreoffice-java - 4:7.6.4-0ubuntu0.23.10.1 liblibreofficekitgtk - 4:7.6.4-0ubuntu0.23.10.1 libofficebean-java - 4:7.6.4-0ubuntu0.23.10.1 libreoffice - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-base - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-base-core - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-base-drivers - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-base-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-calc - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-calc-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-common - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-core - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-core-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-dev - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-dev-common - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-dev-doc - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-dev-gui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-draw - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-draw-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-evolution - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-gnome - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-gtk3 - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-gtk4 - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-ca - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-common - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-cs - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-da - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-de - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-dz - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-el - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-en-gb - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-en-us - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-es - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-et - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-eu - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-fi - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-fr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-gl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-hi - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-hu - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-id - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-it - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-ja - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-km - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-ko - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-nl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-om - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-pl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-pt - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-pt-br - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-ru - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-sk - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-sl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-sv - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-tr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-vi - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-zh-cn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-help-zh-tw - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-impress - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-impress-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-java-common - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-kf5 - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-af - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-am - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ar - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-as - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ast - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-be - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-bg - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-bn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-br - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-bs - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ca - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-cs - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-cy - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-da - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-de - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-dz - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-el - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-en-gb - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-en-za - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-eo - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-es - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-et - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-eu - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-fa - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-fi - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-fr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ga - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-gd - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-gl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-gu - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-gug - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-he - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-hi - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-hr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-hu - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-id - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-in - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-is - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-it - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ja - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ka - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-kk - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-km - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-kmr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-kn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ko - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-lt - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-lv - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-mk - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ml - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-mn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-mr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-nb - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ne - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-nl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-nn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-nr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-nso - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-oc - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-om - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-or - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-pa-in - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-pl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-pt - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-pt-br - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ro - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ru - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-rw - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-si - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-sk - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-sl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-sr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ss - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-st - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-sv - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-szl - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ta - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-te - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-tg - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-th - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-tn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-tr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ts - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ug - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-uk - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-uz - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-ve - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-vi - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-xh - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-za - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-zh-cn - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-zh-tw - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-l10n-zu - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-librelogo - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-math - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-math-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-officebean - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-plasma - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-qt5 - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-qt6 - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-report-builder - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-report-builder-bin - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-report-builder-bin-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-script-provider-bsh - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-script-provider-js - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-script-provider-python - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-sdbc-firebird - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-sdbc-hsqldb - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-sdbc-mysql - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-sdbc-postgresql - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-smoketest-data - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-breeze - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-colibre - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-elementary - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-karasa-jaga - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-sifr - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-sukapura - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-tango - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-style-yaru - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-subsequentcheckbase - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-base - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-calc - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-common - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-draw - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-impress - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-math - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-report-builder - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-uiconfig-writer - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-writer - 4:7.6.4-0ubuntu0.23.10.1 libreoffice-writer-nogui - 4:7.6.4-0ubuntu0.23.10.1 libreofficekit-data - 4:7.6.4-0ubuntu0.23.10.1 libreofficekit-dev - 4:7.6.4-0ubuntu0.23.10.1 libridl-java - 4:7.6.4-0ubuntu0.23.10.1 libuno-cppu3 - 4:7.6.4-0ubuntu0.23.10.1 libuno-cppuhelpergcc3-3 - 4:7.6.4-0ubuntu0.23.10.1 libuno-purpenvhelpergcc3-3 - 4:7.6.4-0ubuntu0.23.10.1 libuno-sal3 - 4:7.6.4-0ubuntu0.23.10.1 libuno-salhelpergcc3-3 - 4:7.6.4-0ubuntu0.23.10.1 libunoil-java - 4:7.6.4-0ubuntu0.23.10.1 libunoloader-java - 4:7.6.4-0ubuntu0.23.10.1 python3-access2base - 4:7.6.4-0ubuntu0.23.10.1 python3-scriptforge - 4:7.6.4-0ubuntu0.23.10.1 python3-uno - 4:7.6.4-0ubuntu0.23.10.1 uno-libs-private - 4:7.6.4-0ubuntu0.23.10.1 ure - 4:7.6.4-0ubuntu0.23.10.1 ure-java - 4:7.6.4-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-6185 CVE-2023-6186 Ubuntu 23.10 It was discovered that Ghostscript incorrectly handled writing TIFF files. A remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6551-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 10.01.2~dfsg1-0ubuntu2.2 ghostscript-doc - 10.01.2~dfsg1-0ubuntu2.2 ghostscript-x - 10.01.2~dfsg1-0ubuntu2.2 libgs-common - 10.01.2~dfsg1-0ubuntu2.2 libgs-dev - 10.01.2~dfsg1-0ubuntu2.2 libgs10 - 10.01.2~dfsg1-0ubuntu2.2 libgs10-common - 10.01.2~dfsg1-0ubuntu2.2 libgs9-common - 10.01.2~dfsg1-0ubuntu2.2 No subscription required Medium CVE-2023-46751 Ubuntu 23.10 Zygmunt Krynicki discovered that GNOME Settings did not accurately reflect the SSH remote login status when the system was configured to use systemd socket activation for OpenSSH. Remote SSH access may be unknowingly enabled, contrary to expectation. Update Instructions: Run `sudo pro fix USN-6554-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnome-control-center - 1:45.0-1ubuntu3.1 gnome-control-center-data - 1:45.0-1ubuntu3.1 gnome-control-center-dev - 1:45.0-1ubuntu3.1 gnome-control-center-faces - 1:45.0-1ubuntu3.1 No subscription required Medium CVE-2023-5616 Ubuntu 23.10 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-6377) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information. (CVE-2023-6478) Update Instructions: Run `sudo pro fix USN-6555-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xnest - 2:21.1.7-3ubuntu2.4 xorg-server-source - 2:21.1.7-3ubuntu2.4 xserver-common - 2:21.1.7-3ubuntu2.4 xserver-xephyr - 2:21.1.7-3ubuntu2.4 xserver-xorg-core - 2:21.1.7-3ubuntu2.4 xserver-xorg-dev - 2:21.1.7-3ubuntu2.4 xserver-xorg-legacy - 2:21.1.7-3ubuntu2.4 xvfb - 2:21.1.7-3ubuntu2.4 No subscription required xwayland - 2:23.2.0-1ubuntu0.3 No subscription required Medium CVE-2023-6377 CVE-2023-6478 Ubuntu 23.10 It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. (CVE-2023-49342, CVE-2023-49343, CVE-2023-49347) Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject arbitrary PNG data in this path and have it displayed on the victim's desktop or deny access to the application. (CVE-2023-49344) Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject false information or deny access to the application. (CVE-2023-49345, CVE-2023-49346) Update Instructions: Run `sudo pro fix USN-6556-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: budgie-app-launcher-applet - 1.7.0-3.0ubuntu1 budgie-applications-menu-applet - 1.7.0-3.0ubuntu1 budgie-brightness-controller-applet - 1.7.0-3.0ubuntu1 budgie-clockworks-applet - 1.7.0-3.0ubuntu1 budgie-countdown-applet - 1.7.0-3.0ubuntu1 budgie-dropby-applet - 1.7.0-3.0ubuntu1 budgie-extras-common - 1.7.0-3.0ubuntu1 budgie-extras-daemon - 1.7.0-3.0ubuntu1 budgie-fuzzyclock-applet - 1.7.0-3.0ubuntu1 budgie-hotcorners-applet - 1.7.0-3.0ubuntu1 budgie-kangaroo-applet - 1.7.0-3.0ubuntu1 budgie-keyboard-autoswitch-applet - 1.7.0-3.0ubuntu1 budgie-network-manager-applet - 1.7.0-3.0ubuntu1 budgie-previews - 1.7.0-3.0ubuntu1 budgie-quickchar - 1.7.0-3.0ubuntu1 budgie-quicknote-applet - 1.7.0-3.0ubuntu1 budgie-recentlyused-applet - 1.7.0-3.0ubuntu1 budgie-rotation-lock-applet - 1.7.0-3.0ubuntu1 budgie-showtime-applet - 1.7.0-3.0ubuntu1 budgie-takeabreak-applet - 1.7.0-3.0ubuntu1 budgie-trash-applet - 1.7.0-3.0ubuntu1 budgie-visualspace-applet - 1.7.0-3.0ubuntu1 budgie-wallstreet - 1.7.0-3.0ubuntu1 budgie-weathershow-applet - 1.7.0-3.0ubuntu1 budgie-window-shuffler - 1.7.0-3.0ubuntu1 budgie-workspace-stopwatch-applet - 1.7.0-3.0ubuntu1 budgie-workspace-wallpaper-applet - 1.7.0-3.0ubuntu1 No subscription required Medium CVE-2023-49342 CVE-2023-49343 CVE-2023-49344 CVE-2023-49345 CVE-2023-49346 CVE-2023-49347 Ubuntu 23.10 It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1725) It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1771) It was discovered that Vim could be made to write out of bounds with a put command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1886) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1897, CVE-2022-2000) It was discovered that Vim did not properly manage memory in the spell command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2042) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-46246, CVE-2023-48231) It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-48232) It was discovered that Vim contained multiple arithmetic overflows. An attacker could possibly use these issues to cause a denial of service. (CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237) It was discovered that Vim did not properly manage memory in the substitute command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-48706) Update Instructions: Run `sudo pro fix USN-6557-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:9.0.1672-1ubuntu2.2 vim-athena - 2:9.0.1672-1ubuntu2.2 vim-common - 2:9.0.1672-1ubuntu2.2 vim-doc - 2:9.0.1672-1ubuntu2.2 vim-gtk3 - 2:9.0.1672-1ubuntu2.2 vim-gui-common - 2:9.0.1672-1ubuntu2.2 vim-motif - 2:9.0.1672-1ubuntu2.2 vim-nox - 2:9.0.1672-1ubuntu2.2 vim-runtime - 2:9.0.1672-1ubuntu2.2 vim-tiny - 2:9.0.1672-1ubuntu2.2 xxd - 2:9.0.1672-1ubuntu2.2 No subscription required Medium CVE-2022-1725 CVE-2022-1771 CVE-2022-1886 CVE-2022-1897 CVE-2022-2000 CVE-2022-2042 CVE-2023-46246 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233 CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706 Ubuntu 23.10 It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-13440) It was discovered that audiofile could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-17095) It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2019-13147) It was discovered that audiofile could be made to leak memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to obtain sensitive information. (CVE-2022-24599) Update Instructions: Run `sudo pro fix USN-6558-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: audiofile-tools - 0.3.6-5+deb10u1build0.23.10.1 libaudiofile-dev - 0.3.6-5+deb10u1build0.23.10.1 libaudiofile1 - 0.3.6-5+deb10u1build0.23.10.1 No subscription required Medium CVE-2018-13440 CVE-2018-17095 CVE-2019-13147 CVE-2022-24599 Ubuntu 23.10 It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-0201) Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-44981) Update Instructions: Run `sudo pro fix USN-6559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzookeeper-java - 3.8.0-11ubuntu0.1 libzookeeper-java-doc - 3.8.0-11ubuntu0.1 libzookeeper-mt-dev - 3.8.0-11ubuntu0.1 libzookeeper-mt2 - 3.8.0-11ubuntu0.1 libzookeeper-st-dev - 3.8.0-11ubuntu0.1 libzookeeper-st2 - 3.8.0-11ubuntu0.1 python3-zookeeper - 3.8.0-11ubuntu0.1 zookeeper - 3.8.0-11ubuntu0.1 zookeeper-bin - 3.8.0-11ubuntu0.1 zookeeperd - 3.8.0-11ubuntu0.1 No subscription required Medium CVE-2019-0201 CVE-2023-44981 Ubuntu 23.10 Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. (CVE-2023-48795) Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-28531) Update Instructions: Run `sudo pro fix USN-6560-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:9.3p1-1ubuntu3.1 openssh-server - 1:9.3p1-1ubuntu3.1 openssh-sftp-server - 1:9.3p1-1ubuntu3.1 openssh-tests - 1:9.3p1-1ubuntu3.1 ssh - 1:9.3p1-1ubuntu3.1 ssh-askpass-gnome - 1:9.3p1-1ubuntu3.1 No subscription required Medium CVE-2023-28531 CVE-2023-48795 Ubuntu 23.10 Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6561-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-4 - 0.10.5-3ubuntu1.1 libssh-dev - 0.10.5-3ubuntu1.1 libssh-doc - 0.10.5-3ubuntu1.1 libssh-gcrypt-4 - 0.10.5-3ubuntu1.1 libssh-gcrypt-dev - 0.10.5-3ubuntu1.1 No subscription required Medium CVE-2023-48795 Ubuntu 23.10 Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.(CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6861, CVE-2023-6862, CVE-2023-6863, CVE-2023-6864) Marcus Brinkmann discovered that Thunderbird did not properly parse a PGP/MIME payload that contains digitally signed text. An attacker could potentially exploit this issue to spoof an email message. (CVE-2023-50762) Marcus Brinkmann discovered that Thunderbird did not properly compare the signature creation date with the message date and time when using digitally signed S/MIME email message. An attacker could potentially exploit this issue to spoof date and time of an email message. (CVE-2023-50761) DoHyun Lee discovered that Thunderbird did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) Andrew Osmond discovered that Thunderbird did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6563-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-dev - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-gnome-support - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-af - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ar - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ast - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-be - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-bg - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-bn - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-bn-bd - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-br - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ca - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-cak - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-cs - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-cy - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-da - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-de - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-dsb - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-el - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-en - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-en-gb - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-en-us - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-es - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-es-ar - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-es-es - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-et - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-eu - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-fa - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-fi - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-fr - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-fy - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-fy-nl - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ga - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ga-ie - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-gd - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-gl - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-he - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-hr - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-hsb - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-hu - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-hy - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-id - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-is - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-it - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ja - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ka - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-kab - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-kk - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ko - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-lt - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-lv - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-mk - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ms - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-nb - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-nb-no - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-nl - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-nn - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-nn-no - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-pa - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-pa-in - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-pl - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-pt - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-pt-br - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-pt-pt - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-rm - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ro - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ru - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-si - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-sk - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-sl - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-sq - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-sr - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-sv - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-sv-se - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ta - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-ta-lk - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-th - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-tr - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-uk - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-uz - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-vi - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-zh-cn - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-zh-hans - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-zh-hant - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-locale-zh-tw - 1:115.6.0+build2-0ubuntu0.23.10.1 thunderbird-mozsymbols - 1:115.6.0+build2-0ubuntu0.23.10.1 xul-ext-calendar-timezones - 1:115.6.0+build2-0ubuntu0.23.10.1 xul-ext-gdata-provider - 1:115.6.0+build2-0ubuntu0.23.10.1 xul-ext-lightning - 1:115.6.0+build2-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-50762 CVE-2023-50761 CVE-2023-6856 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6860 CVE-2023-6861 CVE-2023-6862 CVE-2023-6863 CVE-2023-6864 Ubuntu 23.10 It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-41617) It was discovered that OpenSSH incorrectly added destination constraints when PKCS#11 token keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-51384) It was discovered that OpenSSH incorrectly handled user names or host names with shell metacharacters. An attacker could possibly use this issue to perform OS command injection. (CVE-2023-51385) Update Instructions: Run `sudo pro fix USN-6565-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:9.3p1-1ubuntu3.2 openssh-server - 1:9.3p1-1ubuntu3.2 openssh-sftp-server - 1:9.3p1-1ubuntu3.2 openssh-tests - 1:9.3p1-1ubuntu3.2 ssh - 1:9.3p1-1ubuntu3.2 ssh-askpass-gnome - 1:9.3p1-1ubuntu3.2 No subscription required Medium CVE-2021-41617 CVE-2023-51384 CVE-2023-51385 Ubuntu 23.10 It was discovered that SQLite incorrectly handled certain protection mechanisms when using a CLI script with the --safe option, contrary to expectations. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-46908) It was discovered that SQLite incorrectly handled certain memory operations in the sessions extension. A remote attacker could possibly use this issue to cause SQLite to crash, resulting in a denial of service. (CVE-2023-7104) Update Instructions: Run `sudo pro fix USN-6566-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.42.0-1ubuntu0.1 libsqlite3-0 - 3.42.0-1ubuntu0.1 libsqlite3-dev - 3.42.0-1ubuntu0.1 libsqlite3-tcl - 3.42.0-1ubuntu0.1 sqlite3 - 3.42.0-1ubuntu0.1 sqlite3-doc - 3.42.0-1ubuntu0.1 sqlite3-tools - 3.42.0-1ubuntu0.1 No subscription required Medium CVE-2022-46908 CVE-2023-7104 Ubuntu 23.10 Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-14394) It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and esclate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-24165) It was discovered that QEMU incorrectly handled the Intel HD audio device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-3611) It was discovered that QEMU incorrectly handled the ATI VGA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3638) It was discovered that QEMU incorrectly handled the VMWare paravirtual RDMA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. (CVE-2023-1544) It was discovered that QEMU incorrectly handled the 9p passthrough filesystem. A malicious guest attacker could possibly use this issue to open special files and escape the exported 9p tree. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-2861) It was discovered that QEMU incorrectly handled the virtual crypto device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3180) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote authenticated attacker could possibly use this issue to cause QEMU to stop responding, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3255) It was discovered that QEMU incorrectly handled net device hot-unplugging. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3301) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3354) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-40360) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 23.10. (CVE-2023-4135) It was discovered that QEMU incorrectly handled SCSI devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-42467) It was discovered that QEMU incorrectly handled certain disk offsets. A malicious guest attacker could possibly use this issue to gain control of the host in certain nested virtualization scenarios. (CVE-2023-5088) Update Instructions: Run `sudo pro fix USN-6567-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-block-extra - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-guest-agent - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-arm - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-common - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-data - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-gui - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-mips - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-misc - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-ppc - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-s390x - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-sparc - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-x86 - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-x86-xen - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-system-xen - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-user - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-user-binfmt - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-user-static - 1:8.0.4+dfsg-1ubuntu3.23.10.2 qemu-utils - 1:8.0.4+dfsg-1ubuntu3.23.10.2 No subscription required Medium CVE-2020-14394 CVE-2020-24165 CVE-2021-3611 CVE-2021-3638 CVE-2023-1544 CVE-2023-2861 CVE-2023-3180 CVE-2023-3255 CVE-2023-3301 CVE-2023-3354 CVE-2023-40360 CVE-2023-4135 CVE-2023-42467 CVE-2023-5088 Ubuntu 23.10 The ClamAV package was updated to a new upstream version to remain compatible with signature database downloads. Update Instructions: Run `sudo pro fix USN-6568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clamav - 1.0.4+dfsg-0ubuntu0.23.10.1 clamav-base - 1.0.4+dfsg-0ubuntu0.23.10.1 clamav-daemon - 1.0.4+dfsg-0ubuntu0.23.10.1 clamav-docs - 1.0.4+dfsg-0ubuntu0.23.10.1 clamav-freshclam - 1.0.4+dfsg-0ubuntu0.23.10.1 clamav-milter - 1.0.4+dfsg-0ubuntu0.23.10.1 clamav-testfiles - 1.0.4+dfsg-0ubuntu0.23.10.1 clamdscan - 1.0.4+dfsg-0ubuntu0.23.10.1 libclamav-dev - 1.0.4+dfsg-0ubuntu0.23.10.1 libclamav11 - 1.0.4+dfsg-0ubuntu0.23.10.1 No subscription required None https://launchpad.net/bugs/2046581 Ubuntu 23.10 it was discovered that libclamunrar incorrectly handled directories when extracting RAR archives. A remote attacker could possibly use this issue to overwrite arbitrary files and execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2022-30333) It was discovered that libclamunrar incorrectly validated certain structures when extracting RAR archives. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-40477) Update Instructions: Run `sudo pro fix USN-6569-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clamav-testfiles-rar - 1.0.4-0ubuntu0.23.10.1 libclamunrar - 1.0.4-0ubuntu0.23.10.1 libclamunrar11 - 1.0.4-0ubuntu0.23.10.1 No subscription required Medium CVE-2022-30333 CVE-2023-40477 Ubuntu 23.10 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service (host kernel crash). (CVE-2023-5090) It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5345) Murray McAllister discovered that the VMware Virtual GPU DRM driver in the Linux kernel did not properly handle memory objects when storing surfaces, leading to a use-after-free vulnerability. A local attacker in a guest VM could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5633) Update Instructions: Run `sudo pro fix USN-6572-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-6.5.0-1009 - 6.5.0-1009.9 linux-azure-headers-6.5.0-1009 - 6.5.0-1009.9 linux-azure-tools-6.5.0-1009 - 6.5.0-1009.9 linux-buildinfo-6.5.0-1009-azure - 6.5.0-1009.9 linux-cloud-tools-6.5.0-1009-azure - 6.5.0-1009.9 linux-headers-6.5.0-1009-azure - 6.5.0-1009.9 linux-image-6.5.0-1009-azure - 6.5.0-1009.9 linux-image-6.5.0-1009-azure-fde - 6.5.0-1009.9 linux-image-unsigned-6.5.0-1009-azure - 6.5.0-1009.9 linux-modules-6.5.0-1009-azure - 6.5.0-1009.9 linux-modules-extra-6.5.0-1009-azure - 6.5.0-1009.9 linux-modules-iwlwifi-6.5.0-1009-azure - 6.5.0-1009.9 linux-tools-6.5.0-1009-azure - 6.5.0-1009.9 No subscription required linux-azure - 6.5.0.1009.11 linux-azure-fde - 6.5.0.1009.11 linux-cloud-tools-azure - 6.5.0.1009.11 linux-headers-azure - 6.5.0.1009.11 linux-image-azure - 6.5.0.1009.11 linux-image-azure-fde - 6.5.0.1009.11 linux-modules-extra-azure - 6.5.0.1009.11 linux-modules-iwlwifi-azure - 6.5.0.1009.11 linux-tools-azure - 6.5.0.1009.11 No subscription required High CVE-2023-31085 CVE-2023-4244 CVE-2023-5090 CVE-2023-5345 CVE-2023-5633 Ubuntu 23.10 Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Yikebaer Aizezi discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability when handling inode extent metadata. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-45898) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6573-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-6.5.0-1010 - 6.5.0-1010.10 linux-azure-headers-6.5.0-1010 - 6.5.0-1010.10 linux-azure-tools-6.5.0-1010 - 6.5.0-1010.10 linux-buildinfo-6.5.0-1010-azure - 6.5.0-1010.10 linux-cloud-tools-6.5.0-1010-azure - 6.5.0-1010.10 linux-headers-6.5.0-1010-azure - 6.5.0-1010.10 linux-image-6.5.0-1010-azure - 6.5.0-1010.10 linux-image-6.5.0-1010-azure-fde - 6.5.0-1010.10 linux-image-unsigned-6.5.0-1010-azure - 6.5.0-1010.10 linux-modules-6.5.0-1010-azure - 6.5.0-1010.10 linux-modules-extra-6.5.0-1010-azure - 6.5.0-1010.10 linux-modules-iwlwifi-6.5.0-1010-azure - 6.5.0-1010.10 linux-tools-6.5.0-1010-azure - 6.5.0-1010.10 No subscription required linux-azure - 6.5.0.1010.12 linux-azure-fde - 6.5.0.1010.12 linux-cloud-tools-azure - 6.5.0.1010.12 linux-headers-azure - 6.5.0.1010.12 linux-image-azure - 6.5.0.1010.12 linux-image-azure-fde - 6.5.0.1010.12 linux-modules-extra-azure - 6.5.0.1010.12 linux-modules-iwlwifi-azure - 6.5.0.1010.12 linux-tools-azure - 6.5.0.1010.12 No subscription required Medium CVE-2023-39189 CVE-2023-42754 CVE-2023-45898 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 23.10 Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-39318, CVE-2023-39319) It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time. (CVE-2023-39323) It was discovered that Go did not limit the number of simultaneously executing handler goroutines in the net/http module. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2023-39325, CVE-2023-44487) It was discovered that the Go net/http module did not properly validate the chunk extensions reading from a request or response body. An attacker could possibly use this issue to read sensitive information. (CVE-2023-39326) It was discovered that Go did not properly validate the insecure "git://" protocol when using go get to fetch a module with the ".git" suffix. An attacker could possibly use this issue to bypass secure protocol checks. (CVE-2023-45285) Update Instructions: Run `sudo pro fix USN-6574-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.20 - 1.20.8-1ubuntu0.23.10.1 golang-1.20-doc - 1.20.8-1ubuntu0.23.10.1 golang-1.20-go - 1.20.8-1ubuntu0.23.10.1 golang-1.20-src - 1.20.8-1ubuntu0.23.10.1 No subscription required golang-1.21 - 1.21.1-1ubuntu0.23.10.1 golang-1.21-doc - 1.21.1-1ubuntu0.23.10.1 golang-1.21-go - 1.21.1-1ubuntu0.23.10.1 golang-1.21-src - 1.21.1-1ubuntu0.23.10.1 No subscription required Medium CVE-2023-39318 CVE-2023-39319 CVE-2023-39323 CVE-2023-39325 CVE-2023-39326 CVE-2023-44487 CVE-2023-45285 Ubuntu 23.10 It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly use this issue to perform HTML and script injection attacks. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39348) It was discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay responses and manipulate the responses of second requests. (CVE-2023-46137) Update Instructions: Run `sudo pro fix USN-6575-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-twisted - 22.4.0-4ubuntu0.23.10.1 twisted-doc - 22.4.0-4ubuntu0.23.10.1 No subscription required Medium CVE-2022-39348 CVE-2023-46137 Ubuntu 23.10 Vishal Mishra and Anita Gaud discovered that .NET did not properly validate X.509 certificates with malformed signatures. An attacker could possibly use this issue to bypass an application's typical authentication logic. (CVE-2024-0057) Morgan Brown discovered that .NET did not properly handle requests from unauthenticated clients. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21319) Update Instructions: Run `sudo pro fix USN-6578-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-6.0 - 6.0.126-0ubuntu1~23.10.1 aspnetcore-targeting-pack-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet-apphost-pack-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet-host - 6.0.126-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet-runtime-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet-sdk-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet-sdk-6.0-source-built-artifacts - 6.0.126-0ubuntu1~23.10.1 dotnet-targeting-pack-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet-templates-6.0 - 6.0.126-0ubuntu1~23.10.1 dotnet6 - 6.0.126-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1 - 6.0.126-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-7.0 - 7.0.115-0ubuntu1~23.10.1 aspnetcore-targeting-pack-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-apphost-pack-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-host-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-runtime-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-sdk-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-sdk-7.0-source-built-artifacts - 7.0.115-0ubuntu1~23.10.1 dotnet-targeting-pack-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet-templates-7.0 - 7.0.115-0ubuntu1~23.10.1 dotnet7 - 7.0.115-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-7.0 - 7.0.115-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-8.0 - 8.0.1-0ubuntu1~23.10.1 aspnetcore-targeting-pack-8.0 - 8.0.1-0ubuntu1~23.10.1 dotnet-apphost-pack-8.0 - 8.0.1-0ubuntu1~23.10.1 dotnet-host-8.0 - 8.0.1-0ubuntu1~23.10.1 dotnet-hostfxr-8.0 - 8.0.1-0ubuntu1~23.10.1 dotnet-runtime-8.0 - 8.0.1-0ubuntu1~23.10.1 dotnet-targeting-pack-8.0 - 8.0.1-0ubuntu1~23.10.1 No subscription required dotnet-sdk-8.0 - 8.0.101-0ubuntu1~23.10.1 dotnet-sdk-8.0-source-built-artifacts - 8.0.101-0ubuntu1~23.10.1 dotnet-templates-8.0 - 8.0.101-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-8.0 - 8.0.101-0ubuntu1~23.10.1 No subscription required dotnet8 - 8.0.101-8.0.1-0ubuntu1~23.10.1 No subscription required Medium CVE-2024-0057 CVE-2024-21319 Ubuntu 23.10 USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. Original advisory details: It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6579-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxerces-c-dev - 3.2.4+debian-1ubuntu0.23.10.1 libxerces-c-doc - 3.2.4+debian-1ubuntu0.23.10.1 libxerces-c-samples - 3.2.4+debian-1ubuntu0.23.10.1 libxerces-c3.2 - 3.2.4+debian-1ubuntu0.23.10.1 No subscription required Medium CVE-2018-1311 Ubuntu 23.10 It was discovered that w3m incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6580-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: w3m - 0.5.3+git20230121-2ubuntu0.23.10.1 w3m-img - 0.5.3+git20230121-2ubuntu0.23.10.1 No subscription required Medium CVE-2023-4255 Ubuntu 23.10 Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6582-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.42.4-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-4.1 - 2.42.4-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-6.0 - 2.42.4-0ubuntu0.23.10.1 gir1.2-webkit-6.0 - 2.42.4-0ubuntu0.23.10.1 gir1.2-webkit2-4.0 - 2.42.4-0ubuntu0.23.10.1 gir1.2-webkit2-4.1 - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-18 - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-bin - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-dev - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-0 - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-dev - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-1 - 2.42.4-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-dev - 2.42.4-0ubuntu0.23.10.1 libwebkit2gtk-4.0-37 - 2.42.4-0ubuntu0.23.10.1 libwebkit2gtk-4.0-dev - 2.42.4-0ubuntu0.23.10.1 libwebkit2gtk-4.0-doc - 2.42.4-0ubuntu0.23.10.1 libwebkit2gtk-4.1-0 - 2.42.4-0ubuntu0.23.10.1 libwebkit2gtk-4.1-dev - 2.42.4-0ubuntu0.23.10.1 libwebkitgtk-6.0-4 - 2.42.4-0ubuntu0.23.10.1 libwebkitgtk-6.0-dev - 2.42.4-0ubuntu0.23.10.1 webkit2gtk-driver - 2.42.4-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-42883 Ubuntu 23.10 Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6585-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh2-1 - 1.11.0-2ubuntu0.1 libssh2-1-dev - 1.11.0-2ubuntu0.1 No subscription required Medium CVE-2023-48795 Ubuntu 23.10 It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-12211) It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-12213) It was discovered that FreeImage incorrectly processed certain images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-21427, CVE-2020-21428) It was discovered that FreeImage incorrectly processed certain images. If a user or automated system were tricked into opening a specially crafted PFM file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22524) Update Instructions: Run `sudo pro fix USN-6586-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreeimage-dev - 3.18.0+ds2-9.1ubuntu0.1 libfreeimage3 - 3.18.0+ds2-9.1ubuntu0.1 libfreeimageplus-dev - 3.18.0+ds2-9.1ubuntu0.1 libfreeimageplus-doc - 3.18.0+ds2-9.1ubuntu0.1 libfreeimageplus3 - 3.18.0+ds2-9.1ubuntu0.1 No subscription required Medium CVE-2019-12211 CVE-2019-12213 CVE-2020-21427 CVE-2020-21428 CVE-2020-22524 Ubuntu 23.10 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21886) Update Instructions: Run `sudo pro fix USN-6587-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xnest - 2:21.1.7-3ubuntu2.6 xorg-server-source - 2:21.1.7-3ubuntu2.6 xserver-common - 2:21.1.7-3ubuntu2.6 xserver-xephyr - 2:21.1.7-3ubuntu2.6 xserver-xorg-core - 2:21.1.7-3ubuntu2.6 xserver-xorg-dev - 2:21.1.7-3ubuntu2.6 xserver-xorg-legacy - 2:21.1.7-3ubuntu2.6 xvfb - 2:21.1.7-3ubuntu2.6 No subscription required xwayland - 2:23.2.0-1ubuntu0.4 No subscription required Medium CVE-2023-6816 CVE-2024-0229 CVE-2024-0408 CVE-2024-0409 CVE-2024-21885 CVE-2024-21886 Ubuntu 23.10 USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21886) Update Instructions: Run `sudo pro fix USN-6587-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xnest - 2:21.1.7-3ubuntu2.7 xorg-server-source - 2:21.1.7-3ubuntu2.7 xserver-common - 2:21.1.7-3ubuntu2.7 xserver-xephyr - 2:21.1.7-3ubuntu2.7 xserver-xorg-core - 2:21.1.7-3ubuntu2.7 xserver-xorg-dev - 2:21.1.7-3ubuntu2.7 xserver-xorg-legacy - 2:21.1.7-3ubuntu2.7 xvfb - 2:21.1.7-3ubuntu2.7 No subscription required None https://launchpad.net/bugs/2051536 Ubuntu 23.10 Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6588-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-doc - 1.5.2-6ubuntu1.1 libpam-modules - 1.5.2-6ubuntu1.1 libpam-modules-bin - 1.5.2-6ubuntu1.1 libpam-runtime - 1.5.2-6ubuntu1.1 libpam0g - 1.5.2-6ubuntu1.1 libpam0g-dev - 1.5.2-6ubuntu1.1 No subscription required Medium CVE-2024-22365 Ubuntu 23.10 Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6589-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: filezilla - 3.65.0-3ubuntu0.1 filezilla-common - 3.65.0-3ubuntu0.1 No subscription required Medium CVE-2023-48795 Ubuntu 23.10 Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility. Information can be found at https://www.postfix.org/smtp-smuggling.html. Update Instructions: Run `sudo pro fix USN-6591-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfix - 3.8.1-2ubuntu0.1 postfix-cdb - 3.8.1-2ubuntu0.1 postfix-doc - 3.8.1-2ubuntu0.1 postfix-ldap - 3.8.1-2ubuntu0.1 postfix-lmdb - 3.8.1-2ubuntu0.1 postfix-mysql - 3.8.1-2ubuntu0.1 postfix-pcre - 3.8.1-2ubuntu0.1 postfix-pgsql - 3.8.1-2ubuntu0.1 postfix-sqlite - 3.8.1-2ubuntu0.1 No subscription required Medium CVE-2023-51764 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2049337 Ubuntu 23.10 USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability. We apologize for the inconvenience. Original advisory details: Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility. Information can be found at https://www.postfix.org/smtp-smuggling.html. Update Instructions: Run `sudo pro fix USN-6591-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfix - 3.8.1-2ubuntu0.2 postfix-cdb - 3.8.1-2ubuntu0.2 postfix-doc - 3.8.1-2ubuntu0.2 postfix-ldap - 3.8.1-2ubuntu0.2 postfix-lmdb - 3.8.1-2ubuntu0.2 postfix-mysql - 3.8.1-2ubuntu0.2 postfix-pcre - 3.8.1-2ubuntu0.2 postfix-pgsql - 3.8.1-2ubuntu0.2 postfix-sqlite - 3.8.1-2ubuntu0.2 No subscription required Medium CVE-2023-51764 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2049337 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2050834 Ubuntu 23.10 It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this issue to inject malicious code into the command of the features mentioned through the hostname parameter. (CVE-2023-6004) It was discovered that libssh incorrectly handled return codes when performing message digest operations. A remote attacker could possibly use this issue to cause libssh to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6918) Update Instructions: Run `sudo pro fix USN-6592-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-4 - 0.10.5-3ubuntu1.2 libssh-dev - 0.10.5-3ubuntu1.2 libssh-doc - 0.10.5-3ubuntu1.2 libssh-gcrypt-4 - 0.10.5-3ubuntu1.2 libssh-gcrypt-dev - 0.10.5-3ubuntu1.2 No subscription required Medium CVE-2023-6004 CVE-2023-6918 Ubuntu 23.10 It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-0553) It was discovered that GnuTLS incorrectly handled certain certificate chains with a cross-signing loop. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2024-0567) Update Instructions: Run `sudo pro fix USN-6593-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.8.1-4ubuntu1.2 gnutls-doc - 3.8.1-4ubuntu1.2 libgnutls-dane0 - 3.8.1-4ubuntu1.2 libgnutls-openssl27 - 3.8.1-4ubuntu1.2 libgnutls28-dev - 3.8.1-4ubuntu1.2 libgnutls30 - 3.8.1-4ubuntu1.2 No subscription required Medium CVE-2024-0553 CVE-2024-0567 Ubuntu 23.10 Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-49285) Joshua Rogers discovered that Squid incorrectly handled Helper process management. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-49286) Joshua Rogers discovered that Squid incorrectly handled HTTP request parsing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-50269) Update Instructions: Run `sudo pro fix USN-6594-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 6.1-2ubuntu1.2 squid-cgi - 6.1-2ubuntu1.2 squid-common - 6.1-2ubuntu1.2 squid-openssl - 6.1-2ubuntu1.2 squid-purge - 6.1-2ubuntu1.2 squidclient - 6.1-2ubuntu1.2 No subscription required Medium CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Ubuntu 23.10 It was discovered that Puma incorrectly handled parsing chunked transfer encoding bodies. A remote attacker could possibly use this issue to cause Puma to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6597-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: puma - 5.6.5-4ubuntu2.1 No subscription required Medium CVE-2024-21647 Ubuntu 23.10 Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6598-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: paramiko-doc - 2.12.0-2ubuntu1.23.10.2 python3-paramiko - 2.12.0-2ubuntu1.23.10.2 No subscription required Medium CVE-2023-48795 Ubuntu 23.10 Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-28493) It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS. (CVE-2024-22195) Update Instructions: Run `sudo pro fix USN-6599-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2-doc - 3.1.2-1ubuntu0.23.10.1 python3-jinja2 - 3.1.2-1ubuntu0.23.10.1 No subscription required Medium CVE-2020-28493 CVE-2024-22195 Ubuntu 23.10 Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10. CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-6600-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmariadb-dev - 1:10.11.6-0ubuntu0.23.10.2 libmariadb-dev-compat - 1:10.11.6-0ubuntu0.23.10.2 libmariadb3 - 1:10.11.6-0ubuntu0.23.10.2 libmariadbd-dev - 1:10.11.6-0ubuntu0.23.10.2 libmariadbd19 - 1:10.11.6-0ubuntu0.23.10.2 mariadb-backup - 1:10.11.6-0ubuntu0.23.10.2 mariadb-client - 1:10.11.6-0ubuntu0.23.10.2 mariadb-client-core - 1:10.11.6-0ubuntu0.23.10.2 mariadb-common - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-connect - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-cracklib-password-check - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-gssapi-client - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-gssapi-server - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-hashicorp-key-management - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-mroonga - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-oqgraph - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-provider-bzip2 - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-provider-lz4 - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-provider-lzma - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-provider-lzo - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-provider-snappy - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-rocksdb - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-s3 - 1:10.11.6-0ubuntu0.23.10.2 mariadb-plugin-spider - 1:10.11.6-0ubuntu0.23.10.2 mariadb-server - 1:10.11.6-0ubuntu0.23.10.2 mariadb-server-10.5 - 1:10.11.6-0ubuntu0.23.10.2 mariadb-server-core - 1:10.11.6-0ubuntu0.23.10.2 mariadb-test - 1:10.11.6-0ubuntu0.23.10.2 mariadb-test-data - 1:10.11.6-0ubuntu0.23.10.2 No subscription required Medium CVE-2022-47015 CVE-2023-22084 Ubuntu 23.10 It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6608-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1006-starfive - 6.5.0-1006.7 linux-headers-6.5.0-1006-starfive - 6.5.0-1006.7 linux-image-6.5.0-1006-starfive - 6.5.0-1006.7 linux-modules-6.5.0-1006-starfive - 6.5.0-1006.7 linux-modules-extra-6.5.0-1006-starfive - 6.5.0-1006.7 linux-starfive-headers-6.5.0-1006 - 6.5.0-1006.7 linux-starfive-tools-6.5.0-1006 - 6.5.0-1006.7 linux-tools-6.5.0-1006-starfive - 6.5.0-1006.7 No subscription required linux-buildinfo-6.5.0-1008-laptop - 6.5.0-1008.11 linux-headers-6.5.0-1008-laptop - 6.5.0-1008.11 linux-image-6.5.0-1008-laptop - 6.5.0-1008.11 linux-laptop-headers-6.5.0-1008 - 6.5.0-1008.11 linux-laptop-tools-6.5.0-1008 - 6.5.0-1008.11 linux-modules-6.5.0-1008-laptop - 6.5.0-1008.11 linux-tools-6.5.0-1008-laptop - 6.5.0-1008.11 No subscription required linux-buildinfo-6.5.0-1009-raspi - 6.5.0-1009.12 linux-headers-6.5.0-1009-raspi - 6.5.0-1009.12 linux-image-6.5.0-1009-raspi - 6.5.0-1009.12 linux-modules-6.5.0-1009-raspi - 6.5.0-1009.12 linux-modules-extra-6.5.0-1009-raspi - 6.5.0-1009.12 linux-raspi-headers-6.5.0-1009 - 6.5.0-1009.12 linux-raspi-tools-6.5.0-1009 - 6.5.0-1009.12 linux-tools-6.5.0-1009-raspi - 6.5.0-1009.12 No subscription required linux-azure-cloud-tools-6.5.0-1011 - 6.5.0-1011.11 linux-azure-headers-6.5.0-1011 - 6.5.0-1011.11 linux-azure-tools-6.5.0-1011 - 6.5.0-1011.11 linux-buildinfo-6.5.0-1011-azure - 6.5.0-1011.11 linux-buildinfo-6.5.0-1011-gcp - 6.5.0-1011.11 linux-cloud-tools-6.5.0-1011-azure - 6.5.0-1011.11 linux-gcp-headers-6.5.0-1011 - 6.5.0-1011.11 linux-gcp-tools-6.5.0-1011 - 6.5.0-1011.11 linux-headers-6.5.0-1011-azure - 6.5.0-1011.11 linux-headers-6.5.0-1011-gcp - 6.5.0-1011.11 linux-image-6.5.0-1011-azure - 6.5.0-1011.11 linux-image-6.5.0-1011-azure-fde - 6.5.0-1011.11 linux-image-6.5.0-1011-gcp - 6.5.0-1011.11 linux-image-unsigned-6.5.0-1011-azure - 6.5.0-1011.11 linux-image-unsigned-6.5.0-1011-gcp - 6.5.0-1011.11 linux-modules-6.5.0-1011-azure - 6.5.0-1011.11 linux-modules-6.5.0-1011-gcp - 6.5.0-1011.11 linux-modules-extra-6.5.0-1011-azure - 6.5.0-1011.11 linux-modules-extra-6.5.0-1011-gcp - 6.5.0-1011.11 linux-modules-iwlwifi-6.5.0-1011-azure - 6.5.0-1011.11 linux-modules-iwlwifi-6.5.0-1011-gcp - 6.5.0-1011.11 linux-tools-6.5.0-1011-azure - 6.5.0-1011.11 linux-tools-6.5.0-1011-gcp - 6.5.0-1011.11 No subscription required linux-aws-cloud-tools-6.5.0-1012 - 6.5.0-1012.12 linux-aws-headers-6.5.0-1012 - 6.5.0-1012.12 linux-aws-tools-6.5.0-1012 - 6.5.0-1012.12 linux-buildinfo-6.5.0-1012-aws - 6.5.0-1012.12 linux-cloud-tools-6.5.0-1012-aws - 6.5.0-1012.12 linux-headers-6.5.0-1012-aws - 6.5.0-1012.12 linux-image-6.5.0-1012-aws - 6.5.0-1012.12 linux-image-unsigned-6.5.0-1012-aws - 6.5.0-1012.12 linux-modules-6.5.0-1012-aws - 6.5.0-1012.12 linux-modules-extra-6.5.0-1012-aws - 6.5.0-1012.12 linux-tools-6.5.0-1012-aws - 6.5.0-1012.12 No subscription required linux-buildinfo-6.5.0-1014-oracle - 6.5.0-1014.14 linux-headers-6.5.0-1014-oracle - 6.5.0-1014.14 linux-image-6.5.0-1014-oracle - 6.5.0-1014.14 linux-image-unsigned-6.5.0-1014-oracle - 6.5.0-1014.14 linux-modules-6.5.0-1014-oracle - 6.5.0-1014.14 linux-modules-extra-6.5.0-1014-oracle - 6.5.0-1014.14 linux-modules-iwlwifi-6.5.0-1014-oracle - 6.5.0-1014.14 linux-oracle-headers-6.5.0-1014 - 6.5.0-1014.14 linux-oracle-tools-6.5.0-1014 - 6.5.0-1014.14 linux-tools-6.5.0-1014-oracle - 6.5.0-1014.14 No subscription required linux-buildinfo-6.5.0-15-generic - 6.5.0-15.15 linux-buildinfo-6.5.0-15-generic-64k - 6.5.0-15.15 linux-cloud-tools-6.5.0-15 - 6.5.0-15.15 linux-cloud-tools-6.5.0-15-generic - 6.5.0-15.15 linux-cloud-tools-common - 6.5.0-15.15 linux-doc - 6.5.0-15.15 linux-headers-6.5.0-15 - 6.5.0-15.15 linux-headers-6.5.0-15-generic - 6.5.0-15.15 linux-headers-6.5.0-15-generic-64k - 6.5.0-15.15 linux-image-6.5.0-15-generic - 6.5.0-15.15 linux-image-6.5.0-15-generic-64k - 6.5.0-15.15 linux-image-uc-6.5.0-15-generic - 6.5.0-15.15 linux-image-uc-6.5.0-15-generic-64k - 6.5.0-15.15 linux-image-unsigned-6.5.0-15-generic - 6.5.0-15.15 linux-image-unsigned-6.5.0-15-generic-64k - 6.5.0-15.15 linux-lib-rust-6.5.0-15-generic - 6.5.0-15.15 linux-libc-dev - 6.5.0-15.15 linux-modules-6.5.0-15-generic - 6.5.0-15.15 linux-modules-6.5.0-15-generic-64k - 6.5.0-15.15 linux-modules-extra-6.5.0-15-generic - 6.5.0-15.15 linux-modules-ipu6-6.5.0-15-generic - 6.5.0-15.15 linux-modules-ivsc-6.5.0-15-generic - 6.5.0-15.15 linux-modules-iwlwifi-6.5.0-15-generic - 6.5.0-15.15 linux-source-6.5.0 - 6.5.0-15.15 linux-tools-6.5.0-15 - 6.5.0-15.15 linux-tools-6.5.0-15-generic - 6.5.0-15.15 linux-tools-6.5.0-15-generic-64k - 6.5.0-15.15 linux-tools-common - 6.5.0-15.15 linux-tools-host - 6.5.0-15.15 No subscription required linux-buildinfo-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-buildinfo-6.5.0-15-lowlatency-64k - 6.5.0-15.15.1 linux-cloud-tools-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-headers-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-headers-6.5.0-15-lowlatency-64k - 6.5.0-15.15.1 linux-image-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-image-6.5.0-15-lowlatency-64k - 6.5.0-15.15.1 linux-image-unsigned-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-image-unsigned-6.5.0-15-lowlatency-64k - 6.5.0-15.15.1 linux-lowlatency-cloud-tools-6.5.0-15 - 6.5.0-15.15.1 linux-lowlatency-cloud-tools-common - 6.5.0-15.15.1 linux-lowlatency-headers-6.5.0-15 - 6.5.0-15.15.1 linux-lowlatency-lib-rust-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-lowlatency-tools-6.5.0-15 - 6.5.0-15.15.1 linux-lowlatency-tools-common - 6.5.0-15.15.1 linux-lowlatency-tools-host - 6.5.0-15.15.1 linux-modules-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-modules-6.5.0-15-lowlatency-64k - 6.5.0-15.15.1 linux-modules-iwlwifi-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-tools-6.5.0-15-lowlatency - 6.5.0-15.15.1 linux-tools-6.5.0-15-lowlatency-64k - 6.5.0-15.15.1 No subscription required linux-headers-starfive - 6.5.0.1006.8 linux-image-starfive - 6.5.0.1006.8 linux-starfive - 6.5.0.1006.8 linux-tools-starfive - 6.5.0.1006.8 No subscription required linux-headers-laptop-23.10 - 6.5.0.1008.11 linux-image-laptop-23.10 - 6.5.0.1008.11 linux-laptop-23.10 - 6.5.0.1008.11 linux-tools-laptop-23.10 - 6.5.0.1008.11 No subscription required linux-headers-raspi - 6.5.0.1009.10 linux-headers-raspi-nolpae - 6.5.0.1009.10 linux-image-raspi - 6.5.0.1009.10 linux-image-raspi-nolpae - 6.5.0.1009.10 linux-modules-extra-raspi - 6.5.0.1009.10 linux-modules-extra-raspi-nolpae - 6.5.0.1009.10 linux-raspi - 6.5.0.1009.10 linux-raspi-nolpae - 6.5.0.1009.10 linux-tools-raspi - 6.5.0.1009.10 linux-tools-raspi-nolpae - 6.5.0.1009.10 No subscription required linux-gcp - 6.5.0.1011.11 linux-headers-gcp - 6.5.0.1011.11 linux-image-gcp - 6.5.0.1011.11 linux-modules-extra-gcp - 6.5.0.1011.11 linux-modules-iwlwifi-gcp - 6.5.0.1011.11 linux-tools-gcp - 6.5.0.1011.11 No subscription required linux-azure - 6.5.0.1011.13 linux-azure-fde - 6.5.0.1011.13 linux-cloud-tools-azure - 6.5.0.1011.13 linux-headers-azure - 6.5.0.1011.13 linux-image-azure - 6.5.0.1011.13 linux-image-azure-fde - 6.5.0.1011.13 linux-modules-extra-azure - 6.5.0.1011.13 linux-modules-iwlwifi-azure - 6.5.0.1011.13 linux-tools-azure - 6.5.0.1011.13 No subscription required linux-aws - 6.5.0.1012.12 linux-headers-aws - 6.5.0.1012.12 linux-image-aws - 6.5.0.1012.12 linux-modules-extra-aws - 6.5.0.1012.12 linux-tools-aws - 6.5.0.1012.12 No subscription required linux-headers-oracle - 6.5.0.1014.14 linux-image-oracle - 6.5.0.1014.14 linux-modules-iwlwifi-oracle - 6.5.0.1014.14 linux-oracle - 6.5.0.1014.14 linux-tools-oracle - 6.5.0.1014.14 No subscription required linux-cloud-tools-lowlatency - 6.5.0.15.15.13 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.15.15.13 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.15.15.13 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.15.15.13 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.15.15.13 linux-headers-lowlatency - 6.5.0.15.15.13 linux-headers-lowlatency-64k - 6.5.0.15.15.13 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.15.15.13 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.15.15.13 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.15.15.13 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.15.15.13 linux-headers-lowlatency-hwe-20.04 - 6.5.0.15.15.13 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.15.15.13 linux-headers-lowlatency-hwe-22.04 - 6.5.0.15.15.13 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.15.15.13 linux-image-lowlatency - 6.5.0.15.15.13 linux-image-lowlatency-64k - 6.5.0.15.15.13 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.15.15.13 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.15.15.13 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.15.15.13 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.15.15.13 linux-image-lowlatency-hwe-20.04 - 6.5.0.15.15.13 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.15.15.13 linux-image-lowlatency-hwe-22.04 - 6.5.0.15.15.13 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.15.15.13 linux-lowlatency - 6.5.0.15.15.13 linux-lowlatency-64k - 6.5.0.15.15.13 linux-lowlatency-64k-hwe-20.04 - 6.5.0.15.15.13 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.15.15.13 linux-lowlatency-64k-hwe-22.04 - 6.5.0.15.15.13 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.15.15.13 linux-lowlatency-hwe-20.04 - 6.5.0.15.15.13 linux-lowlatency-hwe-20.04-edge - 6.5.0.15.15.13 linux-lowlatency-hwe-22.04 - 6.5.0.15.15.13 linux-lowlatency-hwe-22.04-edge - 6.5.0.15.15.13 linux-modules-iwlwifi-lowlatency - 6.5.0.15.15.13 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.15.15.13 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.15.15.13 linux-tools-lowlatency - 6.5.0.15.15.13 linux-tools-lowlatency-64k - 6.5.0.15.15.13 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.15.15.13 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.15.15.13 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.15.15.13 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.15.15.13 linux-tools-lowlatency-hwe-20.04 - 6.5.0.15.15.13 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.15.15.13 linux-tools-lowlatency-hwe-22.04 - 6.5.0.15.15.13 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.15.15.13 No subscription required linux-cloud-tools-generic - 6.5.0.15.17 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.15.17 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.15.17 linux-cloud-tools-virtual - 6.5.0.15.17 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.15.17 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.15.17 linux-crashdump - 6.5.0.15.17 linux-generic - 6.5.0.15.17 linux-generic-64k - 6.5.0.15.17 linux-generic-64k-hwe-22.04 - 6.5.0.15.17 linux-generic-64k-hwe-22.04-edge - 6.5.0.15.17 linux-generic-hwe-22.04 - 6.5.0.15.17 linux-generic-hwe-22.04-edge - 6.5.0.15.17 linux-generic-lpae - 6.5.0.15.17 linux-headers-generic - 6.5.0.15.17 linux-headers-generic-64k - 6.5.0.15.17 linux-headers-generic-64k-hwe-22.04 - 6.5.0.15.17 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.15.17 linux-headers-generic-hwe-22.04 - 6.5.0.15.17 linux-headers-generic-hwe-22.04-edge - 6.5.0.15.17 linux-headers-generic-lpae - 6.5.0.15.17 linux-headers-kvm - 6.5.0.15.17 linux-headers-oem-22.04 - 6.5.0.15.17 linux-headers-virtual - 6.5.0.15.17 linux-headers-virtual-hwe-22.04 - 6.5.0.15.17 linux-headers-virtual-hwe-22.04-edge - 6.5.0.15.17 linux-image-extra-virtual - 6.5.0.15.17 linux-image-extra-virtual-hwe-22.04 - 6.5.0.15.17 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.15.17 linux-image-generic - 6.5.0.15.17 linux-image-generic-64k - 6.5.0.15.17 linux-image-generic-64k-hwe-22.04 - 6.5.0.15.17 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.15.17 linux-image-generic-hwe-22.04 - 6.5.0.15.17 linux-image-generic-hwe-22.04-edge - 6.5.0.15.17 linux-image-generic-lpae - 6.5.0.15.17 linux-image-kvm - 6.5.0.15.17 linux-image-oem-22.04 - 6.5.0.15.17 linux-image-uc-generic - 6.5.0.15.17 linux-image-uc-generic-hwe-22.04 - 6.5.0.15.17 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.15.17 linux-image-virtual - 6.5.0.15.17 linux-image-virtual-hwe-22.04 - 6.5.0.15.17 linux-image-virtual-hwe-22.04-edge - 6.5.0.15.17 linux-kvm - 6.5.0.15.17 linux-modules-ipu6-generic - 6.5.0.15.17 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.15.17 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.15.17 linux-modules-ipu6-oem-22.04 - 6.5.0.15.17 linux-modules-ivsc-generic - 6.5.0.15.17 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.15.17 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.15.17 linux-modules-ivsc-oem-22.04 - 6.5.0.15.17 linux-modules-iwlwifi-generic - 6.5.0.15.17 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.15.17 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.15.17 linux-modules-iwlwifi-oem-22.04 - 6.5.0.15.17 linux-oem-22.04 - 6.5.0.15.17 linux-source - 6.5.0.15.17 linux-tools-generic - 6.5.0.15.17 linux-tools-generic-64k - 6.5.0.15.17 linux-tools-generic-64k-hwe-22.04 - 6.5.0.15.17 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.15.17 linux-tools-generic-hwe-22.04 - 6.5.0.15.17 linux-tools-generic-hwe-22.04-edge - 6.5.0.15.17 linux-tools-generic-lpae - 6.5.0.15.17 linux-tools-kvm - 6.5.0.15.17 linux-tools-oem-22.04 - 6.5.0.15.17 linux-tools-virtual - 6.5.0.15.17 linux-tools-virtual-hwe-22.04 - 6.5.0.15.17 linux-tools-virtual-hwe-22.04-edge - 6.5.0.15.17 linux-virtual - 6.5.0.15.17 linux-virtual-hwe-22.04 - 6.5.0.15.17 linux-virtual-hwe-22.04-edge - 6.5.0.15.17 No subscription required High CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 23.10 It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. Update Instructions: Run `sudo pro fix USN-6611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.96-17ubuntu2.2 exim4-base - 4.96-17ubuntu2.2 exim4-config - 4.96-17ubuntu2.2 exim4-daemon-heavy - 4.96-17ubuntu2.2 exim4-daemon-light - 4.96-17ubuntu2.2 exim4-dev - 4.96-17ubuntu2.2 eximon4 - 4.96-17ubuntu2.2 No subscription required Medium CVE-2023-51766 Ubuntu 23.10 It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6612-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtinyxml-dev - 2.6.2-6ubuntu0.23.10.1 libtinyxml-doc - 2.6.2-6ubuntu0.23.10.1 libtinyxml2.6.2v5 - 2.6.2-6ubuntu0.23.10.1 No subscription required Medium CVE-2023-34194 Ubuntu 23.10 Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An uprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket. Update Instructions: Run `sudo pro fix USN-6613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ceph - 18.2.0-0ubuntu3.1 ceph-base - 18.2.0-0ubuntu3.1 ceph-common - 18.2.0-0ubuntu3.1 ceph-fuse - 18.2.0-0ubuntu3.1 ceph-grafana-dashboards - 18.2.0-0ubuntu3.1 ceph-immutable-object-cache - 18.2.0-0ubuntu3.1 ceph-mds - 18.2.0-0ubuntu3.1 ceph-mgr - 18.2.0-0ubuntu3.1 ceph-mgr-cephadm - 18.2.0-0ubuntu3.1 ceph-mgr-dashboard - 18.2.0-0ubuntu3.1 ceph-mgr-diskprediction-local - 18.2.0-0ubuntu3.1 ceph-mgr-k8sevents - 18.2.0-0ubuntu3.1 ceph-mgr-modules-core - 18.2.0-0ubuntu3.1 ceph-mgr-rook - 18.2.0-0ubuntu3.1 ceph-mon - 18.2.0-0ubuntu3.1 ceph-osd - 18.2.0-0ubuntu3.1 ceph-prometheus-alerts - 18.2.0-0ubuntu3.1 ceph-resource-agents - 18.2.0-0ubuntu3.1 ceph-volume - 18.2.0-0ubuntu3.1 cephadm - 18.2.0-0ubuntu3.1 cephfs-mirror - 18.2.0-0ubuntu3.1 cephfs-shell - 18.2.0-0ubuntu3.1 crimson-osd - 18.2.0-0ubuntu3.1 libcephfs-dev - 18.2.0-0ubuntu3.1 libcephfs-java - 18.2.0-0ubuntu3.1 libcephfs-jni - 18.2.0-0ubuntu3.1 libcephfs2 - 18.2.0-0ubuntu3.1 librados-dev - 18.2.0-0ubuntu3.1 librados2 - 18.2.0-0ubuntu3.1 libradospp-dev - 18.2.0-0ubuntu3.1 libradosstriper-dev - 18.2.0-0ubuntu3.1 libradosstriper1 - 18.2.0-0ubuntu3.1 librbd-dev - 18.2.0-0ubuntu3.1 librbd1 - 18.2.0-0ubuntu3.1 librgw-dev - 18.2.0-0ubuntu3.1 librgw2 - 18.2.0-0ubuntu3.1 libsqlite3-mod-ceph - 18.2.0-0ubuntu3.1 libsqlite3-mod-ceph-dev - 18.2.0-0ubuntu3.1 python3-ceph - 18.2.0-0ubuntu3.1 python3-ceph-argparse - 18.2.0-0ubuntu3.1 python3-ceph-common - 18.2.0-0ubuntu3.1 python3-cephfs - 18.2.0-0ubuntu3.1 python3-rados - 18.2.0-0ubuntu3.1 python3-rbd - 18.2.0-0ubuntu3.1 python3-rgw - 18.2.0-0ubuntu3.1 rados-objclass-dev - 18.2.0-0ubuntu3.1 radosgw - 18.2.0-0ubuntu3.1 rbd-fuse - 18.2.0-0ubuntu3.1 rbd-mirror - 18.2.0-0ubuntu3.1 rbd-nbd - 18.2.0-0ubuntu3.1 No subscription required Medium CVE-2023-43040 Ubuntu 23.10 It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack. Update Instructions: Run `sudo pro fix USN-6614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-11ubuntu0.23.10.1 amanda-common - 1:3.5.1-11ubuntu0.23.10.1 amanda-server - 1:3.5.1-11ubuntu0.23.10.1 No subscription required Medium CVE-2023-30577 Ubuntu 23.10 Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-36.html https://www.oracle.com/security-alerts/cpujan2024.html Update Instructions: Run `sudo pro fix USN-6615-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.36-0ubuntu0.23.10.1 libmysqlclient21 - 8.0.36-0ubuntu0.23.10.1 mysql-client - 8.0.36-0ubuntu0.23.10.1 mysql-client-8.0 - 8.0.36-0ubuntu0.23.10.1 mysql-client-core-8.0 - 8.0.36-0ubuntu0.23.10.1 mysql-router - 8.0.36-0ubuntu0.23.10.1 mysql-server - 8.0.36-0ubuntu0.23.10.1 mysql-server-8.0 - 8.0.36-0ubuntu0.23.10.1 mysql-server-core-8.0 - 8.0.36-0ubuntu0.23.10.1 mysql-source-8.0 - 8.0.36-0ubuntu0.23.10.1 mysql-testsuite - 8.0.36-0ubuntu0.23.10.1 mysql-testsuite-8.0 - 8.0.36-0ubuntu0.23.10.1 No subscription required Medium CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 Ubuntu 23.10 It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-44271) Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code. (CVE-2023-50447) Update Instructions: Run `sudo pro fix USN-6618-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil-doc - 10.0.0-1ubuntu0.1 python3-pil - 10.0.0-1ubuntu0.1 python3-pil.imagetk - 10.0.0-1ubuntu0.1 No subscription required Medium CVE-2023-44271 CVE-2023-50447 Ubuntu 23.10 Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions. Update Instructions: Run `sudo pro fix USN-6619-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.1.7-0ubuntu2.2 runc - 1.1.7-0ubuntu2.2 No subscription required High CVE-2024-21626 Ubuntu 23.10 It was discovered that the GNU C Library incorrectly handled the syslog() function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-6620-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glibc-doc - 2.38-1ubuntu6.1 glibc-source - 2.38-1ubuntu6.1 libc-bin - 2.38-1ubuntu6.1 libc-dev-bin - 2.38-1ubuntu6.1 libc-devtools - 2.38-1ubuntu6.1 libc6 - 2.38-1ubuntu6.1 libc6-amd64 - 2.38-1ubuntu6.1 libc6-dev - 2.38-1ubuntu6.1 libc6-dev-amd64 - 2.38-1ubuntu6.1 libc6-dev-i386 - 2.38-1ubuntu6.1 libc6-dev-s390 - 2.38-1ubuntu6.1 libc6-dev-x32 - 2.38-1ubuntu6.1 libc6-i386 - 2.38-1ubuntu6.1 libc6-prof - 2.38-1ubuntu6.1 libc6-s390 - 2.38-1ubuntu6.1 libc6-x32 - 2.38-1ubuntu6.1 locales - 2.38-1ubuntu6.1 locales-all - 2.38-1ubuntu6.1 nscd - 2.38-1ubuntu6.1 No subscription required Medium CVE-2023-6246 CVE-2023-6779 CVE-2023-6780 Ubuntu 23.10 David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. (CVE-2023-5678) Sverker Eriksson discovered that OpenSSL incorrectly handled POLY1304 MAC on the PowerPC architecture. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-6129) It was discovered that OpenSSL incorrectly handled excessively long RSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-6237) Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed PKCS12 files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2024-0727) Update Instructions: Run `sudo pro fix USN-6622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 3.0.10-1ubuntu2.2 libssl-doc - 3.0.10-1ubuntu2.2 libssl3 - 3.0.10-1ubuntu2.2 openssl - 3.0.10-1ubuntu2.2 No subscription required Low CVE-2023-5678 CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 Ubuntu 23.10 It was discovered that Django incorrectly handled certain inputs that uses intcomma template filter. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 3:4.2.4-1ubuntu2.1 python3-django - 3:4.2.4-1ubuntu2.1 No subscription required Medium CVE-2024-24680 Ubuntu 23.10 Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that the netfilter subsystem in the Linux kernel did not properly validate inner tunnel netlink attributes, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-5972) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Jann Horn discovered that a race condition existed in the Linux kernel when handling io_uring over sockets, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6531) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6624-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1007-starfive - 6.5.0-1007.8 linux-headers-6.5.0-1007-starfive - 6.5.0-1007.8 linux-image-6.5.0-1007-starfive - 6.5.0-1007.8 linux-modules-6.5.0-1007-starfive - 6.5.0-1007.8 linux-modules-extra-6.5.0-1007-starfive - 6.5.0-1007.8 linux-starfive-headers-6.5.0-1007 - 6.5.0-1007.8 linux-starfive-tools-6.5.0-1007 - 6.5.0-1007.8 linux-tools-6.5.0-1007-starfive - 6.5.0-1007.8 No subscription required linux-buildinfo-6.5.0-1009-laptop - 6.5.0-1009.12 linux-headers-6.5.0-1009-laptop - 6.5.0-1009.12 linux-image-6.5.0-1009-laptop - 6.5.0-1009.12 linux-laptop-headers-6.5.0-1009 - 6.5.0-1009.12 linux-laptop-tools-6.5.0-1009 - 6.5.0-1009.12 linux-modules-6.5.0-1009-laptop - 6.5.0-1009.12 linux-tools-6.5.0-1009-laptop - 6.5.0-1009.12 No subscription required linux-buildinfo-6.5.0-1010-raspi - 6.5.0-1010.13 linux-headers-6.5.0-1010-raspi - 6.5.0-1010.13 linux-image-6.5.0-1010-raspi - 6.5.0-1010.13 linux-modules-6.5.0-1010-raspi - 6.5.0-1010.13 linux-modules-extra-6.5.0-1010-raspi - 6.5.0-1010.13 linux-raspi-headers-6.5.0-1010 - 6.5.0-1010.13 linux-raspi-tools-6.5.0-1010 - 6.5.0-1010.13 linux-tools-6.5.0-1010-raspi - 6.5.0-1010.13 No subscription required linux-aws-cloud-tools-6.5.0-1013 - 6.5.0-1013.13 linux-aws-headers-6.5.0-1013 - 6.5.0-1013.13 linux-aws-tools-6.5.0-1013 - 6.5.0-1013.13 linux-buildinfo-6.5.0-1013-aws - 6.5.0-1013.13 linux-buildinfo-6.5.0-1013-gcp - 6.5.0-1013.13 linux-cloud-tools-6.5.0-1013-aws - 6.5.0-1013.13 linux-gcp-headers-6.5.0-1013 - 6.5.0-1013.13 linux-gcp-tools-6.5.0-1013 - 6.5.0-1013.13 linux-headers-6.5.0-1013-aws - 6.5.0-1013.13 linux-headers-6.5.0-1013-gcp - 6.5.0-1013.13 linux-image-6.5.0-1013-aws - 6.5.0-1013.13 linux-image-6.5.0-1013-gcp - 6.5.0-1013.13 linux-image-unsigned-6.5.0-1013-aws - 6.5.0-1013.13 linux-image-unsigned-6.5.0-1013-gcp - 6.5.0-1013.13 linux-modules-6.5.0-1013-aws - 6.5.0-1013.13 linux-modules-6.5.0-1013-gcp - 6.5.0-1013.13 linux-modules-extra-6.5.0-1013-aws - 6.5.0-1013.13 linux-modules-extra-6.5.0-1013-gcp - 6.5.0-1013.13 linux-modules-ipu6-6.5.0-1013-aws - 6.5.0-1013.13 linux-modules-ivsc-6.5.0-1013-aws - 6.5.0-1013.13 linux-modules-iwlwifi-6.5.0-1013-aws - 6.5.0-1013.13 linux-modules-iwlwifi-6.5.0-1013-gcp - 6.5.0-1013.13 linux-tools-6.5.0-1013-aws - 6.5.0-1013.13 linux-tools-6.5.0-1013-gcp - 6.5.0-1013.13 No subscription required linux-buildinfo-6.5.0-1015-oracle - 6.5.0-1015.15 linux-headers-6.5.0-1015-oracle - 6.5.0-1015.15 linux-image-6.5.0-1015-oracle - 6.5.0-1015.15 linux-image-unsigned-6.5.0-1015-oracle - 6.5.0-1015.15 linux-modules-6.5.0-1015-oracle - 6.5.0-1015.15 linux-modules-extra-6.5.0-1015-oracle - 6.5.0-1015.15 linux-modules-iwlwifi-6.5.0-1015-oracle - 6.5.0-1015.15 linux-oracle-headers-6.5.0-1015 - 6.5.0-1015.15 linux-oracle-tools-6.5.0-1015 - 6.5.0-1015.15 linux-tools-6.5.0-1015-oracle - 6.5.0-1015.15 No subscription required linux-buildinfo-6.5.0-17-generic - 6.5.0-17.17 linux-buildinfo-6.5.0-17-generic-64k - 6.5.0-17.17 linux-cloud-tools-6.5.0-17 - 6.5.0-17.17 linux-cloud-tools-6.5.0-17-generic - 6.5.0-17.17 linux-cloud-tools-common - 6.5.0-17.17 linux-doc - 6.5.0-17.17 linux-headers-6.5.0-17 - 6.5.0-17.17 linux-headers-6.5.0-17-generic - 6.5.0-17.17 linux-headers-6.5.0-17-generic-64k - 6.5.0-17.17 linux-image-6.5.0-17-generic - 6.5.0-17.17 linux-image-6.5.0-17-generic-64k - 6.5.0-17.17 linux-image-uc-6.5.0-17-generic - 6.5.0-17.17 linux-image-uc-6.5.0-17-generic-64k - 6.5.0-17.17 linux-image-unsigned-6.5.0-17-generic - 6.5.0-17.17 linux-image-unsigned-6.5.0-17-generic-64k - 6.5.0-17.17 linux-lib-rust-6.5.0-17-generic - 6.5.0-17.17 linux-libc-dev - 6.5.0-17.17 linux-modules-6.5.0-17-generic - 6.5.0-17.17 linux-modules-6.5.0-17-generic-64k - 6.5.0-17.17 linux-modules-extra-6.5.0-17-generic - 6.5.0-17.17 linux-modules-ipu6-6.5.0-17-generic - 6.5.0-17.17 linux-modules-ivsc-6.5.0-17-generic - 6.5.0-17.17 linux-modules-iwlwifi-6.5.0-17-generic - 6.5.0-17.17 linux-source-6.5.0 - 6.5.0-17.17 linux-tools-6.5.0-17 - 6.5.0-17.17 linux-tools-6.5.0-17-generic - 6.5.0-17.17 linux-tools-6.5.0-17-generic-64k - 6.5.0-17.17 linux-tools-common - 6.5.0-17.17 linux-tools-host - 6.5.0-17.17 No subscription required linux-buildinfo-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-buildinfo-6.5.0-17-lowlatency-64k - 6.5.0-17.17.1 linux-cloud-tools-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-headers-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-headers-6.5.0-17-lowlatency-64k - 6.5.0-17.17.1 linux-image-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-image-6.5.0-17-lowlatency-64k - 6.5.0-17.17.1 linux-image-unsigned-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-image-unsigned-6.5.0-17-lowlatency-64k - 6.5.0-17.17.1 linux-lowlatency-cloud-tools-6.5.0-17 - 6.5.0-17.17.1 linux-lowlatency-cloud-tools-common - 6.5.0-17.17.1 linux-lowlatency-headers-6.5.0-17 - 6.5.0-17.17.1 linux-lowlatency-lib-rust-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-lowlatency-tools-6.5.0-17 - 6.5.0-17.17.1 linux-lowlatency-tools-common - 6.5.0-17.17.1 linux-lowlatency-tools-host - 6.5.0-17.17.1 linux-modules-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-modules-6.5.0-17-lowlatency-64k - 6.5.0-17.17.1 linux-modules-iwlwifi-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-tools-6.5.0-17-lowlatency - 6.5.0-17.17.1 linux-tools-6.5.0-17-lowlatency-64k - 6.5.0-17.17.1 No subscription required linux-headers-starfive - 6.5.0.1007.9 linux-image-starfive - 6.5.0.1007.9 linux-starfive - 6.5.0.1007.9 linux-tools-starfive - 6.5.0.1007.9 No subscription required linux-headers-laptop-23.10 - 6.5.0.1009.12 linux-image-laptop-23.10 - 6.5.0.1009.12 linux-laptop-23.10 - 6.5.0.1009.12 linux-tools-laptop-23.10 - 6.5.0.1009.12 No subscription required linux-headers-raspi - 6.5.0.1010.11 linux-headers-raspi-nolpae - 6.5.0.1010.11 linux-image-raspi - 6.5.0.1010.11 linux-image-raspi-nolpae - 6.5.0.1010.11 linux-modules-extra-raspi - 6.5.0.1010.11 linux-modules-extra-raspi-nolpae - 6.5.0.1010.11 linux-raspi - 6.5.0.1010.11 linux-raspi-nolpae - 6.5.0.1010.11 linux-tools-raspi - 6.5.0.1010.11 linux-tools-raspi-nolpae - 6.5.0.1010.11 No subscription required linux-aws - 6.5.0.1013.13 linux-gcp - 6.5.0.1013.13 linux-headers-aws - 6.5.0.1013.13 linux-headers-gcp - 6.5.0.1013.13 linux-image-aws - 6.5.0.1013.13 linux-image-gcp - 6.5.0.1013.13 linux-modules-extra-aws - 6.5.0.1013.13 linux-modules-extra-gcp - 6.5.0.1013.13 linux-modules-iwlwifi-gcp - 6.5.0.1013.13 linux-tools-aws - 6.5.0.1013.13 linux-tools-gcp - 6.5.0.1013.13 No subscription required linux-headers-oracle - 6.5.0.1015.15 linux-image-oracle - 6.5.0.1015.15 linux-modules-iwlwifi-oracle - 6.5.0.1015.15 linux-oracle - 6.5.0.1015.15 linux-tools-oracle - 6.5.0.1015.15 No subscription required linux-cloud-tools-lowlatency - 6.5.0.17.17.14 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.17.17.14 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.17.17.14 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.17.17.14 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.17.17.14 linux-headers-lowlatency - 6.5.0.17.17.14 linux-headers-lowlatency-64k - 6.5.0.17.17.14 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.17.17.14 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.17.17.14 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.17.17.14 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.17.17.14 linux-headers-lowlatency-hwe-20.04 - 6.5.0.17.17.14 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.17.17.14 linux-headers-lowlatency-hwe-22.04 - 6.5.0.17.17.14 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.17.17.14 linux-image-lowlatency - 6.5.0.17.17.14 linux-image-lowlatency-64k - 6.5.0.17.17.14 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.17.17.14 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.17.17.14 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.17.17.14 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.17.17.14 linux-image-lowlatency-hwe-20.04 - 6.5.0.17.17.14 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.17.17.14 linux-image-lowlatency-hwe-22.04 - 6.5.0.17.17.14 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.17.17.14 linux-lowlatency - 6.5.0.17.17.14 linux-lowlatency-64k - 6.5.0.17.17.14 linux-lowlatency-64k-hwe-20.04 - 6.5.0.17.17.14 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.17.17.14 linux-lowlatency-64k-hwe-22.04 - 6.5.0.17.17.14 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.17.17.14 linux-lowlatency-hwe-20.04 - 6.5.0.17.17.14 linux-lowlatency-hwe-20.04-edge - 6.5.0.17.17.14 linux-lowlatency-hwe-22.04 - 6.5.0.17.17.14 linux-lowlatency-hwe-22.04-edge - 6.5.0.17.17.14 linux-modules-iwlwifi-lowlatency - 6.5.0.17.17.14 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.17.17.14 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.17.17.14 linux-tools-lowlatency - 6.5.0.17.17.14 linux-tools-lowlatency-64k - 6.5.0.17.17.14 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.17.17.14 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.17.17.14 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.17.17.14 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.17.17.14 linux-tools-lowlatency-hwe-20.04 - 6.5.0.17.17.14 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.17.17.14 linux-tools-lowlatency-hwe-22.04 - 6.5.0.17.17.14 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.17.17.14 No subscription required linux-cloud-tools-generic - 6.5.0.17.19 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.17.19 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.17.19 linux-cloud-tools-virtual - 6.5.0.17.19 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.17.19 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.17.19 linux-crashdump - 6.5.0.17.19 linux-generic - 6.5.0.17.19 linux-generic-64k - 6.5.0.17.19 linux-generic-64k-hwe-22.04 - 6.5.0.17.19 linux-generic-64k-hwe-22.04-edge - 6.5.0.17.19 linux-generic-hwe-22.04 - 6.5.0.17.19 linux-generic-hwe-22.04-edge - 6.5.0.17.19 linux-generic-lpae - 6.5.0.17.19 linux-headers-generic - 6.5.0.17.19 linux-headers-generic-64k - 6.5.0.17.19 linux-headers-generic-64k-hwe-22.04 - 6.5.0.17.19 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.17.19 linux-headers-generic-hwe-22.04 - 6.5.0.17.19 linux-headers-generic-hwe-22.04-edge - 6.5.0.17.19 linux-headers-generic-lpae - 6.5.0.17.19 linux-headers-kvm - 6.5.0.17.19 linux-headers-oem-20.04 - 6.5.0.17.19 linux-headers-oem-20.04b - 6.5.0.17.19 linux-headers-oem-20.04c - 6.5.0.17.19 linux-headers-oem-20.04d - 6.5.0.17.19 linux-headers-oem-22.04 - 6.5.0.17.19 linux-headers-virtual - 6.5.0.17.19 linux-headers-virtual-hwe-22.04 - 6.5.0.17.19 linux-headers-virtual-hwe-22.04-edge - 6.5.0.17.19 linux-image-extra-virtual - 6.5.0.17.19 linux-image-extra-virtual-hwe-22.04 - 6.5.0.17.19 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.17.19 linux-image-generic - 6.5.0.17.19 linux-image-generic-64k - 6.5.0.17.19 linux-image-generic-64k-hwe-22.04 - 6.5.0.17.19 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.17.19 linux-image-generic-hwe-22.04 - 6.5.0.17.19 linux-image-generic-hwe-22.04-edge - 6.5.0.17.19 linux-image-generic-lpae - 6.5.0.17.19 linux-image-kvm - 6.5.0.17.19 linux-image-oem-20.04 - 6.5.0.17.19 linux-image-oem-20.04b - 6.5.0.17.19 linux-image-oem-20.04c - 6.5.0.17.19 linux-image-oem-20.04d - 6.5.0.17.19 linux-image-oem-22.04 - 6.5.0.17.19 linux-image-uc-generic - 6.5.0.17.19 linux-image-uc-generic-hwe-22.04 - 6.5.0.17.19 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.17.19 linux-image-virtual - 6.5.0.17.19 linux-image-virtual-hwe-22.04 - 6.5.0.17.19 linux-image-virtual-hwe-22.04-edge - 6.5.0.17.19 linux-kvm - 6.5.0.17.19 linux-modules-ipu6-generic - 6.5.0.17.19 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.17.19 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.17.19 linux-modules-ipu6-oem-22.04 - 6.5.0.17.19 linux-modules-ivsc-generic - 6.5.0.17.19 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.17.19 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.17.19 linux-modules-ivsc-oem-22.04 - 6.5.0.17.19 linux-modules-iwlwifi-generic - 6.5.0.17.19 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.17.19 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.17.19 linux-modules-iwlwifi-oem-20.04 - 6.5.0.17.19 linux-modules-iwlwifi-oem-20.04d - 6.5.0.17.19 linux-modules-iwlwifi-oem-22.04 - 6.5.0.17.19 linux-oem-20.04 - 6.5.0.17.19 linux-oem-20.04b - 6.5.0.17.19 linux-oem-20.04c - 6.5.0.17.19 linux-oem-20.04d - 6.5.0.17.19 linux-oem-22.04 - 6.5.0.17.19 linux-source - 6.5.0.17.19 linux-tools-generic - 6.5.0.17.19 linux-tools-generic-64k - 6.5.0.17.19 linux-tools-generic-64k-hwe-22.04 - 6.5.0.17.19 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.17.19 linux-tools-generic-hwe-22.04 - 6.5.0.17.19 linux-tools-generic-hwe-22.04-edge - 6.5.0.17.19 linux-tools-generic-lpae - 6.5.0.17.19 linux-tools-kvm - 6.5.0.17.19 linux-tools-oem-20.04 - 6.5.0.17.19 linux-tools-oem-20.04b - 6.5.0.17.19 linux-tools-oem-20.04c - 6.5.0.17.19 linux-tools-oem-20.04d - 6.5.0.17.19 linux-tools-oem-22.04 - 6.5.0.17.19 linux-tools-virtual - 6.5.0.17.19 linux-tools-virtual-hwe-22.04 - 6.5.0.17.19 linux-tools-virtual-hwe-22.04-edge - 6.5.0.17.19 linux-virtual - 6.5.0.17.19 linux-virtual-hwe-22.04 - 6.5.0.17.19 linux-virtual-hwe-22.04-edge - 6.5.0.17.19 No subscription required High CVE-2023-34324 CVE-2023-35827 CVE-2023-46813 CVE-2023-46862 CVE-2023-5972 CVE-2023-6176 CVE-2023-6531 CVE-2023-6622 CVE-2024-0641 Ubuntu 23.10 It was discovered that Glance_store incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain access_key values. Update Instructions: Run `sudo pro fix USN-6630-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 4.6.1-0ubuntu1.1 python3-glance-store - 4.6.1-0ubuntu1.1 No subscription required Medium CVE-2024-1141 Ubuntu 23.10 Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6631-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.42.5-0ubuntu0.23.10.2 gir1.2-javascriptcoregtk-4.1 - 2.42.5-0ubuntu0.23.10.2 gir1.2-javascriptcoregtk-6.0 - 2.42.5-0ubuntu0.23.10.2 gir1.2-webkit-6.0 - 2.42.5-0ubuntu0.23.10.2 gir1.2-webkit2-4.0 - 2.42.5-0ubuntu0.23.10.2 gir1.2-webkit2-4.1 - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-4.0-18 - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-4.0-bin - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-4.0-dev - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-4.1-0 - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-4.1-dev - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-6.0-1 - 2.42.5-0ubuntu0.23.10.2 libjavascriptcoregtk-6.0-dev - 2.42.5-0ubuntu0.23.10.2 libwebkit2gtk-4.0-37 - 2.42.5-0ubuntu0.23.10.2 libwebkit2gtk-4.0-dev - 2.42.5-0ubuntu0.23.10.2 libwebkit2gtk-4.0-doc - 2.42.5-0ubuntu0.23.10.2 libwebkit2gtk-4.1-0 - 2.42.5-0ubuntu0.23.10.2 libwebkit2gtk-4.1-dev - 2.42.5-0ubuntu0.23.10.2 libwebkitgtk-6.0-4 - 2.42.5-0ubuntu0.23.10.2 libwebkitgtk-6.0-dev - 2.42.5-0ubuntu0.23.10.2 webkit2gtk-driver - 2.42.5-0ubuntu0.23.10.2 No subscription required Medium CVE-2024-23206 CVE-2024-23213 CVE-2024-23222 Ubuntu 23.10 Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-4408) Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Bind incorrectly handled reverse zone queries when nxdomain-redirect is enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5517) It was discovered that Bind incorrectly handled recursive resolution when both DNS64 and serve-stable were enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5679) Update Instructions: Run `sudo pro fix USN-6633-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bind9 - 1:9.18.18-0ubuntu2.1 bind9-dev - 1:9.18.18-0ubuntu2.1 bind9-dnsutils - 1:9.18.18-0ubuntu2.1 bind9-doc - 1:9.18.18-0ubuntu2.1 bind9-host - 1:9.18.18-0ubuntu2.1 bind9-libs - 1:9.18.18-0ubuntu2.1 bind9-utils - 1:9.18.18-0ubuntu2.1 bind9utils - 1:9.18.18-0ubuntu2.1 dnsutils - 1:9.18.18-0ubuntu2.1 No subscription required Medium CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 CVE-2023-5517 CVE-2023-5679 Ubuntu 23.10 Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21386) Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21404) Update Instructions: Run `sudo pro fix USN-6634-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-6.0 - 6.0.127-0ubuntu1~23.10.1 aspnetcore-targeting-pack-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet-apphost-pack-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet-host - 6.0.127-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet-runtime-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet-sdk-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet-sdk-6.0-source-built-artifacts - 6.0.127-0ubuntu1~23.10.1 dotnet-targeting-pack-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet-templates-6.0 - 6.0.127-0ubuntu1~23.10.1 dotnet6 - 6.0.127-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1 - 6.0.127-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-7.0 - 7.0.116-0ubuntu1~23.10.1 aspnetcore-targeting-pack-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-apphost-pack-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-host-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-runtime-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-sdk-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-sdk-7.0-source-built-artifacts - 7.0.116-0ubuntu1~23.10.1 dotnet-targeting-pack-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet-templates-7.0 - 7.0.116-0ubuntu1~23.10.1 dotnet7 - 7.0.116-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-7.0 - 7.0.116-0ubuntu1~23.10.1 No subscription required dotnet-sdk-8.0 - 8.0.102-0ubuntu1~23.10.1 dotnet-sdk-8.0-source-built-artifacts - 8.0.102-0ubuntu1~23.10.1 dotnet-templates-8.0 - 8.0.102-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-8.0 - 8.0.102-0ubuntu1~23.10.1 No subscription required dotnet8 - 8.0.102-8.0.2-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-8.0 - 8.0.2-0ubuntu1~23.10.1 aspnetcore-targeting-pack-8.0 - 8.0.2-0ubuntu1~23.10.1 dotnet-apphost-pack-8.0 - 8.0.2-0ubuntu1~23.10.1 dotnet-host-8.0 - 8.0.2-0ubuntu1~23.10.1 dotnet-hostfxr-8.0 - 8.0.2-0ubuntu1~23.10.1 dotnet-runtime-8.0 - 8.0.2-0ubuntu1~23.10.1 dotnet-targeting-pack-8.0 - 8.0.2-0ubuntu1~23.10.1 No subscription required Medium CVE-2024-21386 CVE-2024-21404 Ubuntu 23.10 It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2024-20290) Amit Schendel discovered that the ClamAV ClamD service incorrectly handled the VirusEvent feature. An attacker able to connect to ClamD could possibly use this issue to execute arbitrary code. (CVE-2024-20328) Update Instructions: Run `sudo pro fix USN-6636-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clamav - 1.0.5+dfsg-0ubuntu0.23.10.1 clamav-base - 1.0.5+dfsg-0ubuntu0.23.10.1 clamav-daemon - 1.0.5+dfsg-0ubuntu0.23.10.1 clamav-docs - 1.0.5+dfsg-0ubuntu0.23.10.1 clamav-freshclam - 1.0.5+dfsg-0ubuntu0.23.10.1 clamav-milter - 1.0.5+dfsg-0ubuntu0.23.10.1 clamav-testfiles - 1.0.5+dfsg-0ubuntu0.23.10.1 clamdscan - 1.0.5+dfsg-0ubuntu0.23.10.1 libclamav-dev - 1.0.5+dfsg-0ubuntu0.23.10.1 libclamav11 - 1.0.5+dfsg-0ubuntu0.23.10.1 No subscription required Medium CVE-2024-20290 CVE-2024-20328 Ubuntu 23.10 Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. (CVE-2022-36763, CVE-2022-36764, CVE-2022-36765) It was discovered that a buffer overflows exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability or possibly cause remote code execution. (CVE-2023-45230, CVE-2023-45234, CVE-2023-45235) It was discovered that an out-of-bounds read exists in EDK2's Network Package An attacker on the local network could potentially use this to impact confidentiality. (CVE-2023-45231) It was discovered that infinite-loops exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability. (CVE-2023-45232, CVE-2023-45233) Mate Kukri discovered that an insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. An attacker could use this to bypass Secure Boot. (CVE-2023-48733) Update Instructions: Run `sudo pro fix USN-6638-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: efi-shell-aa64 - 2023.05-2ubuntu0.1 efi-shell-arm - 2023.05-2ubuntu0.1 efi-shell-ia32 - 2023.05-2ubuntu0.1 efi-shell-x64 - 2023.05-2ubuntu0.1 ovmf - 2023.05-2ubuntu0.1 ovmf-ia32 - 2023.05-2ubuntu0.1 qemu-efi-aarch64 - 2023.05-2ubuntu0.1 qemu-efi-arm - 2023.05-2ubuntu0.1 No subscription required Medium CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-48733 https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 Ubuntu 23.10 It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6640-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsubid-dev - 1:4.13+dfsg1-1ubuntu1.1 libsubid4 - 1:4.13+dfsg1-1ubuntu1.1 login - 1:4.13+dfsg1-1ubuntu1.1 passwd - 1:4.13+dfsg1-1ubuntu1.1 uidmap - 1:4.13+dfsg1-1ubuntu1.1 No subscription required Low CVE-2023-4641 Ubuntu 23.10 Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery (SSRF) attacks. Update Instructions: Run `sudo pro fix USN-6643-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-ip - 2.0.0+~1.1.0-1ubuntu0.1 No subscription required Medium CVE-2023-42282 Ubuntu 23.10 It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. (CVE-2023-52356) It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. (CVE-2023-6228) It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to consume resources, resulting in a denial of service. (CVE-2023-6277) Update Instructions: Run `sudo pro fix USN-6644-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-dev - 4.5.1+git230720-1ubuntu1.1 libtiff-doc - 4.5.1+git230720-1ubuntu1.1 libtiff-opengl - 4.5.1+git230720-1ubuntu1.1 libtiff-tools - 4.5.1+git230720-1ubuntu1.1 libtiff5-dev - 4.5.1+git230720-1ubuntu1.1 libtiff6 - 4.5.1+git230720-1ubuntu1.1 libtiffxx6 - 4.5.1+git230720-1ubuntu1.1 No subscription required Medium CVE-2023-52356 CVE-2023-6228 CVE-2023-6277 Ubuntu 23.10 It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly handle the release of certain buffer rings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0582) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6651-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1008-starfive - 6.5.0-1008.9 linux-headers-6.5.0-1008-starfive - 6.5.0-1008.9 linux-image-6.5.0-1008-starfive - 6.5.0-1008.9 linux-modules-6.5.0-1008-starfive - 6.5.0-1008.9 linux-modules-extra-6.5.0-1008-starfive - 6.5.0-1008.9 linux-starfive-headers-6.5.0-1008 - 6.5.0-1008.9 linux-starfive-tools-6.5.0-1008 - 6.5.0-1008.9 linux-tools-6.5.0-1008-starfive - 6.5.0-1008.9 No subscription required linux-buildinfo-6.5.0-1010-laptop - 6.5.0-1010.13 linux-headers-6.5.0-1010-laptop - 6.5.0-1010.13 linux-image-6.5.0-1010-laptop - 6.5.0-1010.13 linux-laptop-headers-6.5.0-1010 - 6.5.0-1010.13 linux-laptop-tools-6.5.0-1010 - 6.5.0-1010.13 linux-modules-6.5.0-1010-laptop - 6.5.0-1010.13 linux-tools-6.5.0-1010-laptop - 6.5.0-1010.13 No subscription required linux-buildinfo-6.5.0-1011-raspi - 6.5.0-1011.14 linux-headers-6.5.0-1011-raspi - 6.5.0-1011.14 linux-image-6.5.0-1011-raspi - 6.5.0-1011.14 linux-modules-6.5.0-1011-raspi - 6.5.0-1011.14 linux-modules-extra-6.5.0-1011-raspi - 6.5.0-1011.14 linux-raspi-headers-6.5.0-1011 - 6.5.0-1011.14 linux-raspi-tools-6.5.0-1011 - 6.5.0-1011.14 linux-tools-6.5.0-1011-raspi - 6.5.0-1011.14 No subscription required linux-aws-cloud-tools-6.5.0-1014 - 6.5.0-1014.14 linux-aws-headers-6.5.0-1014 - 6.5.0-1014.14 linux-aws-tools-6.5.0-1014 - 6.5.0-1014.14 linux-buildinfo-6.5.0-1014-aws - 6.5.0-1014.14 linux-buildinfo-6.5.0-1014-gcp - 6.5.0-1014.14 linux-cloud-tools-6.5.0-1014-aws - 6.5.0-1014.14 linux-gcp-headers-6.5.0-1014 - 6.5.0-1014.14 linux-gcp-tools-6.5.0-1014 - 6.5.0-1014.14 linux-headers-6.5.0-1014-aws - 6.5.0-1014.14 linux-headers-6.5.0-1014-gcp - 6.5.0-1014.14 linux-image-6.5.0-1014-aws - 6.5.0-1014.14 linux-image-6.5.0-1014-gcp - 6.5.0-1014.14 linux-image-unsigned-6.5.0-1014-aws - 6.5.0-1014.14 linux-image-unsigned-6.5.0-1014-gcp - 6.5.0-1014.14 linux-modules-6.5.0-1014-aws - 6.5.0-1014.14 linux-modules-6.5.0-1014-gcp - 6.5.0-1014.14 linux-modules-extra-6.5.0-1014-aws - 6.5.0-1014.14 linux-modules-extra-6.5.0-1014-gcp - 6.5.0-1014.14 linux-modules-iwlwifi-6.5.0-1014-gcp - 6.5.0-1014.14 linux-tools-6.5.0-1014-aws - 6.5.0-1014.14 linux-tools-6.5.0-1014-gcp - 6.5.0-1014.14 No subscription required linux-buildinfo-6.5.0-1016-oracle - 6.5.0-1016.16 linux-headers-6.5.0-1016-oracle - 6.5.0-1016.16 linux-image-6.5.0-1016-oracle - 6.5.0-1016.16 linux-image-unsigned-6.5.0-1016-oracle - 6.5.0-1016.16 linux-modules-6.5.0-1016-oracle - 6.5.0-1016.16 linux-modules-extra-6.5.0-1016-oracle - 6.5.0-1016.16 linux-modules-iwlwifi-6.5.0-1016-oracle - 6.5.0-1016.16 linux-oracle-headers-6.5.0-1016 - 6.5.0-1016.16 linux-oracle-tools-6.5.0-1016 - 6.5.0-1016.16 linux-tools-6.5.0-1016-oracle - 6.5.0-1016.16 No subscription required linux-buildinfo-6.5.0-21-generic - 6.5.0-21.21 linux-buildinfo-6.5.0-21-generic-64k - 6.5.0-21.21 linux-cloud-tools-6.5.0-21 - 6.5.0-21.21 linux-cloud-tools-6.5.0-21-generic - 6.5.0-21.21 linux-cloud-tools-common - 6.5.0-21.21 linux-doc - 6.5.0-21.21 linux-headers-6.5.0-21 - 6.5.0-21.21 linux-headers-6.5.0-21-generic - 6.5.0-21.21 linux-headers-6.5.0-21-generic-64k - 6.5.0-21.21 linux-image-6.5.0-21-generic - 6.5.0-21.21 linux-image-6.5.0-21-generic-64k - 6.5.0-21.21 linux-image-uc-6.5.0-21-generic - 6.5.0-21.21 linux-image-uc-6.5.0-21-generic-64k - 6.5.0-21.21 linux-image-unsigned-6.5.0-21-generic - 6.5.0-21.21 linux-image-unsigned-6.5.0-21-generic-64k - 6.5.0-21.21 linux-lib-rust-6.5.0-21-generic - 6.5.0-21.21 linux-libc-dev - 6.5.0-21.21 linux-modules-6.5.0-21-generic - 6.5.0-21.21 linux-modules-6.5.0-21-generic-64k - 6.5.0-21.21 linux-modules-extra-6.5.0-21-generic - 6.5.0-21.21 linux-modules-ipu6-6.5.0-21-generic - 6.5.0-21.21 linux-modules-ivsc-6.5.0-21-generic - 6.5.0-21.21 linux-modules-iwlwifi-6.5.0-21-generic - 6.5.0-21.21 linux-source-6.5.0 - 6.5.0-21.21 linux-tools-6.5.0-21 - 6.5.0-21.21 linux-tools-6.5.0-21-generic - 6.5.0-21.21 linux-tools-6.5.0-21-generic-64k - 6.5.0-21.21 linux-tools-common - 6.5.0-21.21 linux-tools-host - 6.5.0-21.21 No subscription required linux-headers-starfive - 6.5.0.1008.10 linux-image-starfive - 6.5.0.1008.10 linux-starfive - 6.5.0.1008.10 linux-tools-starfive - 6.5.0.1008.10 No subscription required linux-headers-laptop-23.10 - 6.5.0.1010.13 linux-image-laptop-23.10 - 6.5.0.1010.13 linux-laptop-23.10 - 6.5.0.1010.13 linux-tools-laptop-23.10 - 6.5.0.1010.13 No subscription required linux-headers-raspi - 6.5.0.1011.12 linux-headers-raspi-nolpae - 6.5.0.1011.12 linux-image-raspi - 6.5.0.1011.12 linux-image-raspi-nolpae - 6.5.0.1011.12 linux-modules-extra-raspi - 6.5.0.1011.12 linux-modules-extra-raspi-nolpae - 6.5.0.1011.12 linux-raspi - 6.5.0.1011.12 linux-raspi-nolpae - 6.5.0.1011.12 linux-tools-raspi - 6.5.0.1011.12 linux-tools-raspi-nolpae - 6.5.0.1011.12 No subscription required linux-aws - 6.5.0.1014.14 linux-gcp - 6.5.0.1014.14 linux-headers-aws - 6.5.0.1014.14 linux-headers-gcp - 6.5.0.1014.14 linux-image-aws - 6.5.0.1014.14 linux-image-gcp - 6.5.0.1014.14 linux-modules-extra-aws - 6.5.0.1014.14 linux-modules-extra-gcp - 6.5.0.1014.14 linux-modules-iwlwifi-gcp - 6.5.0.1014.14 linux-tools-aws - 6.5.0.1014.14 linux-tools-gcp - 6.5.0.1014.14 No subscription required linux-headers-oracle - 6.5.0.1016.16 linux-image-oracle - 6.5.0.1016.16 linux-modules-iwlwifi-oracle - 6.5.0.1016.16 linux-oracle - 6.5.0.1016.16 linux-tools-oracle - 6.5.0.1016.16 No subscription required linux-cloud-tools-generic - 6.5.0.21.20 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.21.20 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.21.20 linux-cloud-tools-virtual - 6.5.0.21.20 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.21.20 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.21.20 linux-crashdump - 6.5.0.21.20 linux-generic - 6.5.0.21.20 linux-generic-64k - 6.5.0.21.20 linux-generic-64k-hwe-22.04 - 6.5.0.21.20 linux-generic-64k-hwe-22.04-edge - 6.5.0.21.20 linux-generic-hwe-22.04 - 6.5.0.21.20 linux-generic-hwe-22.04-edge - 6.5.0.21.20 linux-generic-lpae - 6.5.0.21.20 linux-headers-generic - 6.5.0.21.20 linux-headers-generic-64k - 6.5.0.21.20 linux-headers-generic-64k-hwe-22.04 - 6.5.0.21.20 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.21.20 linux-headers-generic-hwe-22.04 - 6.5.0.21.20 linux-headers-generic-hwe-22.04-edge - 6.5.0.21.20 linux-headers-generic-lpae - 6.5.0.21.20 linux-headers-kvm - 6.5.0.21.20 linux-headers-oem-20.04 - 6.5.0.21.20 linux-headers-oem-20.04b - 6.5.0.21.20 linux-headers-oem-20.04c - 6.5.0.21.20 linux-headers-oem-20.04d - 6.5.0.21.20 linux-headers-oem-22.04 - 6.5.0.21.20 linux-headers-virtual - 6.5.0.21.20 linux-headers-virtual-hwe-22.04 - 6.5.0.21.20 linux-headers-virtual-hwe-22.04-edge - 6.5.0.21.20 linux-image-extra-virtual - 6.5.0.21.20 linux-image-extra-virtual-hwe-22.04 - 6.5.0.21.20 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.21.20 linux-image-generic - 6.5.0.21.20 linux-image-generic-64k - 6.5.0.21.20 linux-image-generic-64k-hwe-22.04 - 6.5.0.21.20 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.21.20 linux-image-generic-hwe-22.04 - 6.5.0.21.20 linux-image-generic-hwe-22.04-edge - 6.5.0.21.20 linux-image-generic-lpae - 6.5.0.21.20 linux-image-kvm - 6.5.0.21.20 linux-image-oem-20.04 - 6.5.0.21.20 linux-image-oem-20.04b - 6.5.0.21.20 linux-image-oem-20.04c - 6.5.0.21.20 linux-image-oem-20.04d - 6.5.0.21.20 linux-image-oem-22.04 - 6.5.0.21.20 linux-image-uc-generic - 6.5.0.21.20 linux-image-uc-generic-hwe-22.04 - 6.5.0.21.20 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.21.20 linux-image-virtual - 6.5.0.21.20 linux-image-virtual-hwe-22.04 - 6.5.0.21.20 linux-image-virtual-hwe-22.04-edge - 6.5.0.21.20 linux-kvm - 6.5.0.21.20 linux-modules-ipu6-generic - 6.5.0.21.20 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.21.20 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.21.20 linux-modules-ipu6-oem-22.04 - 6.5.0.21.20 linux-modules-ivsc-generic - 6.5.0.21.20 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.21.20 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.21.20 linux-modules-ivsc-oem-22.04 - 6.5.0.21.20 linux-modules-iwlwifi-generic - 6.5.0.21.20 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.21.20 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.21.20 linux-modules-iwlwifi-oem-20.04 - 6.5.0.21.20 linux-modules-iwlwifi-oem-20.04d - 6.5.0.21.20 linux-modules-iwlwifi-oem-22.04 - 6.5.0.21.20 linux-oem-20.04 - 6.5.0.21.20 linux-oem-20.04b - 6.5.0.21.20 linux-oem-20.04c - 6.5.0.21.20 linux-oem-20.04d - 6.5.0.21.20 linux-oem-22.04 - 6.5.0.21.20 linux-source - 6.5.0.21.20 linux-tools-generic - 6.5.0.21.20 linux-tools-generic-64k - 6.5.0.21.20 linux-tools-generic-64k-hwe-22.04 - 6.5.0.21.20 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.21.20 linux-tools-generic-hwe-22.04 - 6.5.0.21.20 linux-tools-generic-hwe-22.04-edge - 6.5.0.21.20 linux-tools-generic-lpae - 6.5.0.21.20 linux-tools-kvm - 6.5.0.21.20 linux-tools-oem-20.04 - 6.5.0.21.20 linux-tools-oem-20.04b - 6.5.0.21.20 linux-tools-oem-20.04c - 6.5.0.21.20 linux-tools-oem-20.04d - 6.5.0.21.20 linux-tools-oem-22.04 - 6.5.0.21.20 linux-tools-virtual - 6.5.0.21.20 linux-tools-virtual-hwe-22.04 - 6.5.0.21.20 linux-tools-virtual-hwe-22.04-edge - 6.5.0.21.20 linux-virtual - 6.5.0.21.20 linux-virtual-hwe-22.04 - 6.5.0.21.20 linux-virtual-hwe-22.04-edge - 6.5.0.21.20 No subscription required High CVE-2023-51780 CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0582 CVE-2024-0646 Ubuntu 23.10 It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly handle the release of certain buffer rings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0582) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6651-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-buildinfo-6.5.0-21-lowlatency-64k - 6.5.0-21.21.1 linux-cloud-tools-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-headers-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-headers-6.5.0-21-lowlatency-64k - 6.5.0-21.21.1 linux-image-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-image-6.5.0-21-lowlatency-64k - 6.5.0-21.21.1 linux-image-unsigned-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-image-unsigned-6.5.0-21-lowlatency-64k - 6.5.0-21.21.1 linux-lowlatency-cloud-tools-6.5.0-21 - 6.5.0-21.21.1 linux-lowlatency-cloud-tools-common - 6.5.0-21.21.1 linux-lowlatency-headers-6.5.0-21 - 6.5.0-21.21.1 linux-lowlatency-lib-rust-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-lowlatency-tools-6.5.0-21 - 6.5.0-21.21.1 linux-lowlatency-tools-common - 6.5.0-21.21.1 linux-lowlatency-tools-host - 6.5.0-21.21.1 linux-modules-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-modules-6.5.0-21-lowlatency-64k - 6.5.0-21.21.1 linux-modules-iwlwifi-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-tools-6.5.0-21-lowlatency - 6.5.0-21.21.1 linux-tools-6.5.0-21-lowlatency-64k - 6.5.0-21.21.1 No subscription required linux-cloud-tools-lowlatency - 6.5.0.21.21.15 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.21.21.15 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.21.21.15 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.21.21.15 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.21.21.15 linux-headers-lowlatency - 6.5.0.21.21.15 linux-headers-lowlatency-64k - 6.5.0.21.21.15 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.21.21.15 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.21.21.15 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.21.21.15 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.21.21.15 linux-headers-lowlatency-hwe-20.04 - 6.5.0.21.21.15 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.21.21.15 linux-headers-lowlatency-hwe-22.04 - 6.5.0.21.21.15 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.21.21.15 linux-image-lowlatency - 6.5.0.21.21.15 linux-image-lowlatency-64k - 6.5.0.21.21.15 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.21.21.15 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.21.21.15 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.21.21.15 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.21.21.15 linux-image-lowlatency-hwe-20.04 - 6.5.0.21.21.15 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.21.21.15 linux-image-lowlatency-hwe-22.04 - 6.5.0.21.21.15 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.21.21.15 linux-lowlatency - 6.5.0.21.21.15 linux-lowlatency-64k - 6.5.0.21.21.15 linux-lowlatency-64k-hwe-20.04 - 6.5.0.21.21.15 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.21.21.15 linux-lowlatency-64k-hwe-22.04 - 6.5.0.21.21.15 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.21.21.15 linux-lowlatency-hwe-20.04 - 6.5.0.21.21.15 linux-lowlatency-hwe-20.04-edge - 6.5.0.21.21.15 linux-lowlatency-hwe-22.04 - 6.5.0.21.21.15 linux-lowlatency-hwe-22.04-edge - 6.5.0.21.21.15 linux-modules-iwlwifi-lowlatency - 6.5.0.21.21.15 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.21.21.15 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.21.21.15 linux-tools-lowlatency - 6.5.0.21.21.15 linux-tools-lowlatency-64k - 6.5.0.21.21.15 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.21.21.15 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.21.21.15 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.21.21.15 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.21.21.15 linux-tools-lowlatency-hwe-20.04 - 6.5.0.21.21.15 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.21.21.15 linux-tools-lowlatency-hwe-22.04 - 6.5.0.21.21.15 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.21.21.15 No subscription required High CVE-2023-51780 CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0582 CVE-2024-0646 Ubuntu 23.10 Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) It was discovered that the netfilter subsystem in the Linux kernel did not properly validate inner tunnel netlink attributes, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-5972) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Jann Horn discovered that a race condition existed in the Linux kernel when handling io_uring over sockets, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6531) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly handle the release of certain buffer rings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0582) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6652-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-6.5.0-1015 - 6.5.0-1015.15 linux-azure-headers-6.5.0-1015 - 6.5.0-1015.15 linux-azure-tools-6.5.0-1015 - 6.5.0-1015.15 linux-buildinfo-6.5.0-1015-azure - 6.5.0-1015.15 linux-cloud-tools-6.5.0-1015-azure - 6.5.0-1015.15 linux-headers-6.5.0-1015-azure - 6.5.0-1015.15 linux-image-6.5.0-1015-azure - 6.5.0-1015.15 linux-image-6.5.0-1015-azure-fde - 6.5.0-1015.15 linux-image-unsigned-6.5.0-1015-azure - 6.5.0-1015.15 linux-modules-6.5.0-1015-azure - 6.5.0-1015.15 linux-modules-extra-6.5.0-1015-azure - 6.5.0-1015.15 linux-modules-ipu6-6.5.0-1015-azure - 6.5.0-1015.15 linux-modules-ivsc-6.5.0-1015-azure - 6.5.0-1015.15 linux-modules-iwlwifi-6.5.0-1015-azure - 6.5.0-1015.15 linux-tools-6.5.0-1015-azure - 6.5.0-1015.15 No subscription required linux-azure - 6.5.0.1015.17 linux-azure-fde - 6.5.0.1015.17 linux-cloud-tools-azure - 6.5.0.1015.17 linux-headers-azure - 6.5.0.1015.17 linux-image-azure - 6.5.0.1015.17 linux-image-azure-fde - 6.5.0.1015.17 linux-modules-extra-azure - 6.5.0.1015.17 linux-modules-ipu6-azure - 6.5.0.1015.17 linux-modules-ivsc-azure - 6.5.0.1015.17 linux-modules-iwlwifi-azure - 6.5.0.1015.17 linux-tools-azure - 6.5.0.1015.17 No subscription required High CVE-2023-34324 CVE-2023-35827 CVE-2023-46813 CVE-2023-46862 CVE-2023-51780 CVE-2023-51781 CVE-2023-5972 CVE-2023-6176 CVE-2023-6531 CVE-2023-6622 CVE-2023-6915 CVE-2024-0565 CVE-2024-0582 CVE-2024-0641 CVE-2024-0646 Ubuntu 23.10 It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-43770) Update Instructions: Run `sudo pro fix USN-6654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: roundcube - 1.6.2+dfsg-1ubuntu0.1 roundcube-core - 1.6.2+dfsg-1ubuntu0.1 roundcube-mysql - 1.6.2+dfsg-1ubuntu0.1 roundcube-pgsql - 1.6.2+dfsg-1ubuntu0.1 roundcube-plugins - 1.6.2+dfsg-1ubuntu0.1 roundcube-sqlite3 - 1.6.2+dfsg-1ubuntu0.1 No subscription required Medium CVE-2023-43770 Ubuntu 23.10 It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions. Update Instructions: Run `sudo pro fix USN-6656-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 15.6-0ubuntu0.23.10.1 libecpg-dev - 15.6-0ubuntu0.23.10.1 libecpg6 - 15.6-0ubuntu0.23.10.1 libpgtypes3 - 15.6-0ubuntu0.23.10.1 libpq-dev - 15.6-0ubuntu0.23.10.1 libpq5 - 15.6-0ubuntu0.23.10.1 postgresql-15 - 15.6-0ubuntu0.23.10.1 postgresql-client-15 - 15.6-0ubuntu0.23.10.1 postgresql-doc-15 - 15.6-0ubuntu0.23.10.1 postgresql-plperl-15 - 15.6-0ubuntu0.23.10.1 postgresql-plpython3-15 - 15.6-0ubuntu0.23.10.1 postgresql-pltcl-15 - 15.6-0ubuntu0.23.10.1 postgresql-server-dev-15 - 15.6-0ubuntu0.23.10.1 No subscription required Medium CVE-2024-0985 Ubuntu 23.10 Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP packet size as required by DNS Flag Day 2020. This issue only affected Ubuntu 23.10. (CVE-2023-28450) Update Instructions: Run `sudo pro fix USN-6657-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.90-0ubuntu0.23.10.1 dnsmasq-base - 2.90-0ubuntu0.23.10.1 dnsmasq-base-lua - 2.90-0ubuntu0.23.10.1 dnsmasq-utils - 2.90-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-28450 CVE-2023-50387 CVE-2023-50868 Ubuntu 23.10 It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml2 - 2.9.14+dfsg-1.3ubuntu0.1 libxml2-dev - 2.9.14+dfsg-1.3ubuntu0.1 libxml2-doc - 2.9.14+dfsg-1.3ubuntu0.1 libxml2-utils - 2.9.14+dfsg-1.3ubuntu0.1 python3-libxml2 - 2.9.14+dfsg-1.3ubuntu0.1 No subscription required Medium CVE-2024-25062 Ubuntu 23.10 Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 11 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 11 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926) It was discovered that OpenJDK 11 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 11 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6660-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-doc - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-jdk - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-jdk-headless - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-jre - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-jre-headless - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-jre-zero - 11.0.22+7-0ubuntu2~23.10.1 openjdk-11-source - 11.0.22+7-0ubuntu2~23.10.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 Ubuntu 23.10 Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 17 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Yakov Shafranovich discovered that OpenJDK 17 incorrectly handled ZIP archives that have file and directory entries with the same name. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20932) It was discovered that OpenJDK 17 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 17 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6661-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.10+7-1~23.10.1 openjdk-17-doc - 17.0.10+7-1~23.10.1 openjdk-17-jdk - 17.0.10+7-1~23.10.1 openjdk-17-jdk-headless - 17.0.10+7-1~23.10.1 openjdk-17-jre - 17.0.10+7-1~23.10.1 openjdk-17-jre-headless - 17.0.10+7-1~23.10.1 openjdk-17-jre-zero - 17.0.10+7-1~23.10.1 openjdk-17-source - 17.0.10+7-1~23.10.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20932 CVE-2024-20945 CVE-2024-20952 Ubuntu 23.10 Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 21 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) It was discovered that OpenJDK 21 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 21 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6662-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-demo - 21.0.2+13-1~23.10.1 openjdk-21-doc - 21.0.2+13-1~23.10.1 openjdk-21-jdk - 21.0.2+13-1~23.10.1 openjdk-21-jdk-headless - 21.0.2+13-1~23.10.1 openjdk-21-jre - 21.0.2+13-1~23.10.1 openjdk-21-jre-headless - 21.0.2+13-1~23.10.1 openjdk-21-jre-zero - 21.0.2+13-1~23.10.1 openjdk-21-source - 21.0.2+13-1~23.10.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20945 CVE-2024-20952 Ubuntu 23.10 As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS#1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks. Update Instructions: Run `sudo pro fix USN-6663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 3.0.10-1ubuntu2.3 libssl-doc - 3.0.10-1ubuntu2.3 libssl3 - 3.0.10-1ubuntu2.3 openssl - 3.0.10-1ubuntu2.3 No subscription required None https://launchpad.net/bugs/2054090 Ubuntu 23.10 It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a crash or execute arbitrary commands. Update Instructions: Run `sudo pro fix USN-6664-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less - 590-2ubuntu0.23.10.1 No subscription required Medium CVE-2022-48624 Ubuntu 23.10 Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Unbound incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Unbound incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50868) Update Instructions: Run `sudo pro fix USN-6665-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libunbound-dev - 1.17.1-2ubuntu0.1 libunbound8 - 1.17.1-2ubuntu0.1 python3-unbound - 1.17.1-2ubuntu0.1 unbound - 1.17.1-2ubuntu0.1 unbound-anchor - 1.17.1-2ubuntu0.1 unbound-host - 1.17.1-2ubuntu0.1 No subscription required Medium CVE-2023-50387 CVE-2023-50868 Ubuntu 23.10 It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks. Update Instructions: Run `sudo pro fix USN-6666-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1 - 1.44.2-1ubuntu0.1 libuv1-dev - 1.44.2-1ubuntu0.1 No subscription required Medium CVE-2024-24806 Ubuntu 23.10 Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0747, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1936) Cornel Ionce discovered that Thunderbird did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Alfred Peters discovered that Thunderbird did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Thunderbird incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Thunderbird incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Update Instructions: Run `sudo pro fix USN-6669-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-dev - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-gnome-support - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-af - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ar - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ast - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-be - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bg - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bn - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bn-bd - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-br - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ca - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cak - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cs - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cy - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-da - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-de - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-dsb - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-el - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en-gb - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en-us - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es-ar - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es-es - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-et - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-eu - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fa - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fi - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fr - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fy - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fy-nl - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ga - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ga-ie - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-gd - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-gl - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-he - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hr - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hsb - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hu - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hy - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-id - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-is - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-it - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ja - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ka - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-kab - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-kk - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ko - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-lt - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-lv - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-mk - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ms - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nb - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nb-no - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nl - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nn - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nn-no - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pa - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pa-in - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pl - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-br - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-pt - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-rm - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ro - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ru - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-si - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sk - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sl - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sq - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sr - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sv - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sv-se - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ta - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ta-lk - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-th - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-tr - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-uk - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-uz - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-vi - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-cn - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hans - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hant - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-tw - 1:115.8.1+build1-0ubuntu0.23.10.1 thunderbird-mozsymbols - 1:115.8.1+build1-0ubuntu0.23.10.1 xul-ext-calendar-timezones - 1:115.8.1+build1-0ubuntu0.23.10.1 xul-ext-gdata-provider - 1:115.8.1+build1-0ubuntu0.23.10.1 xul-ext-lightning - 1:115.8.1+build1-0ubuntu0.23.10.1 No subscription required Medium CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755 CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553 CVE-2024-1936 Ubuntu 23.10 Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-23919) It was discovered that Node.js incorrectly handled certain inputs leaded to a untrusted search path vulnerability. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation. (CVE-2023-23920) Matt Caswell discovered that Node.js incorrectly handled certain inputs with specially crafted ASN.1 object identifiers or data containing them. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-2650) Update Instructions: Run `sudo pro fix USN-6672-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 18.13.0+dfsg1-1ubuntu2.1 libnode108 - 18.13.0+dfsg1-1ubuntu2.1 nodejs - 18.13.0+dfsg1-1ubuntu2.1 nodejs-doc - 18.13.0+dfsg1-1ubuntu2.1 No subscription required Medium CVE-2023-23919 CVE-2023-23920 CVE-2023-2650 Ubuntu 23.10 Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS#1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information. (CVE-2023-50782) It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS#12 keys. A remote attacker could possibly use this issue to cause python-cryptography to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2024-26130) Update Instructions: Run `sudo pro fix USN-6673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-cryptography-doc - 38.0.4-4ubuntu0.23.10.2 python3-cryptography - 38.0.4-4ubuntu0.23.10.2 No subscription required Medium CVE-2023-50782 CVE-2024-26130 Ubuntu 23.10 Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6674-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 3:4.2.4-1ubuntu2.2 python3-django - 3:4.2.4-1ubuntu2.2 No subscription required Medium CVE-2024-27351 Ubuntu 23.10 Vojtěch Vobr discovered that c-ares incorrectly handled user input from local configuration files. An attacker could possibly use this issue to cause a denial of service via application crash. Update Instructions: Run `sudo pro fix USN-6676-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares-dev - 1.19.1-3ubuntu0.1 libc-ares2 - 1.19.1-3ubuntu0.1 No subscription required Medium CVE-2024-25629 Ubuntu 23.10 It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-27102) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-27103) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-43887, CVE-2023-47471, CVE-2023-49465, CVE-2023-49467, CVE-2023-49468) Update Instructions: Run `sudo pro fix USN-6677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.12-2ubuntu0.1 libde265-dev - 1.0.12-2ubuntu0.1 libde265-examples - 1.0.12-2ubuntu0.1 No subscription required Medium CVE-2023-27102 CVE-2023-27103 CVE-2023-43887 CVE-2023-47471 CVE-2023-49465 CVE-2023-49467 CVE-2023-49468 Ubuntu 23.10 It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-12278, CVE-2020-12279) It was discovered that libgit2 did not perform certificate checking by default. An attacker could possibly use this issue to perform a machine-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-22742) It was discovered that libgit2 could be made to run into an infinite loop. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2024-24575) It was discovered that libgit2 did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-24577) Update Instructions: Run `sudo pro fix USN-6678-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgit2-1.5 - 1.5.1+ds-1ubuntu1.1 libgit2-dev - 1.5.1+ds-1ubuntu1.1 libgit2-fixtures - 1.5.1+ds-1ubuntu1.1 No subscription required Medium CVE-2020-12278 CVE-2020-12279 CVE-2023-22742 CVE-2024-24575 CVE-2024-24577 Ubuntu 23.10 It was discovered that FRR incorrectly handled certain malformed OSPF LSA packets. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6679-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr - 8.4.4-1.1ubuntu1.3 frr-doc - 8.4.4-1.1ubuntu1.3 frr-pythontools - 8.4.4-1.1ubuntu1.3 frr-rpki-rtrlib - 8.4.4-1.1ubuntu1.3 frr-snmp - 8.4.4-1.1ubuntu1.3 No subscription required Medium CVE-2024-27913 Ubuntu 23.10 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) Jann Horn discovered that the io_uring subsystem in the Linux kernel contained an out-of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6560) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Update Instructions: Run `sudo pro fix USN-6680-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1009-starfive - 6.5.0-1009.10 linux-headers-6.5.0-1009-starfive - 6.5.0-1009.10 linux-image-6.5.0-1009-starfive - 6.5.0-1009.10 linux-modules-6.5.0-1009-starfive - 6.5.0-1009.10 linux-modules-extra-6.5.0-1009-starfive - 6.5.0-1009.10 linux-starfive-headers-6.5.0-1009 - 6.5.0-1009.10 linux-starfive-tools-6.5.0-1009 - 6.5.0-1009.10 linux-tools-6.5.0-1009-starfive - 6.5.0-1009.10 No subscription required linux-buildinfo-6.5.0-1011-laptop - 6.5.0-1011.14 linux-headers-6.5.0-1011-laptop - 6.5.0-1011.14 linux-image-6.5.0-1011-laptop - 6.5.0-1011.14 linux-laptop-headers-6.5.0-1011 - 6.5.0-1011.14 linux-laptop-tools-6.5.0-1011 - 6.5.0-1011.14 linux-modules-6.5.0-1011-laptop - 6.5.0-1011.14 linux-tools-6.5.0-1011-laptop - 6.5.0-1011.14 No subscription required linux-buildinfo-6.5.0-1012-raspi - 6.5.0-1012.15 linux-headers-6.5.0-1012-raspi - 6.5.0-1012.15 linux-image-6.5.0-1012-raspi - 6.5.0-1012.15 linux-modules-6.5.0-1012-raspi - 6.5.0-1012.15 linux-modules-extra-6.5.0-1012-raspi - 6.5.0-1012.15 linux-raspi-headers-6.5.0-1012 - 6.5.0-1012.15 linux-raspi-tools-6.5.0-1012 - 6.5.0-1012.15 linux-tools-6.5.0-1012-raspi - 6.5.0-1012.15 No subscription required linux-buildinfo-6.5.0-1015-gcp - 6.5.0-1015.15 linux-gcp-headers-6.5.0-1015 - 6.5.0-1015.15 linux-gcp-tools-6.5.0-1015 - 6.5.0-1015.15 linux-headers-6.5.0-1015-gcp - 6.5.0-1015.15 linux-image-6.5.0-1015-gcp - 6.5.0-1015.15 linux-image-unsigned-6.5.0-1015-gcp - 6.5.0-1015.15 linux-modules-6.5.0-1015-gcp - 6.5.0-1015.15 linux-modules-extra-6.5.0-1015-gcp - 6.5.0-1015.15 linux-modules-iwlwifi-6.5.0-1015-gcp - 6.5.0-1015.15 linux-tools-6.5.0-1015-gcp - 6.5.0-1015.15 No subscription required linux-buildinfo-6.5.0-1018-oracle - 6.5.0-1018.18 linux-buildinfo-6.5.0-1018-oracle-64k - 6.5.0-1018.18 linux-headers-6.5.0-1018-oracle - 6.5.0-1018.18 linux-headers-6.5.0-1018-oracle-64k - 6.5.0-1018.18 linux-image-6.5.0-1018-oracle - 6.5.0-1018.18 linux-image-6.5.0-1018-oracle-64k - 6.5.0-1018.18 linux-image-unsigned-6.5.0-1018-oracle - 6.5.0-1018.18 linux-image-unsigned-6.5.0-1018-oracle-64k - 6.5.0-1018.18 linux-modules-6.5.0-1018-oracle - 6.5.0-1018.18 linux-modules-6.5.0-1018-oracle-64k - 6.5.0-1018.18 linux-modules-extra-6.5.0-1018-oracle - 6.5.0-1018.18 linux-modules-extra-6.5.0-1018-oracle-64k - 6.5.0-1018.18 linux-modules-iwlwifi-6.5.0-1018-oracle - 6.5.0-1018.18 linux-oracle-headers-6.5.0-1018 - 6.5.0-1018.18 linux-oracle-tools-6.5.0-1018 - 6.5.0-1018.18 linux-tools-6.5.0-1018-oracle - 6.5.0-1018.18 linux-tools-6.5.0-1018-oracle-64k - 6.5.0-1018.18 No subscription required linux-buildinfo-6.5.0-25-generic - 6.5.0-25.25 linux-buildinfo-6.5.0-25-generic-64k - 6.5.0-25.25 linux-cloud-tools-6.5.0-25 - 6.5.0-25.25 linux-cloud-tools-6.5.0-25-generic - 6.5.0-25.25 linux-cloud-tools-common - 6.5.0-25.25 linux-doc - 6.5.0-25.25 linux-headers-6.5.0-25 - 6.5.0-25.25 linux-headers-6.5.0-25-generic - 6.5.0-25.25 linux-headers-6.5.0-25-generic-64k - 6.5.0-25.25 linux-image-6.5.0-25-generic - 6.5.0-25.25 linux-image-6.5.0-25-generic-64k - 6.5.0-25.25 linux-image-uc-6.5.0-25-generic - 6.5.0-25.25 linux-image-uc-6.5.0-25-generic-64k - 6.5.0-25.25 linux-image-unsigned-6.5.0-25-generic - 6.5.0-25.25 linux-image-unsigned-6.5.0-25-generic-64k - 6.5.0-25.25 linux-lib-rust-6.5.0-25-generic - 6.5.0-25.25 linux-libc-dev - 6.5.0-25.25 linux-modules-6.5.0-25-generic - 6.5.0-25.25 linux-modules-6.5.0-25-generic-64k - 6.5.0-25.25 linux-modules-extra-6.5.0-25-generic - 6.5.0-25.25 linux-modules-ipu6-6.5.0-25-generic - 6.5.0-25.25 linux-modules-ivsc-6.5.0-25-generic - 6.5.0-25.25 linux-modules-iwlwifi-6.5.0-25-generic - 6.5.0-25.25 linux-source-6.5.0 - 6.5.0-25.25 linux-tools-6.5.0-25 - 6.5.0-25.25 linux-tools-6.5.0-25-generic - 6.5.0-25.25 linux-tools-6.5.0-25-generic-64k - 6.5.0-25.25 linux-tools-common - 6.5.0-25.25 linux-tools-host - 6.5.0-25.25 No subscription required linux-buildinfo-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-buildinfo-6.5.0-25-lowlatency-64k - 6.5.0-25.25.1 linux-cloud-tools-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-headers-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-headers-6.5.0-25-lowlatency-64k - 6.5.0-25.25.1 linux-image-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-image-6.5.0-25-lowlatency-64k - 6.5.0-25.25.1 linux-image-unsigned-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-image-unsigned-6.5.0-25-lowlatency-64k - 6.5.0-25.25.1 linux-lowlatency-cloud-tools-6.5.0-25 - 6.5.0-25.25.1 linux-lowlatency-cloud-tools-common - 6.5.0-25.25.1 linux-lowlatency-headers-6.5.0-25 - 6.5.0-25.25.1 linux-lowlatency-lib-rust-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-lowlatency-tools-6.5.0-25 - 6.5.0-25.25.1 linux-lowlatency-tools-common - 6.5.0-25.25.1 linux-lowlatency-tools-host - 6.5.0-25.25.1 linux-modules-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-modules-6.5.0-25-lowlatency-64k - 6.5.0-25.25.1 linux-modules-iwlwifi-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-tools-6.5.0-25-lowlatency - 6.5.0-25.25.1 linux-tools-6.5.0-25-lowlatency-64k - 6.5.0-25.25.1 No subscription required linux-headers-starfive - 6.5.0.1009.11 linux-image-starfive - 6.5.0.1009.11 linux-starfive - 6.5.0.1009.11 linux-tools-starfive - 6.5.0.1009.11 No subscription required linux-headers-laptop-23.10 - 6.5.0.1011.14 linux-image-laptop-23.10 - 6.5.0.1011.14 linux-laptop-23.10 - 6.5.0.1011.14 linux-tools-laptop-23.10 - 6.5.0.1011.14 No subscription required linux-headers-raspi - 6.5.0.1012.13 linux-headers-raspi-nolpae - 6.5.0.1012.13 linux-image-raspi - 6.5.0.1012.13 linux-image-raspi-nolpae - 6.5.0.1012.13 linux-modules-extra-raspi - 6.5.0.1012.13 linux-modules-extra-raspi-nolpae - 6.5.0.1012.13 linux-raspi - 6.5.0.1012.13 linux-raspi-nolpae - 6.5.0.1012.13 linux-tools-raspi - 6.5.0.1012.13 linux-tools-raspi-nolpae - 6.5.0.1012.13 No subscription required linux-gcp - 6.5.0.1015.15 linux-headers-gcp - 6.5.0.1015.15 linux-image-gcp - 6.5.0.1015.15 linux-modules-extra-gcp - 6.5.0.1015.15 linux-modules-iwlwifi-gcp - 6.5.0.1015.15 linux-tools-gcp - 6.5.0.1015.15 No subscription required linux-headers-oracle - 6.5.0.1018.20 linux-headers-oracle-64k - 6.5.0.1018.20 linux-image-oracle - 6.5.0.1018.20 linux-image-oracle-64k - 6.5.0.1018.20 linux-modules-iwlwifi-oracle - 6.5.0.1018.20 linux-oracle - 6.5.0.1018.20 linux-oracle-64k - 6.5.0.1018.20 linux-tools-oracle - 6.5.0.1018.20 linux-tools-oracle-64k - 6.5.0.1018.20 No subscription required linux-cloud-tools-generic - 6.5.0.25.25 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.25.25 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.25.25 linux-cloud-tools-virtual - 6.5.0.25.25 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.25.25 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.25.25 linux-crashdump - 6.5.0.25.25 linux-generic - 6.5.0.25.25 linux-generic-64k - 6.5.0.25.25 linux-generic-64k-hwe-22.04 - 6.5.0.25.25 linux-generic-64k-hwe-22.04-edge - 6.5.0.25.25 linux-generic-hwe-22.04 - 6.5.0.25.25 linux-generic-hwe-22.04-edge - 6.5.0.25.25 linux-generic-lpae - 6.5.0.25.25 linux-headers-generic - 6.5.0.25.25 linux-headers-generic-64k - 6.5.0.25.25 linux-headers-generic-64k-hwe-22.04 - 6.5.0.25.25 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.25.25 linux-headers-generic-hwe-22.04 - 6.5.0.25.25 linux-headers-generic-hwe-22.04-edge - 6.5.0.25.25 linux-headers-generic-lpae - 6.5.0.25.25 linux-headers-kvm - 6.5.0.25.25 linux-headers-oem-20.04 - 6.5.0.25.25 linux-headers-oem-20.04b - 6.5.0.25.25 linux-headers-oem-20.04c - 6.5.0.25.25 linux-headers-oem-20.04d - 6.5.0.25.25 linux-headers-oem-22.04 - 6.5.0.25.25 linux-headers-virtual - 6.5.0.25.25 linux-headers-virtual-hwe-22.04 - 6.5.0.25.25 linux-headers-virtual-hwe-22.04-edge - 6.5.0.25.25 linux-image-extra-virtual - 6.5.0.25.25 linux-image-extra-virtual-hwe-22.04 - 6.5.0.25.25 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.25.25 linux-image-generic - 6.5.0.25.25 linux-image-generic-64k - 6.5.0.25.25 linux-image-generic-64k-hwe-22.04 - 6.5.0.25.25 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.25.25 linux-image-generic-hwe-22.04 - 6.5.0.25.25 linux-image-generic-hwe-22.04-edge - 6.5.0.25.25 linux-image-generic-lpae - 6.5.0.25.25 linux-image-kvm - 6.5.0.25.25 linux-image-oem-20.04 - 6.5.0.25.25 linux-image-oem-20.04b - 6.5.0.25.25 linux-image-oem-20.04c - 6.5.0.25.25 linux-image-oem-20.04d - 6.5.0.25.25 linux-image-oem-22.04 - 6.5.0.25.25 linux-image-uc-generic - 6.5.0.25.25 linux-image-uc-generic-hwe-22.04 - 6.5.0.25.25 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.25.25 linux-image-virtual - 6.5.0.25.25 linux-image-virtual-hwe-22.04 - 6.5.0.25.25 linux-image-virtual-hwe-22.04-edge - 6.5.0.25.25 linux-kvm - 6.5.0.25.25 linux-modules-ipu6-generic - 6.5.0.25.25 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.25.25 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.25.25 linux-modules-ipu6-oem-22.04 - 6.5.0.25.25 linux-modules-ivsc-generic - 6.5.0.25.25 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.25.25 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.25.25 linux-modules-ivsc-oem-22.04 - 6.5.0.25.25 linux-modules-iwlwifi-generic - 6.5.0.25.25 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.25.25 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.25.25 linux-modules-iwlwifi-oem-20.04 - 6.5.0.25.25 linux-modules-iwlwifi-oem-20.04d - 6.5.0.25.25 linux-modules-iwlwifi-oem-22.04 - 6.5.0.25.25 linux-oem-20.04 - 6.5.0.25.25 linux-oem-20.04b - 6.5.0.25.25 linux-oem-20.04c - 6.5.0.25.25 linux-oem-20.04d - 6.5.0.25.25 linux-oem-22.04 - 6.5.0.25.25 linux-source - 6.5.0.25.25 linux-tools-generic - 6.5.0.25.25 linux-tools-generic-64k - 6.5.0.25.25 linux-tools-generic-64k-hwe-22.04 - 6.5.0.25.25 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.25.25 linux-tools-generic-hwe-22.04 - 6.5.0.25.25 linux-tools-generic-hwe-22.04-edge - 6.5.0.25.25 linux-tools-generic-lpae - 6.5.0.25.25 linux-tools-kvm - 6.5.0.25.25 linux-tools-oem-20.04 - 6.5.0.25.25 linux-tools-oem-20.04b - 6.5.0.25.25 linux-tools-oem-20.04c - 6.5.0.25.25 linux-tools-oem-20.04d - 6.5.0.25.25 linux-tools-oem-22.04 - 6.5.0.25.25 linux-tools-virtual - 6.5.0.25.25 linux-tools-virtual-hwe-22.04 - 6.5.0.25.25 linux-tools-virtual-hwe-22.04-edge - 6.5.0.25.25 linux-virtual - 6.5.0.25.25 linux-virtual-hwe-22.04 - 6.5.0.25.25 linux-virtual-hwe-22.04-edge - 6.5.0.25.25 No subscription required linux-cloud-tools-lowlatency - 6.5.0.25.25.16 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.25.25.16 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.25.25.16 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.25.25.16 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.25.25.16 linux-headers-lowlatency - 6.5.0.25.25.16 linux-headers-lowlatency-64k - 6.5.0.25.25.16 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.25.25.16 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.25.25.16 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.25.25.16 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.25.25.16 linux-headers-lowlatency-hwe-20.04 - 6.5.0.25.25.16 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.25.25.16 linux-headers-lowlatency-hwe-22.04 - 6.5.0.25.25.16 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.25.25.16 linux-image-lowlatency - 6.5.0.25.25.16 linux-image-lowlatency-64k - 6.5.0.25.25.16 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.25.25.16 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.25.25.16 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.25.25.16 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.25.25.16 linux-image-lowlatency-hwe-20.04 - 6.5.0.25.25.16 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.25.25.16 linux-image-lowlatency-hwe-22.04 - 6.5.0.25.25.16 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.25.25.16 linux-lowlatency - 6.5.0.25.25.16 linux-lowlatency-64k - 6.5.0.25.25.16 linux-lowlatency-64k-hwe-20.04 - 6.5.0.25.25.16 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.25.25.16 linux-lowlatency-64k-hwe-22.04 - 6.5.0.25.25.16 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.25.25.16 linux-lowlatency-hwe-20.04 - 6.5.0.25.25.16 linux-lowlatency-hwe-20.04-edge - 6.5.0.25.25.16 linux-lowlatency-hwe-22.04 - 6.5.0.25.25.16 linux-lowlatency-hwe-22.04-edge - 6.5.0.25.25.16 linux-modules-iwlwifi-lowlatency - 6.5.0.25.25.16 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.25.25.16 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.25.25.16 linux-tools-lowlatency - 6.5.0.25.25.16 linux-tools-lowlatency-64k - 6.5.0.25.25.16 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.25.25.16 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.25.25.16 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.25.25.16 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.25.25.16 linux-tools-lowlatency-hwe-20.04 - 6.5.0.25.25.16 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.25.25.16 linux-tools-lowlatency-hwe-22.04 - 6.5.0.25.25.16 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.25.25.16 No subscription required Medium CVE-2023-46343 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2023-6560 CVE-2024-0607 CVE-2024-25744 Ubuntu 23.10 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) Jann Horn discovered that the io_uring subsystem in the Linux kernel contained an out-of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6560) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Update Instructions: Run `sudo pro fix USN-6680-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-6.5.0-1016 - 6.5.0-1016.16 linux-azure-headers-6.5.0-1016 - 6.5.0-1016.16 linux-azure-tools-6.5.0-1016 - 6.5.0-1016.16 linux-buildinfo-6.5.0-1016-azure - 6.5.0-1016.16 linux-cloud-tools-6.5.0-1016-azure - 6.5.0-1016.16 linux-headers-6.5.0-1016-azure - 6.5.0-1016.16 linux-image-6.5.0-1016-azure - 6.5.0-1016.16 linux-image-6.5.0-1016-azure-fde - 6.5.0-1016.16 linux-image-unsigned-6.5.0-1016-azure - 6.5.0-1016.16 linux-modules-6.5.0-1016-azure - 6.5.0-1016.16 linux-modules-extra-6.5.0-1016-azure - 6.5.0-1016.16 linux-modules-ipu6-6.5.0-1016-azure - 6.5.0-1016.16 linux-modules-ivsc-6.5.0-1016-azure - 6.5.0-1016.16 linux-modules-iwlwifi-6.5.0-1016-azure - 6.5.0-1016.16 linux-tools-6.5.0-1016-azure - 6.5.0-1016.16 No subscription required linux-azure - 6.5.0.1016.18 linux-azure-fde - 6.5.0.1016.18 linux-cloud-tools-azure - 6.5.0.1016.18 linux-headers-azure - 6.5.0.1016.18 linux-image-azure - 6.5.0.1016.18 linux-image-azure-fde - 6.5.0.1016.18 linux-modules-extra-azure - 6.5.0.1016.18 linux-modules-ipu6-azure - 6.5.0.1016.18 linux-modules-ivsc-azure - 6.5.0.1016.18 linux-modules-iwlwifi-azure - 6.5.0.1016.18 linux-tools-azure - 6.5.0.1016.18 No subscription required Medium CVE-2023-46343 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2023-6560 CVE-2024-0607 CVE-2024-25744 Ubuntu 23.10 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) Jann Horn discovered that the io_uring subsystem in the Linux kernel contained an out-of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6560) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Update Instructions: Run `sudo pro fix USN-6680-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-6.5.0-1015 - 6.5.0-1015.15 linux-aws-headers-6.5.0-1015 - 6.5.0-1015.15 linux-aws-tools-6.5.0-1015 - 6.5.0-1015.15 linux-buildinfo-6.5.0-1015-aws - 6.5.0-1015.15 linux-cloud-tools-6.5.0-1015-aws - 6.5.0-1015.15 linux-headers-6.5.0-1015-aws - 6.5.0-1015.15 linux-image-6.5.0-1015-aws - 6.5.0-1015.15 linux-image-unsigned-6.5.0-1015-aws - 6.5.0-1015.15 linux-modules-6.5.0-1015-aws - 6.5.0-1015.15 linux-modules-extra-6.5.0-1015-aws - 6.5.0-1015.15 linux-tools-6.5.0-1015-aws - 6.5.0-1015.15 No subscription required linux-aws - 6.5.0.1015.15 linux-headers-aws - 6.5.0.1015.15 linux-image-aws - 6.5.0.1015.15 linux-modules-extra-aws - 6.5.0.1015.15 linux-tools-aws - 6.5.0.1015.15 No subscription required Medium CVE-2023-46343 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2023-6560 CVE-2024-0607 CVE-2024-25744 Ubuntu 23.10 It was discovered that Rack incorrectly parse some headers. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-27539, CVE-2024-26141, CVE-2024-26146) Update Instructions: Run `sudo pro fix USN-6689-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.2.4-3ubuntu0.1 No subscription required Medium CVE-2023-27539 CVE-2024-26141 CVE-2024-26146 Ubuntu 23.10 Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware offloading via the netlink path is enabled. A remote attacker could possibly use this issue to cause Open vSwitch to crash, leading to a denial of service. (CVE-2023-3966) It was discovered that Open vSwitch incorrectly handled certain ICMPv6 Neighbor Advertisement packets. A remote attacker could possibly use this issue to redirect traffic to arbitrary IP addresses. (CVE-2023-5366) Update Instructions: Run `sudo pro fix USN-6690-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-common - 3.2.2-0ubuntu0.23.10.1 openvswitch-doc - 3.2.2-0ubuntu0.23.10.1 openvswitch-ipsec - 3.2.2-0ubuntu0.23.10.1 openvswitch-pki - 3.2.2-0ubuntu0.23.10.1 openvswitch-source - 3.2.2-0ubuntu0.23.10.1 openvswitch-switch - 3.2.2-0ubuntu0.23.10.1 openvswitch-switch-dpdk - 3.2.2-0ubuntu0.23.10.1 openvswitch-test - 3.2.2-0ubuntu0.23.10.1 openvswitch-testcontroller - 3.2.2-0ubuntu0.23.10.1 openvswitch-vtep - 3.2.2-0ubuntu0.23.10.1 python3-openvswitch - 3.2.2-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-3966 CVE-2023-5366 Ubuntu 23.10 It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic. Update Instructions: Run `sudo pro fix USN-6691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ovn-central - 23.09.0-1ubuntu0.1 ovn-common - 23.09.0-1ubuntu0.1 ovn-controller-vtep - 23.09.0-1ubuntu0.1 ovn-doc - 23.09.0-1ubuntu0.1 ovn-docker - 23.09.0-1ubuntu0.1 ovn-host - 23.09.0-1ubuntu0.1 ovn-ic - 23.09.0-1ubuntu0.1 ovn-ic-db - 23.09.0-1ubuntu0.1 No subscription required Medium CVE-2024-2182 Ubuntu 23.10 It was discovered that .NET did not properly handle certain specially crafted requests. An attacker could potentially use this issue to cause a resource leak, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6693-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aspnetcore-runtime-7.0 - 7.0.117-0ubuntu1~23.10.1 aspnetcore-targeting-pack-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-apphost-pack-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-host-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-runtime-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-sdk-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-sdk-7.0-source-built-artifacts - 7.0.117-0ubuntu1~23.10.1 dotnet-targeting-pack-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet-templates-7.0 - 7.0.117-0ubuntu1~23.10.1 dotnet7 - 7.0.117-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-7.0 - 7.0.117-0ubuntu1~23.10.1 No subscription required dotnet-sdk-8.0 - 8.0.103-0ubuntu1~23.10.1 dotnet-sdk-8.0-source-built-artifacts - 8.0.103-0ubuntu1~23.10.1 dotnet-templates-8.0 - 8.0.103-0ubuntu1~23.10.1 netstandard-targeting-pack-2.1-8.0 - 8.0.103-0ubuntu1~23.10.1 No subscription required dotnet8 - 8.0.103-8.0.3-0ubuntu1~23.10.1 No subscription required aspnetcore-runtime-8.0 - 8.0.3-0ubuntu1~23.10.1 aspnetcore-targeting-pack-8.0 - 8.0.3-0ubuntu1~23.10.1 dotnet-apphost-pack-8.0 - 8.0.3-0ubuntu1~23.10.1 dotnet-host-8.0 - 8.0.3-0ubuntu1~23.10.1 dotnet-hostfxr-8.0 - 8.0.3-0ubuntu1~23.10.1 dotnet-runtime-8.0 - 8.0.3-0ubuntu1~23.10.1 dotnet-targeting-pack-8.0 - 8.0.3-0ubuntu1~23.10.1 No subscription required Medium CVE-2024-21392 Ubuntu 23.10 It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-52425, CVE-2024-28757) Update Instructions: Run `sudo pro fix USN-6694-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.5.0-2ubuntu0.1 libexpat1 - 2.5.0-2ubuntu0.1 libexpat1-dev - 2.5.0-2ubuntu0.1 No subscription required Medium CVE-2023-52425 CVE-2024-28757 Ubuntu 23.10 It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604) It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-32668) It was discovered that TeX Live incorrectly handled certain TrueType fonts. If a user or automated system were tricked into opening a specially crafted TrueType font, a remote attacker could use this issue to cause TeX Live to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-25262) Update Instructions: Run `sudo pro fix USN-6695-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libkpathsea-dev - 2023.20230311.66589-6ubuntu0.1 libkpathsea6 - 2023.20230311.66589-6ubuntu0.1 libptexenc-dev - 2023.20230311.66589-6ubuntu0.1 libptexenc1 - 2023.20230311.66589-6ubuntu0.1 libsynctex-dev - 2023.20230311.66589-6ubuntu0.1 libsynctex2 - 2023.20230311.66589-6ubuntu0.1 libtexlua-dev - 2023.20230311.66589-6ubuntu0.1 libtexlua53 - 2023.20230311.66589-6ubuntu0.1 libtexlua53-5 - 2023.20230311.66589-6ubuntu0.1 libtexlua53-dev - 2023.20230311.66589-6ubuntu0.1 libtexluajit-dev - 2023.20230311.66589-6ubuntu0.1 libtexluajit2 - 2023.20230311.66589-6ubuntu0.1 texlive-binaries - 2023.20230311.66589-6ubuntu0.1 texlive-binaries-sse2 - 2023.20230311.66589-6ubuntu0.1 No subscription required Medium CVE-2019-18604 CVE-2023-32668 CVE-2024-25262 Ubuntu 23.10 Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 8 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 8 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926) It was discovered that OpenJDK 8 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 8 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6696-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-doc - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-jdk - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-jdk-headless - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-jre - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-jre-headless - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-jre-zero - 8u402-ga-2ubuntu1~23.10.1 openjdk-8-source - 8u402-ga-2ubuntu1~23.10.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 Ubuntu 23.10 Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service Update Instructions: Run `sudo pro fix USN-6698-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:9.0.1672-1ubuntu2.3 vim-athena - 2:9.0.1672-1ubuntu2.3 vim-common - 2:9.0.1672-1ubuntu2.3 vim-doc - 2:9.0.1672-1ubuntu2.3 vim-gtk3 - 2:9.0.1672-1ubuntu2.3 vim-gui-common - 2:9.0.1672-1ubuntu2.3 vim-motif - 2:9.0.1672-1ubuntu2.3 vim-nox - 2:9.0.1672-1ubuntu2.3 vim-runtime - 2:9.0.1672-1ubuntu2.3 vim-tiny - 2:9.0.1672-1ubuntu2.3 xxd - 2:9.0.1672-1ubuntu2.3 No subscription required Low CVE-2024-22667 Ubuntu 23.10 Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - PWM drivers; (CVE-2024-26597, CVE-2024-26599) Update Instructions: Run `sudo pro fix USN-6707-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1010-starfive - 6.5.0-1010.11 linux-headers-6.5.0-1010-starfive - 6.5.0-1010.11 linux-image-6.5.0-1010-starfive - 6.5.0-1010.11 linux-modules-6.5.0-1010-starfive - 6.5.0-1010.11 linux-modules-extra-6.5.0-1010-starfive - 6.5.0-1010.11 linux-starfive-headers-6.5.0-1010 - 6.5.0-1010.11 linux-starfive-tools-6.5.0-1010 - 6.5.0-1010.11 linux-tools-6.5.0-1010-starfive - 6.5.0-1010.11 No subscription required linux-buildinfo-6.5.0-1013-raspi - 6.5.0-1013.16 linux-headers-6.5.0-1013-raspi - 6.5.0-1013.16 linux-image-6.5.0-1013-raspi - 6.5.0-1013.16 linux-modules-6.5.0-1013-raspi - 6.5.0-1013.16 linux-modules-extra-6.5.0-1013-raspi - 6.5.0-1013.16 linux-raspi-headers-6.5.0-1013 - 6.5.0-1013.16 linux-raspi-tools-6.5.0-1013 - 6.5.0-1013.16 linux-tools-6.5.0-1013-raspi - 6.5.0-1013.16 No subscription required linux-buildinfo-6.5.0-1016-gcp - 6.5.0-1016.16 linux-gcp-headers-6.5.0-1016 - 6.5.0-1016.16 linux-gcp-tools-6.5.0-1016 - 6.5.0-1016.16 linux-headers-6.5.0-1016-gcp - 6.5.0-1016.16 linux-image-6.5.0-1016-gcp - 6.5.0-1016.16 linux-image-unsigned-6.5.0-1016-gcp - 6.5.0-1016.16 linux-modules-6.5.0-1016-gcp - 6.5.0-1016.16 linux-modules-extra-6.5.0-1016-gcp - 6.5.0-1016.16 linux-modules-iwlwifi-6.5.0-1016-gcp - 6.5.0-1016.16 linux-tools-6.5.0-1016-gcp - 6.5.0-1016.16 No subscription required linux-azure-cloud-tools-6.5.0-1017 - 6.5.0-1017.17 linux-azure-headers-6.5.0-1017 - 6.5.0-1017.17 linux-azure-tools-6.5.0-1017 - 6.5.0-1017.17 linux-buildinfo-6.5.0-1017-azure - 6.5.0-1017.17 linux-cloud-tools-6.5.0-1017-azure - 6.5.0-1017.17 linux-headers-6.5.0-1017-azure - 6.5.0-1017.17 linux-image-6.5.0-1017-azure - 6.5.0-1017.17 linux-image-6.5.0-1017-azure-fde - 6.5.0-1017.17 linux-image-unsigned-6.5.0-1017-azure - 6.5.0-1017.17 linux-modules-6.5.0-1017-azure - 6.5.0-1017.17 linux-modules-extra-6.5.0-1017-azure - 6.5.0-1017.17 linux-modules-ipu6-6.5.0-1017-azure - 6.5.0-1017.17 linux-modules-ivsc-6.5.0-1017-azure - 6.5.0-1017.17 linux-modules-iwlwifi-6.5.0-1017-azure - 6.5.0-1017.17 linux-tools-6.5.0-1017-azure - 6.5.0-1017.17 No subscription required linux-buildinfo-6.5.0-1019-oracle - 6.5.0-1019.19 linux-buildinfo-6.5.0-1019-oracle-64k - 6.5.0-1019.19 linux-headers-6.5.0-1019-oracle - 6.5.0-1019.19 linux-headers-6.5.0-1019-oracle-64k - 6.5.0-1019.19 linux-image-6.5.0-1019-oracle - 6.5.0-1019.19 linux-image-6.5.0-1019-oracle-64k - 6.5.0-1019.19 linux-image-unsigned-6.5.0-1019-oracle - 6.5.0-1019.19 linux-image-unsigned-6.5.0-1019-oracle-64k - 6.5.0-1019.19 linux-modules-6.5.0-1019-oracle - 6.5.0-1019.19 linux-modules-6.5.0-1019-oracle-64k - 6.5.0-1019.19 linux-modules-extra-6.5.0-1019-oracle - 6.5.0-1019.19 linux-modules-extra-6.5.0-1019-oracle-64k - 6.5.0-1019.19 linux-modules-iwlwifi-6.5.0-1019-oracle - 6.5.0-1019.19 linux-oracle-headers-6.5.0-1019 - 6.5.0-1019.19 linux-oracle-tools-6.5.0-1019 - 6.5.0-1019.19 linux-tools-6.5.0-1019-oracle - 6.5.0-1019.19 linux-tools-6.5.0-1019-oracle-64k - 6.5.0-1019.19 No subscription required linux-buildinfo-6.5.0-26-generic - 6.5.0-26.26 linux-buildinfo-6.5.0-26-generic-64k - 6.5.0-26.26 linux-cloud-tools-6.5.0-26 - 6.5.0-26.26 linux-cloud-tools-6.5.0-26-generic - 6.5.0-26.26 linux-cloud-tools-common - 6.5.0-26.26 linux-doc - 6.5.0-26.26 linux-headers-6.5.0-26 - 6.5.0-26.26 linux-headers-6.5.0-26-generic - 6.5.0-26.26 linux-headers-6.5.0-26-generic-64k - 6.5.0-26.26 linux-image-6.5.0-26-generic - 6.5.0-26.26 linux-image-6.5.0-26-generic-64k - 6.5.0-26.26 linux-image-uc-6.5.0-26-generic - 6.5.0-26.26 linux-image-uc-6.5.0-26-generic-64k - 6.5.0-26.26 linux-image-unsigned-6.5.0-26-generic - 6.5.0-26.26 linux-image-unsigned-6.5.0-26-generic-64k - 6.5.0-26.26 linux-lib-rust-6.5.0-26-generic - 6.5.0-26.26 linux-libc-dev - 6.5.0-26.26 linux-modules-6.5.0-26-generic - 6.5.0-26.26 linux-modules-6.5.0-26-generic-64k - 6.5.0-26.26 linux-modules-extra-6.5.0-26-generic - 6.5.0-26.26 linux-modules-ipu6-6.5.0-26-generic - 6.5.0-26.26 linux-modules-ivsc-6.5.0-26-generic - 6.5.0-26.26 linux-modules-iwlwifi-6.5.0-26-generic - 6.5.0-26.26 linux-source-6.5.0 - 6.5.0-26.26 linux-tools-6.5.0-26 - 6.5.0-26.26 linux-tools-6.5.0-26-generic - 6.5.0-26.26 linux-tools-6.5.0-26-generic-64k - 6.5.0-26.26 linux-tools-common - 6.5.0-26.26 linux-tools-host - 6.5.0-26.26 No subscription required linux-buildinfo-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-buildinfo-6.5.0-26-lowlatency-64k - 6.5.0-26.26.1 linux-cloud-tools-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-headers-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-headers-6.5.0-26-lowlatency-64k - 6.5.0-26.26.1 linux-image-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-image-6.5.0-26-lowlatency-64k - 6.5.0-26.26.1 linux-image-unsigned-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-image-unsigned-6.5.0-26-lowlatency-64k - 6.5.0-26.26.1 linux-lowlatency-cloud-tools-6.5.0-26 - 6.5.0-26.26.1 linux-lowlatency-cloud-tools-common - 6.5.0-26.26.1 linux-lowlatency-headers-6.5.0-26 - 6.5.0-26.26.1 linux-lowlatency-lib-rust-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-lowlatency-tools-6.5.0-26 - 6.5.0-26.26.1 linux-lowlatency-tools-common - 6.5.0-26.26.1 linux-lowlatency-tools-host - 6.5.0-26.26.1 linux-modules-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-modules-6.5.0-26-lowlatency-64k - 6.5.0-26.26.1 linux-modules-iwlwifi-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-tools-6.5.0-26-lowlatency - 6.5.0-26.26.1 linux-tools-6.5.0-26-lowlatency-64k - 6.5.0-26.26.1 No subscription required linux-headers-starfive - 6.5.0.1010.12 linux-image-starfive - 6.5.0.1010.12 linux-starfive - 6.5.0.1010.12 linux-tools-starfive - 6.5.0.1010.12 No subscription required linux-headers-raspi - 6.5.0.1013.14 linux-headers-raspi-nolpae - 6.5.0.1013.14 linux-image-raspi - 6.5.0.1013.14 linux-image-raspi-nolpae - 6.5.0.1013.14 linux-modules-extra-raspi - 6.5.0.1013.14 linux-modules-extra-raspi-nolpae - 6.5.0.1013.14 linux-raspi - 6.5.0.1013.14 linux-raspi-nolpae - 6.5.0.1013.14 linux-tools-raspi - 6.5.0.1013.14 linux-tools-raspi-nolpae - 6.5.0.1013.14 No subscription required linux-gcp - 6.5.0.1016.16 linux-headers-gcp - 6.5.0.1016.16 linux-image-gcp - 6.5.0.1016.16 linux-modules-extra-gcp - 6.5.0.1016.16 linux-modules-iwlwifi-gcp - 6.5.0.1016.16 linux-tools-gcp - 6.5.0.1016.16 No subscription required linux-azure - 6.5.0.1017.19 linux-azure-fde - 6.5.0.1017.19 linux-cloud-tools-azure - 6.5.0.1017.19 linux-headers-azure - 6.5.0.1017.19 linux-image-azure - 6.5.0.1017.19 linux-image-azure-fde - 6.5.0.1017.19 linux-modules-extra-azure - 6.5.0.1017.19 linux-modules-ipu6-azure - 6.5.0.1017.19 linux-modules-ivsc-azure - 6.5.0.1017.19 linux-modules-iwlwifi-azure - 6.5.0.1017.19 linux-tools-azure - 6.5.0.1017.19 No subscription required linux-headers-oracle - 6.5.0.1019.21 linux-headers-oracle-64k - 6.5.0.1019.21 linux-image-oracle - 6.5.0.1019.21 linux-image-oracle-64k - 6.5.0.1019.21 linux-modules-iwlwifi-oracle - 6.5.0.1019.21 linux-oracle - 6.5.0.1019.21 linux-oracle-64k - 6.5.0.1019.21 linux-tools-oracle - 6.5.0.1019.21 linux-tools-oracle-64k - 6.5.0.1019.21 No subscription required linux-cloud-tools-generic - 6.5.0.26.26 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.26.26 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.26.26 linux-cloud-tools-virtual - 6.5.0.26.26 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.26.26 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.26.26 linux-crashdump - 6.5.0.26.26 linux-generic - 6.5.0.26.26 linux-generic-64k - 6.5.0.26.26 linux-generic-64k-hwe-22.04 - 6.5.0.26.26 linux-generic-64k-hwe-22.04-edge - 6.5.0.26.26 linux-generic-hwe-22.04 - 6.5.0.26.26 linux-generic-hwe-22.04-edge - 6.5.0.26.26 linux-generic-lpae - 6.5.0.26.26 linux-headers-generic - 6.5.0.26.26 linux-headers-generic-64k - 6.5.0.26.26 linux-headers-generic-64k-hwe-22.04 - 6.5.0.26.26 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.26.26 linux-headers-generic-hwe-22.04 - 6.5.0.26.26 linux-headers-generic-hwe-22.04-edge - 6.5.0.26.26 linux-headers-generic-lpae - 6.5.0.26.26 linux-headers-kvm - 6.5.0.26.26 linux-headers-oem-20.04 - 6.5.0.26.26 linux-headers-oem-20.04b - 6.5.0.26.26 linux-headers-oem-20.04c - 6.5.0.26.26 linux-headers-oem-20.04d - 6.5.0.26.26 linux-headers-oem-22.04 - 6.5.0.26.26 linux-headers-virtual - 6.5.0.26.26 linux-headers-virtual-hwe-22.04 - 6.5.0.26.26 linux-headers-virtual-hwe-22.04-edge - 6.5.0.26.26 linux-image-extra-virtual - 6.5.0.26.26 linux-image-extra-virtual-hwe-22.04 - 6.5.0.26.26 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.26.26 linux-image-generic - 6.5.0.26.26 linux-image-generic-64k - 6.5.0.26.26 linux-image-generic-64k-hwe-22.04 - 6.5.0.26.26 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.26.26 linux-image-generic-hwe-22.04 - 6.5.0.26.26 linux-image-generic-hwe-22.04-edge - 6.5.0.26.26 linux-image-generic-lpae - 6.5.0.26.26 linux-image-kvm - 6.5.0.26.26 linux-image-oem-20.04 - 6.5.0.26.26 linux-image-oem-20.04b - 6.5.0.26.26 linux-image-oem-20.04c - 6.5.0.26.26 linux-image-oem-20.04d - 6.5.0.26.26 linux-image-oem-22.04 - 6.5.0.26.26 linux-image-uc-generic - 6.5.0.26.26 linux-image-uc-generic-hwe-22.04 - 6.5.0.26.26 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.26.26 linux-image-virtual - 6.5.0.26.26 linux-image-virtual-hwe-22.04 - 6.5.0.26.26 linux-image-virtual-hwe-22.04-edge - 6.5.0.26.26 linux-kvm - 6.5.0.26.26 linux-modules-ipu6-generic - 6.5.0.26.26 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.26.26 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.26.26 linux-modules-ipu6-oem-22.04 - 6.5.0.26.26 linux-modules-ivsc-generic - 6.5.0.26.26 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.26.26 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.26.26 linux-modules-ivsc-oem-22.04 - 6.5.0.26.26 linux-modules-iwlwifi-generic - 6.5.0.26.26 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.26.26 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.26.26 linux-modules-iwlwifi-oem-20.04 - 6.5.0.26.26 linux-modules-iwlwifi-oem-20.04d - 6.5.0.26.26 linux-modules-iwlwifi-oem-22.04 - 6.5.0.26.26 linux-oem-20.04 - 6.5.0.26.26 linux-oem-20.04b - 6.5.0.26.26 linux-oem-20.04c - 6.5.0.26.26 linux-oem-20.04d - 6.5.0.26.26 linux-oem-22.04 - 6.5.0.26.26 linux-source - 6.5.0.26.26 linux-tools-generic - 6.5.0.26.26 linux-tools-generic-64k - 6.5.0.26.26 linux-tools-generic-64k-hwe-22.04 - 6.5.0.26.26 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.26.26 linux-tools-generic-hwe-22.04 - 6.5.0.26.26 linux-tools-generic-hwe-22.04-edge - 6.5.0.26.26 linux-tools-generic-lpae - 6.5.0.26.26 linux-tools-kvm - 6.5.0.26.26 linux-tools-oem-20.04 - 6.5.0.26.26 linux-tools-oem-20.04b - 6.5.0.26.26 linux-tools-oem-20.04c - 6.5.0.26.26 linux-tools-oem-20.04d - 6.5.0.26.26 linux-tools-oem-22.04 - 6.5.0.26.26 linux-tools-virtual - 6.5.0.26.26 linux-tools-virtual-hwe-22.04 - 6.5.0.26.26 linux-tools-virtual-hwe-22.04-edge - 6.5.0.26.26 linux-virtual - 6.5.0.26.26 linux-virtual-hwe-22.04 - 6.5.0.26.26 linux-virtual-hwe-22.04-edge - 6.5.0.26.26 No subscription required linux-cloud-tools-lowlatency - 6.5.0.26.26.17 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.26.26.17 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.26.26.17 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.26.26.17 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.26.26.17 linux-headers-lowlatency - 6.5.0.26.26.17 linux-headers-lowlatency-64k - 6.5.0.26.26.17 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.26.26.17 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.26.26.17 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.26.26.17 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.26.26.17 linux-headers-lowlatency-hwe-20.04 - 6.5.0.26.26.17 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.26.26.17 linux-headers-lowlatency-hwe-22.04 - 6.5.0.26.26.17 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.26.26.17 linux-image-lowlatency - 6.5.0.26.26.17 linux-image-lowlatency-64k - 6.5.0.26.26.17 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.26.26.17 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.26.26.17 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.26.26.17 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.26.26.17 linux-image-lowlatency-hwe-20.04 - 6.5.0.26.26.17 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.26.26.17 linux-image-lowlatency-hwe-22.04 - 6.5.0.26.26.17 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.26.26.17 linux-lowlatency - 6.5.0.26.26.17 linux-lowlatency-64k - 6.5.0.26.26.17 linux-lowlatency-64k-hwe-20.04 - 6.5.0.26.26.17 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.26.26.17 linux-lowlatency-64k-hwe-22.04 - 6.5.0.26.26.17 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.26.26.17 linux-lowlatency-hwe-20.04 - 6.5.0.26.26.17 linux-lowlatency-hwe-20.04-edge - 6.5.0.26.26.17 linux-lowlatency-hwe-22.04 - 6.5.0.26.26.17 linux-lowlatency-hwe-22.04-edge - 6.5.0.26.26.17 linux-modules-iwlwifi-lowlatency - 6.5.0.26.26.17 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.26.26.17 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.26.26.17 linux-tools-lowlatency - 6.5.0.26.26.17 linux-tools-lowlatency-64k - 6.5.0.26.26.17 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.26.26.17 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.26.26.17 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.26.26.17 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.26.26.17 linux-tools-lowlatency-hwe-20.04 - 6.5.0.26.26.17 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.26.26.17 linux-tools-lowlatency-hwe-22.04 - 6.5.0.26.26.17 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.26.26.17 No subscription required High CVE-2024-1085 CVE-2024-1086 CVE-2024-26597 CVE-2024-26599 Ubuntu 23.10 Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - PWM drivers; (CVE-2024-26597, CVE-2024-26599) Update Instructions: Run `sudo pro fix USN-6707-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1012-laptop - 6.5.0-1012.15 linux-headers-6.5.0-1012-laptop - 6.5.0-1012.15 linux-image-6.5.0-1012-laptop - 6.5.0-1012.15 linux-laptop-headers-6.5.0-1012 - 6.5.0-1012.15 linux-laptop-tools-6.5.0-1012 - 6.5.0-1012.15 linux-modules-6.5.0-1012-laptop - 6.5.0-1012.15 linux-tools-6.5.0-1012-laptop - 6.5.0-1012.15 No subscription required linux-headers-laptop-23.10 - 6.5.0.1012.15 linux-image-laptop-23.10 - 6.5.0.1012.15 linux-laptop-23.10 - 6.5.0.1012.15 linux-tools-laptop-23.10 - 6.5.0.1012.15 No subscription required High CVE-2024-1085 CVE-2024-1086 CVE-2024-26597 CVE-2024-26599 Ubuntu 23.10 Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - PWM drivers; (CVE-2024-26597, CVE-2024-26599) Update Instructions: Run `sudo pro fix USN-6707-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-6.5.0-1016 - 6.5.0-1016.16 linux-aws-headers-6.5.0-1016 - 6.5.0-1016.16 linux-aws-tools-6.5.0-1016 - 6.5.0-1016.16 linux-buildinfo-6.5.0-1016-aws - 6.5.0-1016.16 linux-cloud-tools-6.5.0-1016-aws - 6.5.0-1016.16 linux-headers-6.5.0-1016-aws - 6.5.0-1016.16 linux-image-6.5.0-1016-aws - 6.5.0-1016.16 linux-image-unsigned-6.5.0-1016-aws - 6.5.0-1016.16 linux-modules-6.5.0-1016-aws - 6.5.0-1016.16 linux-modules-extra-6.5.0-1016-aws - 6.5.0-1016.16 linux-tools-6.5.0-1016-aws - 6.5.0-1016.16 No subscription required linux-aws - 6.5.0.1016.16 linux-headers-aws - 6.5.0.1016.16 linux-image-aws - 6.5.0.1016.16 linux-modules-extra-aws - 6.5.0.1016.16 linux-tools-aws - 6.5.0.1016.16 No subscription required High CVE-2024-1085 CVE-2024-1086 CVE-2024-26597 CVE-2024-26599 Ubuntu 23.10 It was discovered that QPDF incorrectly handled certain memory operations when decoding JSON files. If a user or automated system were tricked into processing a specially crafted JSON file, QPDF could be made to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6713-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libqpdf-dev - 11.5.0-1ubuntu1.1 libqpdf29 - 11.5.0-1ubuntu1.1 qpdf - 11.5.0-1ubuntu1.1 No subscription required Medium CVE-2024-24246 Ubuntu 23.10 It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands. Update Instructions: Run `sudo pro fix USN-6714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: debian-goodies - 0.88.1ubuntu1.2 No subscription required Low CVE-2023-27635 Ubuntu 23.10 It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-6715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libodbc2 - 2.3.12-1ubuntu0.23.10.1 libodbccr2 - 2.3.12-1ubuntu0.23.10.1 libodbcinst2 - 2.3.12-1ubuntu0.23.10.1 odbcinst - 2.3.12-1ubuntu0.23.10.1 unixodbc - 2.3.12-1ubuntu0.23.10.1 unixodbc-common - 2.3.12-1ubuntu0.23.10.1 unixodbc-dev - 2.3.12-1ubuntu0.23.10.1 No subscription required Medium CVE-2024-1013 Ubuntu 23.10 Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-0743, CVE-2024-2611, CVE-2024-2614) Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2023-5388) Gary Kwong discovered that Thunderbird incorrectly updated return registers for JIT code on Armv7-A systems. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-2607) Ronald Crane discovered that Thunderbird did not properly manage memory during character encoding. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2608) Georg Felber and Marco Squarcina discovered that Thunderbird incorrectly handled html and body tags. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able obtain sensitive information. (CVE-2024-2610) Ronald Crane discovered a use-after-free in Thunderbird when handling code in SafeRefPtr. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-2612) Ryan VanderMeulen and Dan Minor discovered that Thunderbird did not properly manage memory conditions in ICU. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2616) Update Instructions: Run `sudo pro fix USN-6717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-dev - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-gnome-support - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-af - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ar - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ast - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-be - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-bg - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-bn - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-bn-bd - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-br - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ca - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-cak - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-cs - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-cy - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-da - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-de - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-dsb - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-el - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-en - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-en-gb - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-en-us - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-es - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-es-ar - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-es-es - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-et - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-eu - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fa - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fi - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fr - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fy - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-fy-nl - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ga - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ga-ie - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-gd - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-gl - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-he - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hr - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hsb - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hu - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-hy - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-id - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-is - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-it - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ja - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ka - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-kab - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-kk - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ko - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-lt - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-lv - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-mk - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ms - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nb - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nb-no - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nl - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nn - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-nn-no - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pa - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pa-in - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pl - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pt - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-br - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-pt - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-rm - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ro - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ru - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-si - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sk - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sl - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sq - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sr - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sv - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-sv-se - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ta - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-ta-lk - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-th - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-tr - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-uk - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-uz - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-vi - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-cn - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hans - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hant - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-tw - 1:115.9.0+build1-0ubuntu0.23.10.1 thunderbird-mozsymbols - 1:115.9.0+build1-0ubuntu0.23.10.1 xul-ext-calendar-timezones - 1:115.9.0+build1-0ubuntu0.23.10.1 xul-ext-gdata-provider - 1:115.9.0+build1-0ubuntu0.23.10.1 xul-ext-lightning - 1:115.9.0+build1-0ubuntu0.23.10.1 No subscription required Medium CVE-2024-0743 CVE-2023-5388 CVE-2024-2607 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614 CVE-2024-2616 Ubuntu 23.10 Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. (CVE-2024-2004) It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service. (CVE-2024-2398) Update Instructions: Run `sudo pro fix USN-6718-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 8.2.1-1ubuntu3.3 libcurl3-gnutls - 8.2.1-1ubuntu3.3 libcurl3-nss - 8.2.1-1ubuntu3.3 libcurl4 - 8.2.1-1ubuntu3.3 libcurl4-doc - 8.2.1-1ubuntu3.3 libcurl4-gnutls-dev - 8.2.1-1ubuntu3.3 libcurl4-nss-dev - 8.2.1-1ubuntu3.3 libcurl4-openssl-dev - 8.2.1-1ubuntu3.3 No subscription required Medium CVE-2024-2004 CVE-2024-2398 Ubuntu 23.10 Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.39.1-4ubuntu2.1 No subscription required bsdextrautils - 2.39.1-4ubuntu2.1 eject - 2.39.1-4ubuntu2.1 fdisk - 2.39.1-4ubuntu2.1 libblkid-dev - 2.39.1-4ubuntu2.1 libblkid1 - 2.39.1-4ubuntu2.1 libfdisk-dev - 2.39.1-4ubuntu2.1 libfdisk1 - 2.39.1-4ubuntu2.1 libmount-dev - 2.39.1-4ubuntu2.1 libmount1 - 2.39.1-4ubuntu2.1 libsmartcols-dev - 2.39.1-4ubuntu2.1 libsmartcols1 - 2.39.1-4ubuntu2.1 libuuid1 - 2.39.1-4ubuntu2.1 mount - 2.39.1-4ubuntu2.1 rfkill - 2.39.1-4ubuntu2.1 util-linux - 2.39.1-4ubuntu2.1 util-linux-extra - 2.39.1-4ubuntu2.1 util-linux-locales - 2.39.1-4ubuntu2.1 uuid-dev - 2.39.1-4ubuntu2.1 uuid-runtime - 2.39.1-4ubuntu2.1 No subscription required Medium CVE-2024-28085 Ubuntu 23.10 USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory details: Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6719-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.39.1-4ubuntu2.2 No subscription required bsdextrautils - 2.39.1-4ubuntu2.2 eject - 2.39.1-4ubuntu2.2 fdisk - 2.39.1-4ubuntu2.2 libblkid-dev - 2.39.1-4ubuntu2.2 libblkid1 - 2.39.1-4ubuntu2.2 libfdisk-dev - 2.39.1-4ubuntu2.2 libfdisk1 - 2.39.1-4ubuntu2.2 libmount-dev - 2.39.1-4ubuntu2.2 libmount1 - 2.39.1-4ubuntu2.2 libsmartcols-dev - 2.39.1-4ubuntu2.2 libsmartcols1 - 2.39.1-4ubuntu2.2 libuuid1 - 2.39.1-4ubuntu2.2 mount - 2.39.1-4ubuntu2.2 rfkill - 2.39.1-4ubuntu2.2 util-linux - 2.39.1-4ubuntu2.2 util-linux-extra - 2.39.1-4ubuntu2.2 util-linux-locales - 2.39.1-4ubuntu2.2 uuid-dev - 2.39.1-4ubuntu2.2 uuid-runtime - 2.39.1-4ubuntu2.2 No subscription required Medium CVE-2024-28085 Ubuntu 23.10 It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082) It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2024-31083) Update Instructions: Run `sudo pro fix USN-6721-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xnest - 2:21.1.7-3ubuntu2.8 xorg-server-source - 2:21.1.7-3ubuntu2.8 xserver-common - 2:21.1.7-3ubuntu2.8 xserver-xephyr - 2:21.1.7-3ubuntu2.8 xserver-xorg-core - 2:21.1.7-3ubuntu2.8 xserver-xorg-dev - 2:21.1.7-3ubuntu2.8 xserver-xorg-legacy - 2:21.1.7-3ubuntu2.8 xvfb - 2:21.1.7-3ubuntu2.8 No subscription required xwayland - 2:23.2.0-1ubuntu0.5 No subscription required Medium CVE-2024-31080 CVE-2024-31081 CVE-2024-31082 CVE-2024-31083 Ubuntu 23.10 USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete resulting in a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082) It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2024-31083) Update Instructions: Run `sudo pro fix USN-6721-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xnest - 2:21.1.7-3ubuntu2.9 xorg-server-source - 2:21.1.7-3ubuntu2.9 xserver-common - 2:21.1.7-3ubuntu2.9 xserver-xephyr - 2:21.1.7-3ubuntu2.9 xserver-xorg-core - 2:21.1.7-3ubuntu2.9 xserver-xorg-dev - 2:21.1.7-3ubuntu2.9 xserver-xorg-legacy - 2:21.1.7-3ubuntu2.9 xvfb - 2:21.1.7-3ubuntu2.9 No subscription required xwayland - 2:23.2.0-1ubuntu0.6 No subscription required None https://launchpad.net/bugs/2060354 Ubuntu 23.10 Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-50431) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6610) Yang Chaoming discovered that the KSMBD implementation in the Linux kernel did not properly validate request buffer sizes, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-22705) Chenyuan Yang discovered that the btrfs file system in the Linux kernel did not properly handle read operations on newly created subvolumes in certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-23850) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Android drivers; - Userspace I/O drivers; - F2FS file system; - SMB network file system; - Networking core; (CVE-2023-52434, CVE-2023-52436, CVE-2023-52435, CVE-2023-52439, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6724-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1011-starfive - 6.5.0-1011.12 linux-headers-6.5.0-1011-starfive - 6.5.0-1011.12 linux-image-6.5.0-1011-starfive - 6.5.0-1011.12 linux-modules-6.5.0-1011-starfive - 6.5.0-1011.12 linux-modules-extra-6.5.0-1011-starfive - 6.5.0-1011.12 linux-starfive-headers-6.5.0-1011 - 6.5.0-1011.12 linux-starfive-tools-6.5.0-1011 - 6.5.0-1011.12 linux-tools-6.5.0-1011-starfive - 6.5.0-1011.12 No subscription required linux-buildinfo-6.5.0-1013-laptop - 6.5.0-1013.16 linux-headers-6.5.0-1013-laptop - 6.5.0-1013.16 linux-image-6.5.0-1013-laptop - 6.5.0-1013.16 linux-laptop-headers-6.5.0-1013 - 6.5.0-1013.16 linux-laptop-tools-6.5.0-1013 - 6.5.0-1013.16 linux-modules-6.5.0-1013-laptop - 6.5.0-1013.16 linux-tools-6.5.0-1013-laptop - 6.5.0-1013.16 No subscription required linux-aws-cloud-tools-6.5.0-1017 - 6.5.0-1017.17 linux-aws-headers-6.5.0-1017 - 6.5.0-1017.17 linux-aws-tools-6.5.0-1017 - 6.5.0-1017.17 linux-buildinfo-6.5.0-1017-aws - 6.5.0-1017.17 linux-buildinfo-6.5.0-1017-gcp - 6.5.0-1017.17 linux-cloud-tools-6.5.0-1017-aws - 6.5.0-1017.17 linux-gcp-headers-6.5.0-1017 - 6.5.0-1017.17 linux-gcp-tools-6.5.0-1017 - 6.5.0-1017.17 linux-headers-6.5.0-1017-aws - 6.5.0-1017.17 linux-headers-6.5.0-1017-gcp - 6.5.0-1017.17 linux-image-6.5.0-1017-aws - 6.5.0-1017.17 linux-image-6.5.0-1017-gcp - 6.5.0-1017.17 linux-image-unsigned-6.5.0-1017-aws - 6.5.0-1017.17 linux-image-unsigned-6.5.0-1017-gcp - 6.5.0-1017.17 linux-modules-6.5.0-1017-aws - 6.5.0-1017.17 linux-modules-6.5.0-1017-gcp - 6.5.0-1017.17 linux-modules-extra-6.5.0-1017-aws - 6.5.0-1017.17 linux-modules-extra-6.5.0-1017-gcp - 6.5.0-1017.17 linux-modules-iwlwifi-6.5.0-1017-gcp - 6.5.0-1017.17 linux-tools-6.5.0-1017-aws - 6.5.0-1017.17 linux-tools-6.5.0-1017-gcp - 6.5.0-1017.17 No subscription required linux-azure-cloud-tools-6.5.0-1018 - 6.5.0-1018.19 linux-azure-headers-6.5.0-1018 - 6.5.0-1018.19 linux-azure-tools-6.5.0-1018 - 6.5.0-1018.19 linux-buildinfo-6.5.0-1018-azure - 6.5.0-1018.19 linux-cloud-tools-6.5.0-1018-azure - 6.5.0-1018.19 linux-headers-6.5.0-1018-azure - 6.5.0-1018.19 linux-image-6.5.0-1018-azure - 6.5.0-1018.19 linux-image-6.5.0-1018-azure-fde - 6.5.0-1018.19 linux-image-unsigned-6.5.0-1018-azure - 6.5.0-1018.19 linux-modules-6.5.0-1018-azure - 6.5.0-1018.19 linux-modules-extra-6.5.0-1018-azure - 6.5.0-1018.19 linux-modules-iwlwifi-6.5.0-1018-azure - 6.5.0-1018.19 linux-tools-6.5.0-1018-azure - 6.5.0-1018.19 No subscription required linux-buildinfo-6.5.0-1020-oracle - 6.5.0-1020.20 linux-buildinfo-6.5.0-1020-oracle-64k - 6.5.0-1020.20 linux-headers-6.5.0-1020-oracle - 6.5.0-1020.20 linux-headers-6.5.0-1020-oracle-64k - 6.5.0-1020.20 linux-image-6.5.0-1020-oracle - 6.5.0-1020.20 linux-image-6.5.0-1020-oracle-64k - 6.5.0-1020.20 linux-image-unsigned-6.5.0-1020-oracle - 6.5.0-1020.20 linux-image-unsigned-6.5.0-1020-oracle-64k - 6.5.0-1020.20 linux-modules-6.5.0-1020-oracle - 6.5.0-1020.20 linux-modules-6.5.0-1020-oracle-64k - 6.5.0-1020.20 linux-modules-extra-6.5.0-1020-oracle - 6.5.0-1020.20 linux-modules-extra-6.5.0-1020-oracle-64k - 6.5.0-1020.20 linux-modules-iwlwifi-6.5.0-1020-oracle - 6.5.0-1020.20 linux-oracle-headers-6.5.0-1020 - 6.5.0-1020.20 linux-oracle-tools-6.5.0-1020 - 6.5.0-1020.20 linux-tools-6.5.0-1020-oracle - 6.5.0-1020.20 linux-tools-6.5.0-1020-oracle-64k - 6.5.0-1020.20 No subscription required linux-buildinfo-6.5.0-27-generic - 6.5.0-27.28 linux-buildinfo-6.5.0-27-generic-64k - 6.5.0-27.28 linux-cloud-tools-6.5.0-27 - 6.5.0-27.28 linux-cloud-tools-6.5.0-27-generic - 6.5.0-27.28 linux-cloud-tools-common - 6.5.0-27.28 linux-doc - 6.5.0-27.28 linux-headers-6.5.0-27 - 6.5.0-27.28 linux-headers-6.5.0-27-generic - 6.5.0-27.28 linux-headers-6.5.0-27-generic-64k - 6.5.0-27.28 linux-image-6.5.0-27-generic - 6.5.0-27.28 linux-image-6.5.0-27-generic-64k - 6.5.0-27.28 linux-image-uc-6.5.0-27-generic - 6.5.0-27.28 linux-image-uc-6.5.0-27-generic-64k - 6.5.0-27.28 linux-image-unsigned-6.5.0-27-generic - 6.5.0-27.28 linux-image-unsigned-6.5.0-27-generic-64k - 6.5.0-27.28 linux-lib-rust-6.5.0-27-generic - 6.5.0-27.28 linux-libc-dev - 6.5.0-27.28 linux-modules-6.5.0-27-generic - 6.5.0-27.28 linux-modules-6.5.0-27-generic-64k - 6.5.0-27.28 linux-modules-extra-6.5.0-27-generic - 6.5.0-27.28 linux-modules-ipu6-6.5.0-27-generic - 6.5.0-27.28 linux-modules-ivsc-6.5.0-27-generic - 6.5.0-27.28 linux-modules-iwlwifi-6.5.0-27-generic - 6.5.0-27.28 linux-source-6.5.0 - 6.5.0-27.28 linux-tools-6.5.0-27 - 6.5.0-27.28 linux-tools-6.5.0-27-generic - 6.5.0-27.28 linux-tools-6.5.0-27-generic-64k - 6.5.0-27.28 linux-tools-common - 6.5.0-27.28 linux-tools-host - 6.5.0-27.28 No subscription required linux-buildinfo-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-buildinfo-6.5.0-27-lowlatency-64k - 6.5.0-27.28.1 linux-cloud-tools-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-headers-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-headers-6.5.0-27-lowlatency-64k - 6.5.0-27.28.1 linux-image-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-image-6.5.0-27-lowlatency-64k - 6.5.0-27.28.1 linux-image-unsigned-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-image-unsigned-6.5.0-27-lowlatency-64k - 6.5.0-27.28.1 linux-lowlatency-cloud-tools-6.5.0-27 - 6.5.0-27.28.1 linux-lowlatency-cloud-tools-common - 6.5.0-27.28.1 linux-lowlatency-headers-6.5.0-27 - 6.5.0-27.28.1 linux-lowlatency-lib-rust-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-lowlatency-tools-6.5.0-27 - 6.5.0-27.28.1 linux-lowlatency-tools-common - 6.5.0-27.28.1 linux-lowlatency-tools-host - 6.5.0-27.28.1 linux-modules-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-modules-6.5.0-27-lowlatency-64k - 6.5.0-27.28.1 linux-modules-iwlwifi-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-tools-6.5.0-27-lowlatency - 6.5.0-27.28.1 linux-tools-6.5.0-27-lowlatency-64k - 6.5.0-27.28.1 No subscription required linux-headers-starfive - 6.5.0.1011.13 linux-image-starfive - 6.5.0.1011.13 linux-starfive - 6.5.0.1011.13 linux-tools-starfive - 6.5.0.1011.13 No subscription required linux-headers-laptop-23.10 - 6.5.0.1013.16 linux-image-laptop-23.10 - 6.5.0.1013.16 linux-laptop-23.10 - 6.5.0.1013.16 linux-tools-laptop-23.10 - 6.5.0.1013.16 No subscription required linux-aws - 6.5.0.1017.17 linux-gcp - 6.5.0.1017.17 linux-headers-aws - 6.5.0.1017.17 linux-headers-gcp - 6.5.0.1017.17 linux-image-aws - 6.5.0.1017.17 linux-image-gcp - 6.5.0.1017.17 linux-modules-extra-aws - 6.5.0.1017.17 linux-modules-extra-gcp - 6.5.0.1017.17 linux-modules-iwlwifi-gcp - 6.5.0.1017.17 linux-tools-aws - 6.5.0.1017.17 linux-tools-gcp - 6.5.0.1017.17 No subscription required linux-azure - 6.5.0.1018.22 linux-azure-fde - 6.5.0.1018.22 linux-cloud-tools-azure - 6.5.0.1018.22 linux-headers-azure - 6.5.0.1018.22 linux-image-azure - 6.5.0.1018.22 linux-image-azure-fde - 6.5.0.1018.22 linux-modules-extra-azure - 6.5.0.1018.22 linux-modules-iwlwifi-azure - 6.5.0.1018.22 linux-tools-azure - 6.5.0.1018.22 No subscription required linux-headers-oracle - 6.5.0.1020.22 linux-headers-oracle-64k - 6.5.0.1020.22 linux-image-oracle - 6.5.0.1020.22 linux-image-oracle-64k - 6.5.0.1020.22 linux-modules-iwlwifi-oracle - 6.5.0.1020.22 linux-oracle - 6.5.0.1020.22 linux-oracle-64k - 6.5.0.1020.22 linux-tools-oracle - 6.5.0.1020.22 linux-tools-oracle-64k - 6.5.0.1020.22 No subscription required linux-cloud-tools-generic - 6.5.0.27.27 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.27.27 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.27.27 linux-cloud-tools-virtual - 6.5.0.27.27 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.27.27 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.27.27 linux-crashdump - 6.5.0.27.27 linux-generic - 6.5.0.27.27 linux-generic-64k - 6.5.0.27.27 linux-generic-64k-hwe-22.04 - 6.5.0.27.27 linux-generic-64k-hwe-22.04-edge - 6.5.0.27.27 linux-generic-hwe-22.04 - 6.5.0.27.27 linux-generic-hwe-22.04-edge - 6.5.0.27.27 linux-generic-lpae - 6.5.0.27.27 linux-headers-generic - 6.5.0.27.27 linux-headers-generic-64k - 6.5.0.27.27 linux-headers-generic-64k-hwe-22.04 - 6.5.0.27.27 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.27.27 linux-headers-generic-hwe-22.04 - 6.5.0.27.27 linux-headers-generic-hwe-22.04-edge - 6.5.0.27.27 linux-headers-generic-lpae - 6.5.0.27.27 linux-headers-kvm - 6.5.0.27.27 linux-headers-oem-20.04 - 6.5.0.27.27 linux-headers-oem-20.04b - 6.5.0.27.27 linux-headers-oem-20.04c - 6.5.0.27.27 linux-headers-oem-20.04d - 6.5.0.27.27 linux-headers-oem-22.04 - 6.5.0.27.27 linux-headers-virtual - 6.5.0.27.27 linux-headers-virtual-hwe-22.04 - 6.5.0.27.27 linux-headers-virtual-hwe-22.04-edge - 6.5.0.27.27 linux-image-extra-virtual - 6.5.0.27.27 linux-image-extra-virtual-hwe-22.04 - 6.5.0.27.27 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.27.27 linux-image-generic - 6.5.0.27.27 linux-image-generic-64k - 6.5.0.27.27 linux-image-generic-64k-hwe-22.04 - 6.5.0.27.27 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.27.27 linux-image-generic-hwe-22.04 - 6.5.0.27.27 linux-image-generic-hwe-22.04-edge - 6.5.0.27.27 linux-image-generic-lpae - 6.5.0.27.27 linux-image-kvm - 6.5.0.27.27 linux-image-oem-20.04 - 6.5.0.27.27 linux-image-oem-20.04b - 6.5.0.27.27 linux-image-oem-20.04c - 6.5.0.27.27 linux-image-oem-20.04d - 6.5.0.27.27 linux-image-oem-22.04 - 6.5.0.27.27 linux-image-uc-generic - 6.5.0.27.27 linux-image-uc-generic-hwe-22.04 - 6.5.0.27.27 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.27.27 linux-image-virtual - 6.5.0.27.27 linux-image-virtual-hwe-22.04 - 6.5.0.27.27 linux-image-virtual-hwe-22.04-edge - 6.5.0.27.27 linux-kvm - 6.5.0.27.27 linux-modules-ipu6-generic - 6.5.0.27.27 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.27.27 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.27.27 linux-modules-ipu6-oem-22.04 - 6.5.0.27.27 linux-modules-ivsc-generic - 6.5.0.27.27 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.27.27 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.27.27 linux-modules-ivsc-oem-22.04 - 6.5.0.27.27 linux-modules-iwlwifi-generic - 6.5.0.27.27 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.27.27 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.27.27 linux-modules-iwlwifi-oem-20.04 - 6.5.0.27.27 linux-modules-iwlwifi-oem-20.04d - 6.5.0.27.27 linux-modules-iwlwifi-oem-22.04 - 6.5.0.27.27 linux-oem-20.04 - 6.5.0.27.27 linux-oem-20.04b - 6.5.0.27.27 linux-oem-20.04c - 6.5.0.27.27 linux-oem-20.04d - 6.5.0.27.27 linux-oem-22.04 - 6.5.0.27.27 linux-source - 6.5.0.27.27 linux-tools-generic - 6.5.0.27.27 linux-tools-generic-64k - 6.5.0.27.27 linux-tools-generic-64k-hwe-22.04 - 6.5.0.27.27 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.27.27 linux-tools-generic-hwe-22.04 - 6.5.0.27.27 linux-tools-generic-hwe-22.04-edge - 6.5.0.27.27 linux-tools-generic-lpae - 6.5.0.27.27 linux-tools-kvm - 6.5.0.27.27 linux-tools-oem-20.04 - 6.5.0.27.27 linux-tools-oem-20.04b - 6.5.0.27.27 linux-tools-oem-20.04c - 6.5.0.27.27 linux-tools-oem-20.04d - 6.5.0.27.27 linux-tools-oem-22.04 - 6.5.0.27.27 linux-tools-virtual - 6.5.0.27.27 linux-tools-virtual-hwe-22.04 - 6.5.0.27.27 linux-tools-virtual-hwe-22.04-edge - 6.5.0.27.27 linux-virtual - 6.5.0.27.27 linux-virtual-hwe-22.04 - 6.5.0.27.27 linux-virtual-hwe-22.04-edge - 6.5.0.27.27 No subscription required linux-cloud-tools-lowlatency - 6.5.0.27.28.18 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.27.28.18 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.27.28.18 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.27.28.18 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.27.28.18 linux-headers-lowlatency - 6.5.0.27.28.18 linux-headers-lowlatency-64k - 6.5.0.27.28.18 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.27.28.18 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.27.28.18 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.27.28.18 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.27.28.18 linux-headers-lowlatency-hwe-20.04 - 6.5.0.27.28.18 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.27.28.18 linux-headers-lowlatency-hwe-22.04 - 6.5.0.27.28.18 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.27.28.18 linux-image-lowlatency - 6.5.0.27.28.18 linux-image-lowlatency-64k - 6.5.0.27.28.18 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.27.28.18 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.27.28.18 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.27.28.18 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.27.28.18 linux-image-lowlatency-hwe-20.04 - 6.5.0.27.28.18 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.27.28.18 linux-image-lowlatency-hwe-22.04 - 6.5.0.27.28.18 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.27.28.18 linux-lowlatency - 6.5.0.27.28.18 linux-lowlatency-64k - 6.5.0.27.28.18 linux-lowlatency-64k-hwe-20.04 - 6.5.0.27.28.18 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.27.28.18 linux-lowlatency-64k-hwe-22.04 - 6.5.0.27.28.18 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.27.28.18 linux-lowlatency-hwe-20.04 - 6.5.0.27.28.18 linux-lowlatency-hwe-20.04-edge - 6.5.0.27.28.18 linux-lowlatency-hwe-22.04 - 6.5.0.27.28.18 linux-lowlatency-hwe-22.04-edge - 6.5.0.27.28.18 linux-modules-iwlwifi-lowlatency - 6.5.0.27.28.18 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.27.28.18 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.27.28.18 linux-tools-lowlatency - 6.5.0.27.28.18 linux-tools-lowlatency-64k - 6.5.0.27.28.18 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.27.28.18 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.27.28.18 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.27.28.18 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.27.28.18 linux-tools-lowlatency-hwe-20.04 - 6.5.0.27.28.18 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.27.28.18 linux-tools-lowlatency-hwe-22.04 - 6.5.0.27.28.18 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.27.28.18 No subscription required Medium CVE-2023-46838 CVE-2023-50431 CVE-2023-52429 CVE-2023-52434 CVE-2023-52435 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-6610 CVE-2024-22705 CVE-2024-23850 CVE-2024-23851 Ubuntu 23.10 Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-50431) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6610) Yang Chaoming discovered that the KSMBD implementation in the Linux kernel did not properly validate request buffer sizes, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-22705) Chenyuan Yang discovered that the btrfs file system in the Linux kernel did not properly handle read operations on newly created subvolumes in certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-23850) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Android drivers; - Userspace I/O drivers; - F2FS file system; - SMB network file system; - Networking core; (CVE-2023-52434, CVE-2023-52436, CVE-2023-52435, CVE-2023-52439, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6724-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1014-raspi - 6.5.0-1014.17 linux-headers-6.5.0-1014-raspi - 6.5.0-1014.17 linux-image-6.5.0-1014-raspi - 6.5.0-1014.17 linux-modules-6.5.0-1014-raspi - 6.5.0-1014.17 linux-modules-extra-6.5.0-1014-raspi - 6.5.0-1014.17 linux-raspi-headers-6.5.0-1014 - 6.5.0-1014.17 linux-raspi-tools-6.5.0-1014 - 6.5.0-1014.17 linux-tools-6.5.0-1014-raspi - 6.5.0-1014.17 No subscription required linux-headers-raspi - 6.5.0.1014.15 linux-headers-raspi-nolpae - 6.5.0.1014.15 linux-image-raspi - 6.5.0.1014.15 linux-image-raspi-nolpae - 6.5.0.1014.15 linux-modules-extra-raspi - 6.5.0.1014.15 linux-modules-extra-raspi-nolpae - 6.5.0.1014.15 linux-raspi - 6.5.0.1014.15 linux-raspi-nolpae - 6.5.0.1014.15 linux-tools-raspi - 6.5.0.1014.15 linux-tools-raspi-nolpae - 6.5.0.1014.15 No subscription required Medium CVE-2023-46838 CVE-2023-50431 CVE-2023-52429 CVE-2023-52434 CVE-2023-52435 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-6610 CVE-2024-22705 CVE-2024-23850 CVE-2024-23851 Ubuntu 23.10 It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-4421) It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. (CVE-2023-5388) It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. (CVE-2023-6135) The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements. Update Instructions: Run `sudo pro fix USN-6727-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3 - 2:3.98-0ubuntu0.23.10.1 libnss3-dev - 2:3.98-0ubuntu0.23.10.1 libnss3-tools - 2:3.98-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-4421 CVE-2023-5388 CVE-2023-6135 Ubuntu 23.10 Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 6.1-2ubuntu1.3 squid-cgi - 6.1-2ubuntu1.3 squid-common - 6.1-2ubuntu1.3 squid-openssl - 6.1-2ubuntu1.3 squid-purge - 6.1-2ubuntu1.3 squidclient - 6.1-2ubuntu1.3 No subscription required Medium CVE-2023-49288 CVE-2023-5824 CVE-2024-23638 CVE-2024-25111 CVE-2024-25617 Ubuntu 23.10 Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709) Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795) Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2024-27316) Update Instructions: Run `sudo pro fix USN-6729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.57-2ubuntu2.4 apache2-bin - 2.4.57-2ubuntu2.4 apache2-data - 2.4.57-2ubuntu2.4 apache2-dev - 2.4.57-2ubuntu2.4 apache2-doc - 2.4.57-2ubuntu2.4 apache2-ssl-dev - 2.4.57-2ubuntu2.4 apache2-suexec-custom - 2.4.57-2ubuntu2.4 apache2-suexec-pristine - 2.4.57-2ubuntu2.4 apache2-utils - 2.4.57-2ubuntu2.4 libapache2-mod-md - 2.4.57-2ubuntu2.4 libapache2-mod-proxy-uwsgi - 2.4.57-2ubuntu2.4 No subscription required Medium CVE-2023-38709 CVE-2024-24795 CVE-2024-27316 Ubuntu 23.10 It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17042) It was discovered that yard before 0.9.20 is affected by a path traversal vulnerability, allowing HTTP requests to access arbitrary files under certain conditions. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1020001) Aviv Keller discovered that the "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. (CVE-2024-27285) Update Instructions: Run `sudo pro fix USN-6731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: yard - 0.9.28-2ubuntu0.1 yard-doc - 0.9.28-2ubuntu0.1 No subscription required Medium CVE-2017-17042 CVE-2019-1020001 CVE-2024-27285 Ubuntu 23.10 Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6732-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.44.0-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-4.1 - 2.44.0-0ubuntu0.23.10.1 gir1.2-javascriptcoregtk-6.0 - 2.44.0-0ubuntu0.23.10.1 gir1.2-webkit-6.0 - 2.44.0-0ubuntu0.23.10.1 gir1.2-webkit2-4.0 - 2.44.0-0ubuntu0.23.10.1 gir1.2-webkit2-4.1 - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-18 - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-bin - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-4.0-dev - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-0 - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-dev - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-1 - 2.44.0-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-dev - 2.44.0-0ubuntu0.23.10.1 libwebkit2gtk-4.0-37 - 2.44.0-0ubuntu0.23.10.1 libwebkit2gtk-4.0-dev - 2.44.0-0ubuntu0.23.10.1 libwebkit2gtk-4.0-doc - 2.44.0-0ubuntu0.23.10.1 libwebkit2gtk-4.1-0 - 2.44.0-0ubuntu0.23.10.1 libwebkit2gtk-4.1-dev - 2.44.0-0ubuntu0.23.10.1 libwebkitgtk-6.0-4 - 2.44.0-0ubuntu0.23.10.1 libwebkitgtk-6.0-dev - 2.44.0-0ubuntu0.23.10.1 webkit2gtk-driver - 2.44.0-0ubuntu0.23.10.1 No subscription required Medium CVE-2023-42843 CVE-2023-42950 CVE-2023-42956 CVE-2024-23252 CVE-2024-23254 CVE-2024-23263 CVE-2024-23280 CVE-2024-23284 Ubuntu 23.10 It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-28834) It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2024-28835) Update Instructions: Run `sudo pro fix USN-6733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.8.1-4ubuntu1.3 gnutls-doc - 3.8.1-4ubuntu1.3 libgnutls-dane0 - 3.8.1-4ubuntu1.3 libgnutls-openssl27 - 3.8.1-4ubuntu1.3 libgnutls28-dev - 3.8.1-4ubuntu1.3 libgnutls30 - 3.8.1-4ubuntu1.3 No subscription required Medium CVE-2024-28834 CVE-2024-28835 Ubuntu 23.10 Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-1441) It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-2494) It was discovered that libvirt incorrectly handled detaching certain host interfaces. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-2496) Update Instructions: Run `sudo pro fix USN-6734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-libvirt - 9.6.0-1ubuntu1.1 libvirt-clients - 9.6.0-1ubuntu1.1 libvirt-clients-qemu - 9.6.0-1ubuntu1.1 libvirt-daemon - 9.6.0-1ubuntu1.1 libvirt-daemon-config-network - 9.6.0-1ubuntu1.1 libvirt-daemon-config-nwfilter - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-lxc - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-qemu - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-storage-gluster - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-storage-iscsi-direct - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-storage-rbd - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-storage-zfs - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-vbox - 9.6.0-1ubuntu1.1 libvirt-daemon-driver-xen - 9.6.0-1ubuntu1.1 libvirt-daemon-system - 9.6.0-1ubuntu1.1 libvirt-daemon-system-systemd - 9.6.0-1ubuntu1.1 libvirt-daemon-system-sysv - 9.6.0-1ubuntu1.1 libvirt-dev - 9.6.0-1ubuntu1.1 libvirt-doc - 9.6.0-1ubuntu1.1 libvirt-l10n - 9.6.0-1ubuntu1.1 libvirt-login-shell - 9.6.0-1ubuntu1.1 libvirt-sanlock - 9.6.0-1ubuntu1.1 libvirt-wireshark - 9.6.0-1ubuntu1.1 libvirt0 - 9.6.0-1ubuntu1.1 No subscription required Medium CVE-2024-1441 CVE-2024-2494 CVE-2024-2496 Ubuntu 23.10 It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-30588) It was discovered that Node.js incorrectly handled the use of CRLF sequences to delimit HTTP requests. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain unauthorised access. This issue only affected Ubuntu 23.10. (CVE-2023-30589) It was discovered that Node.js incorrectly described the generateKeys() function in the documentation. This inconsistency could possibly lead to security issues in applications that use these APIs. (CVE-2023-30590) Update Instructions: Run `sudo pro fix USN-6735-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 18.13.0+dfsg1-1ubuntu2.2 libnode108 - 18.13.0+dfsg1-1ubuntu2.2 nodejs - 18.13.0+dfsg1-1ubuntu2.2 nodejs-doc - 18.13.0+dfsg1-1ubuntu2.2 No subscription required Medium CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 Ubuntu 23.10 It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841) Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2018-25032) Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2022-37434) Update Instructions: Run `sudo pro fix USN-6736-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: klibc-utils - 2.0.13-1ubuntu0.1 libklibc - 2.0.13-1ubuntu0.1 libklibc-dev - 2.0.13-1ubuntu0.1 No subscription required Medium CVE-2016-9840 CVE-2016-9841 CVE-2018-25032 CVE-2022-37434 Ubuntu 23.10 Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6737-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glibc-doc - 2.38-1ubuntu6.2 glibc-source - 2.38-1ubuntu6.2 libc-bin - 2.38-1ubuntu6.2 libc-dev-bin - 2.38-1ubuntu6.2 libc-devtools - 2.38-1ubuntu6.2 libc6 - 2.38-1ubuntu6.2 libc6-amd64 - 2.38-1ubuntu6.2 libc6-dev - 2.38-1ubuntu6.2 libc6-dev-amd64 - 2.38-1ubuntu6.2 libc6-dev-i386 - 2.38-1ubuntu6.2 libc6-dev-s390 - 2.38-1ubuntu6.2 libc6-dev-x32 - 2.38-1ubuntu6.2 libc6-i386 - 2.38-1ubuntu6.2 libc6-prof - 2.38-1ubuntu6.2 libc6-s390 - 2.38-1ubuntu6.2 libc6-x32 - 2.38-1ubuntu6.2 locales - 2.38-1ubuntu6.2 locales-all - 2.38-1ubuntu6.2 nscd - 2.38-1ubuntu6.2 No subscription required Medium CVE-2024-2961 Ubuntu 23.10 Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; (CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581, CVE-2023-52603) Update Instructions: Run `sudo pro fix USN-6743-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-6.5.0-1012-starfive - 6.5.0-1012.13 linux-headers-6.5.0-1012-starfive - 6.5.0-1012.13 linux-image-6.5.0-1012-starfive - 6.5.0-1012.13 linux-modules-6.5.0-1012-starfive - 6.5.0-1012.13 linux-modules-extra-6.5.0-1012-starfive - 6.5.0-1012.13 linux-starfive-headers-6.5.0-1012 - 6.5.0-1012.13 linux-starfive-tools-6.5.0-1012 - 6.5.0-1012.13 linux-tools-6.5.0-1012-starfive - 6.5.0-1012.13 No subscription required linux-buildinfo-6.5.0-1014-laptop - 6.5.0-1014.17 linux-headers-6.5.0-1014-laptop - 6.5.0-1014.17 linux-image-6.5.0-1014-laptop - 6.5.0-1014.17 linux-laptop-headers-6.5.0-1014 - 6.5.0-1014.17 linux-laptop-tools-6.5.0-1014 - 6.5.0-1014.17 linux-modules-6.5.0-1014-laptop - 6.5.0-1014.17 linux-tools-6.5.0-1014-laptop - 6.5.0-1014.17 No subscription required linux-buildinfo-6.5.0-1015-raspi - 6.5.0-1015.18 linux-headers-6.5.0-1015-raspi - 6.5.0-1015.18 linux-image-6.5.0-1015-raspi - 6.5.0-1015.18 linux-modules-6.5.0-1015-raspi - 6.5.0-1015.18 linux-modules-extra-6.5.0-1015-raspi - 6.5.0-1015.18 linux-raspi-headers-6.5.0-1015 - 6.5.0-1015.18 linux-raspi-tools-6.5.0-1015 - 6.5.0-1015.18 linux-tools-6.5.0-1015-raspi - 6.5.0-1015.18 No subscription required linux-aws-cloud-tools-6.5.0-1018 - 6.5.0-1018.18 linux-aws-headers-6.5.0-1018 - 6.5.0-1018.18 linux-aws-tools-6.5.0-1018 - 6.5.0-1018.18 linux-buildinfo-6.5.0-1018-aws - 6.5.0-1018.18 linux-buildinfo-6.5.0-1018-gcp - 6.5.0-1018.18 linux-cloud-tools-6.5.0-1018-aws - 6.5.0-1018.18 linux-gcp-headers-6.5.0-1018 - 6.5.0-1018.18 linux-gcp-tools-6.5.0-1018 - 6.5.0-1018.18 linux-headers-6.5.0-1018-aws - 6.5.0-1018.18 linux-headers-6.5.0-1018-gcp - 6.5.0-1018.18 linux-image-6.5.0-1018-aws - 6.5.0-1018.18 linux-image-6.5.0-1018-gcp - 6.5.0-1018.18 linux-image-unsigned-6.5.0-1018-aws - 6.5.0-1018.18 linux-image-unsigned-6.5.0-1018-gcp - 6.5.0-1018.18 linux-modules-6.5.0-1018-aws - 6.5.0-1018.18 linux-modules-6.5.0-1018-gcp - 6.5.0-1018.18 linux-modules-extra-6.5.0-1018-aws - 6.5.0-1018.18 linux-modules-extra-6.5.0-1018-gcp - 6.5.0-1018.18 linux-modules-iwlwifi-6.5.0-1018-gcp - 6.5.0-1018.18 linux-tools-6.5.0-1018-aws - 6.5.0-1018.18 linux-tools-6.5.0-1018-gcp - 6.5.0-1018.18 No subscription required linux-azure-cloud-tools-6.5.0-1019 - 6.5.0-1019.20 linux-azure-headers-6.5.0-1019 - 6.5.0-1019.20 linux-azure-tools-6.5.0-1019 - 6.5.0-1019.20 linux-buildinfo-6.5.0-1019-azure - 6.5.0-1019.20 linux-cloud-tools-6.5.0-1019-azure - 6.5.0-1019.20 linux-headers-6.5.0-1019-azure - 6.5.0-1019.20 linux-image-6.5.0-1019-azure - 6.5.0-1019.20 linux-image-6.5.0-1019-azure-fde - 6.5.0-1019.20 linux-image-unsigned-6.5.0-1019-azure - 6.5.0-1019.20 linux-modules-6.5.0-1019-azure - 6.5.0-1019.20 linux-modules-extra-6.5.0-1019-azure - 6.5.0-1019.20 linux-modules-iwlwifi-6.5.0-1019-azure - 6.5.0-1019.20 linux-tools-6.5.0-1019-azure - 6.5.0-1019.20 No subscription required linux-buildinfo-6.5.0-1021-oracle - 6.5.0-1021.21 linux-buildinfo-6.5.0-1021-oracle-64k - 6.5.0-1021.21 linux-headers-6.5.0-1021-oracle - 6.5.0-1021.21 linux-headers-6.5.0-1021-oracle-64k - 6.5.0-1021.21 linux-image-6.5.0-1021-oracle - 6.5.0-1021.21 linux-image-6.5.0-1021-oracle-64k - 6.5.0-1021.21 linux-image-unsigned-6.5.0-1021-oracle - 6.5.0-1021.21 linux-image-unsigned-6.5.0-1021-oracle-64k - 6.5.0-1021.21 linux-modules-6.5.0-1021-oracle - 6.5.0-1021.21 linux-modules-6.5.0-1021-oracle-64k - 6.5.0-1021.21 linux-modules-extra-6.5.0-1021-oracle - 6.5.0-1021.21 linux-modules-extra-6.5.0-1021-oracle-64k - 6.5.0-1021.21 linux-modules-iwlwifi-6.5.0-1021-oracle - 6.5.0-1021.21 linux-oracle-headers-6.5.0-1021 - 6.5.0-1021.21 linux-oracle-tools-6.5.0-1021 - 6.5.0-1021.21 linux-tools-6.5.0-1021-oracle - 6.5.0-1021.21 linux-tools-6.5.0-1021-oracle-64k - 6.5.0-1021.21 No subscription required linux-buildinfo-6.5.0-28-generic - 6.5.0-28.29 linux-buildinfo-6.5.0-28-generic-64k - 6.5.0-28.29 linux-cloud-tools-6.5.0-28 - 6.5.0-28.29 linux-cloud-tools-6.5.0-28-generic - 6.5.0-28.29 linux-cloud-tools-common - 6.5.0-28.29 linux-doc - 6.5.0-28.29 linux-headers-6.5.0-28 - 6.5.0-28.29 linux-headers-6.5.0-28-generic - 6.5.0-28.29 linux-headers-6.5.0-28-generic-64k - 6.5.0-28.29 linux-image-6.5.0-28-generic - 6.5.0-28.29 linux-image-6.5.0-28-generic-64k - 6.5.0-28.29 linux-image-uc-6.5.0-28-generic - 6.5.0-28.29 linux-image-uc-6.5.0-28-generic-64k - 6.5.0-28.29 linux-image-unsigned-6.5.0-28-generic - 6.5.0-28.29 linux-image-unsigned-6.5.0-28-generic-64k - 6.5.0-28.29 linux-lib-rust-6.5.0-28-generic - 6.5.0-28.29 linux-libc-dev - 6.5.0-28.29 linux-modules-6.5.0-28-generic - 6.5.0-28.29 linux-modules-6.5.0-28-generic-64k - 6.5.0-28.29 linux-modules-extra-6.5.0-28-generic - 6.5.0-28.29 linux-modules-ipu6-6.5.0-28-generic - 6.5.0-28.29 linux-modules-ivsc-6.5.0-28-generic - 6.5.0-28.29 linux-modules-iwlwifi-6.5.0-28-generic - 6.5.0-28.29 linux-source-6.5.0 - 6.5.0-28.29 linux-tools-6.5.0-28 - 6.5.0-28.29 linux-tools-6.5.0-28-generic - 6.5.0-28.29 linux-tools-6.5.0-28-generic-64k - 6.5.0-28.29 linux-tools-common - 6.5.0-28.29 linux-tools-host - 6.5.0-28.29 No subscription required linux-buildinfo-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-buildinfo-6.5.0-28-lowlatency-64k - 6.5.0-28.29.1 linux-cloud-tools-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-headers-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-headers-6.5.0-28-lowlatency-64k - 6.5.0-28.29.1 linux-image-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-image-6.5.0-28-lowlatency-64k - 6.5.0-28.29.1 linux-image-unsigned-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-image-unsigned-6.5.0-28-lowlatency-64k - 6.5.0-28.29.1 linux-lowlatency-cloud-tools-6.5.0-28 - 6.5.0-28.29.1 linux-lowlatency-cloud-tools-common - 6.5.0-28.29.1 linux-lowlatency-headers-6.5.0-28 - 6.5.0-28.29.1 linux-lowlatency-lib-rust-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-lowlatency-tools-6.5.0-28 - 6.5.0-28.29.1 linux-lowlatency-tools-common - 6.5.0-28.29.1 linux-lowlatency-tools-host - 6.5.0-28.29.1 linux-modules-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-modules-6.5.0-28-lowlatency-64k - 6.5.0-28.29.1 linux-modules-iwlwifi-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-tools-6.5.0-28-lowlatency - 6.5.0-28.29.1 linux-tools-6.5.0-28-lowlatency-64k - 6.5.0-28.29.1 No subscription required linux-headers-starfive - 6.5.0.1012.14 linux-image-starfive - 6.5.0.1012.14 linux-starfive - 6.5.0.1012.14 linux-tools-starfive - 6.5.0.1012.14 No subscription required linux-headers-laptop-23.10 - 6.5.0.1014.17 linux-image-laptop-23.10 - 6.5.0.1014.17 linux-laptop-23.10 - 6.5.0.1014.17 linux-tools-laptop-23.10 - 6.5.0.1014.17 No subscription required linux-headers-raspi - 6.5.0.1015.16 linux-headers-raspi-nolpae - 6.5.0.1015.16 linux-image-raspi - 6.5.0.1015.16 linux-image-raspi-nolpae - 6.5.0.1015.16 linux-modules-extra-raspi - 6.5.0.1015.16 linux-modules-extra-raspi-nolpae - 6.5.0.1015.16 linux-raspi - 6.5.0.1015.16 linux-raspi-nolpae - 6.5.0.1015.16 linux-tools-raspi - 6.5.0.1015.16 linux-tools-raspi-nolpae - 6.5.0.1015.16 No subscription required linux-aws - 6.5.0.1018.18 linux-gcp - 6.5.0.1018.18 linux-headers-aws - 6.5.0.1018.18 linux-headers-gcp - 6.5.0.1018.18 linux-image-aws - 6.5.0.1018.18 linux-image-gcp - 6.5.0.1018.18 linux-modules-extra-aws - 6.5.0.1018.18 linux-modules-extra-gcp - 6.5.0.1018.18 linux-modules-iwlwifi-gcp - 6.5.0.1018.18 linux-tools-aws - 6.5.0.1018.18 linux-tools-gcp - 6.5.0.1018.18 No subscription required linux-azure - 6.5.0.1019.23 linux-azure-fde - 6.5.0.1019.23 linux-cloud-tools-azure - 6.5.0.1019.23 linux-headers-azure - 6.5.0.1019.23 linux-image-azure - 6.5.0.1019.23 linux-image-azure-fde - 6.5.0.1019.23 linux-modules-extra-azure - 6.5.0.1019.23 linux-modules-iwlwifi-azure - 6.5.0.1019.23 linux-tools-azure - 6.5.0.1019.23 No subscription required linux-headers-oracle - 6.5.0.1021.23 linux-headers-oracle-64k - 6.5.0.1021.23 linux-image-oracle - 6.5.0.1021.23 linux-image-oracle-64k - 6.5.0.1021.23 linux-modules-iwlwifi-oracle - 6.5.0.1021.23 linux-oracle - 6.5.0.1021.23 linux-oracle-64k - 6.5.0.1021.23 linux-tools-oracle - 6.5.0.1021.23 linux-tools-oracle-64k - 6.5.0.1021.23 No subscription required linux-cloud-tools-generic - 6.5.0.28.28 linux-cloud-tools-generic-hwe-22.04 - 6.5.0.28.28 linux-cloud-tools-generic-hwe-22.04-edge - 6.5.0.28.28 linux-cloud-tools-virtual - 6.5.0.28.28 linux-cloud-tools-virtual-hwe-22.04 - 6.5.0.28.28 linux-cloud-tools-virtual-hwe-22.04-edge - 6.5.0.28.28 linux-crashdump - 6.5.0.28.28 linux-generic - 6.5.0.28.28 linux-generic-64k - 6.5.0.28.28 linux-generic-64k-hwe-22.04 - 6.5.0.28.28 linux-generic-64k-hwe-22.04-edge - 6.5.0.28.28 linux-generic-hwe-22.04 - 6.5.0.28.28 linux-generic-hwe-22.04-edge - 6.5.0.28.28 linux-generic-lpae - 6.5.0.28.28 linux-headers-generic - 6.5.0.28.28 linux-headers-generic-64k - 6.5.0.28.28 linux-headers-generic-64k-hwe-22.04 - 6.5.0.28.28 linux-headers-generic-64k-hwe-22.04-edge - 6.5.0.28.28 linux-headers-generic-hwe-22.04 - 6.5.0.28.28 linux-headers-generic-hwe-22.04-edge - 6.5.0.28.28 linux-headers-generic-lpae - 6.5.0.28.28 linux-headers-kvm - 6.5.0.28.28 linux-headers-oem-20.04 - 6.5.0.28.28 linux-headers-oem-20.04b - 6.5.0.28.28 linux-headers-oem-20.04c - 6.5.0.28.28 linux-headers-oem-20.04d - 6.5.0.28.28 linux-headers-oem-22.04 - 6.5.0.28.28 linux-headers-virtual - 6.5.0.28.28 linux-headers-virtual-hwe-22.04 - 6.5.0.28.28 linux-headers-virtual-hwe-22.04-edge - 6.5.0.28.28 linux-image-extra-virtual - 6.5.0.28.28 linux-image-extra-virtual-hwe-22.04 - 6.5.0.28.28 linux-image-extra-virtual-hwe-22.04-edge - 6.5.0.28.28 linux-image-generic - 6.5.0.28.28 linux-image-generic-64k - 6.5.0.28.28 linux-image-generic-64k-hwe-22.04 - 6.5.0.28.28 linux-image-generic-64k-hwe-22.04-edge - 6.5.0.28.28 linux-image-generic-hwe-22.04 - 6.5.0.28.28 linux-image-generic-hwe-22.04-edge - 6.5.0.28.28 linux-image-generic-lpae - 6.5.0.28.28 linux-image-kvm - 6.5.0.28.28 linux-image-oem-20.04 - 6.5.0.28.28 linux-image-oem-20.04b - 6.5.0.28.28 linux-image-oem-20.04c - 6.5.0.28.28 linux-image-oem-20.04d - 6.5.0.28.28 linux-image-oem-22.04 - 6.5.0.28.28 linux-image-uc-generic - 6.5.0.28.28 linux-image-uc-generic-hwe-22.04 - 6.5.0.28.28 linux-image-uc-generic-hwe-22.04-edge - 6.5.0.28.28 linux-image-virtual - 6.5.0.28.28 linux-image-virtual-hwe-22.04 - 6.5.0.28.28 linux-image-virtual-hwe-22.04-edge - 6.5.0.28.28 linux-kvm - 6.5.0.28.28 linux-modules-ipu6-generic - 6.5.0.28.28 linux-modules-ipu6-generic-hwe-22.04 - 6.5.0.28.28 linux-modules-ipu6-generic-hwe-22.04-edge - 6.5.0.28.28 linux-modules-ipu6-oem-22.04 - 6.5.0.28.28 linux-modules-ivsc-generic - 6.5.0.28.28 linux-modules-ivsc-generic-hwe-22.04 - 6.5.0.28.28 linux-modules-ivsc-generic-hwe-22.04-edge - 6.5.0.28.28 linux-modules-ivsc-oem-22.04 - 6.5.0.28.28 linux-modules-iwlwifi-generic - 6.5.0.28.28 linux-modules-iwlwifi-generic-hwe-22.04 - 6.5.0.28.28 linux-modules-iwlwifi-generic-hwe-22.04-edge - 6.5.0.28.28 linux-modules-iwlwifi-oem-20.04 - 6.5.0.28.28 linux-modules-iwlwifi-oem-20.04d - 6.5.0.28.28 linux-modules-iwlwifi-oem-22.04 - 6.5.0.28.28 linux-oem-20.04 - 6.5.0.28.28 linux-oem-20.04b - 6.5.0.28.28 linux-oem-20.04c - 6.5.0.28.28 linux-oem-20.04d - 6.5.0.28.28 linux-oem-22.04 - 6.5.0.28.28 linux-source - 6.5.0.28.28 linux-tools-generic - 6.5.0.28.28 linux-tools-generic-64k - 6.5.0.28.28 linux-tools-generic-64k-hwe-22.04 - 6.5.0.28.28 linux-tools-generic-64k-hwe-22.04-edge - 6.5.0.28.28 linux-tools-generic-hwe-22.04 - 6.5.0.28.28 linux-tools-generic-hwe-22.04-edge - 6.5.0.28.28 linux-tools-generic-lpae - 6.5.0.28.28 linux-tools-kvm - 6.5.0.28.28 linux-tools-oem-20.04 - 6.5.0.28.28 linux-tools-oem-20.04b - 6.5.0.28.28 linux-tools-oem-20.04c - 6.5.0.28.28 linux-tools-oem-20.04d - 6.5.0.28.28 linux-tools-oem-22.04 - 6.5.0.28.28 linux-tools-virtual - 6.5.0.28.28 linux-tools-virtual-hwe-22.04 - 6.5.0.28.28 linux-tools-virtual-hwe-22.04-edge - 6.5.0.28.28 linux-virtual - 6.5.0.28.28 linux-virtual-hwe-22.04 - 6.5.0.28.28 linux-virtual-hwe-22.04-edge - 6.5.0.28.28 No subscription required linux-cloud-tools-lowlatency - 6.5.0.28.29.1 linux-cloud-tools-lowlatency-hwe-20.04 - 6.5.0.28.29.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 6.5.0.28.29.1 linux-cloud-tools-lowlatency-hwe-22.04 - 6.5.0.28.29.1 linux-cloud-tools-lowlatency-hwe-22.04-edge - 6.5.0.28.29.1 linux-headers-lowlatency - 6.5.0.28.29.1 linux-headers-lowlatency-64k - 6.5.0.28.29.1 linux-headers-lowlatency-64k-hwe-20.04 - 6.5.0.28.29.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 6.5.0.28.29.1 linux-headers-lowlatency-64k-hwe-22.04 - 6.5.0.28.29.1 linux-headers-lowlatency-64k-hwe-22.04-edge - 6.5.0.28.29.1 linux-headers-lowlatency-hwe-20.04 - 6.5.0.28.29.1 linux-headers-lowlatency-hwe-20.04-edge - 6.5.0.28.29.1 linux-headers-lowlatency-hwe-22.04 - 6.5.0.28.29.1 linux-headers-lowlatency-hwe-22.04-edge - 6.5.0.28.29.1 linux-image-lowlatency - 6.5.0.28.29.1 linux-image-lowlatency-64k - 6.5.0.28.29.1 linux-image-lowlatency-64k-hwe-20.04 - 6.5.0.28.29.1 linux-image-lowlatency-64k-hwe-20.04-edge - 6.5.0.28.29.1 linux-image-lowlatency-64k-hwe-22.04 - 6.5.0.28.29.1 linux-image-lowlatency-64k-hwe-22.04-edge - 6.5.0.28.29.1 linux-image-lowlatency-hwe-20.04 - 6.5.0.28.29.1 linux-image-lowlatency-hwe-20.04-edge - 6.5.0.28.29.1 linux-image-lowlatency-hwe-22.04 - 6.5.0.28.29.1 linux-image-lowlatency-hwe-22.04-edge - 6.5.0.28.29.1 linux-lowlatency - 6.5.0.28.29.1 linux-lowlatency-64k - 6.5.0.28.29.1 linux-lowlatency-64k-hwe-20.04 - 6.5.0.28.29.1 linux-lowlatency-64k-hwe-20.04-edge - 6.5.0.28.29.1 linux-lowlatency-64k-hwe-22.04 - 6.5.0.28.29.1 linux-lowlatency-64k-hwe-22.04-edge - 6.5.0.28.29.1 linux-lowlatency-hwe-20.04 - 6.5.0.28.29.1 linux-lowlatency-hwe-20.04-edge - 6.5.0.28.29.1 linux-lowlatency-hwe-22.04 - 6.5.0.28.29.1 linux-lowlatency-hwe-22.04-edge - 6.5.0.28.29.1 linux-modules-iwlwifi-lowlatency - 6.5.0.28.29.1 linux-modules-iwlwifi-lowlatency-hwe-22.04 - 6.5.0.28.29.1 linux-modules-iwlwifi-lowlatency-hwe-22.04-edge - 6.5.0.28.29.1 linux-tools-lowlatency - 6.5.0.28.29.1 linux-tools-lowlatency-64k - 6.5.0.28.29.1 linux-tools-lowlatency-64k-hwe-20.04 - 6.5.0.28.29.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 6.5.0.28.29.1 linux-tools-lowlatency-64k-hwe-22.04 - 6.5.0.28.29.1 linux-tools-lowlatency-64k-hwe-22.04-edge - 6.5.0.28.29.1 linux-tools-lowlatency-hwe-20.04 - 6.5.0.28.29.1 linux-tools-lowlatency-hwe-20.04-edge - 6.5.0.28.29.1 linux-tools-lowlatency-hwe-22.04 - 6.5.0.28.29.1 linux-tools-lowlatency-hwe-22.04-edge - 6.5.0.28.29.1 No subscription required Medium CVE-2023-52600 CVE-2023-52603 CVE-2024-26581 CVE-2024-26589 CVE-2024-26591 Ubuntu 23.10 Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6744-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil-doc - 10.0.0-1ubuntu0.2 python3-pil - 10.0.0-1ubuntu0.2 python3-pil.imagetk - 10.0.0-1ubuntu0.2 No subscription required Medium CVE-2024-28219 Ubuntu 23.10 It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6746-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: google-osconfig-agent - 20230504.00-0ubuntu2.2 No subscription required google-guest-agent - 20231004.02-0ubuntu1~23.10.3 No subscription required Medium CVE-2024-24786 Ubuntu 23.10 It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-23627) It was discovered that Sanitize incorrectly handled style elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-36823) Update Instructions: Run `sudo pro fix USN-6748-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-sanitize - 6.0.0-1.1ubuntu0.23.10.1 No subscription required Medium CVE-2023-23627 CVE-2023-36823 Ubuntu 23.10 It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-22211) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-32039, CVE-2024-32040) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service. (CVE-2024-32041, CVE-2024-32458, CVE-2024-32460) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause FreeRDP clients and servers to crash, resulting in a denial of service. (CVE-2024-32459) Update Instructions: Run `sudo pro fix USN-6749-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.10.0+dfsg1-1.1ubuntu1.2 freerdp2-shadow-x11 - 2.10.0+dfsg1-1.1ubuntu1.2 freerdp2-wayland - 2.10.0+dfsg1-1.1ubuntu1.2 freerdp2-x11 - 2.10.0+dfsg1-1.1ubuntu1.2 libfreerdp-client2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libfreerdp-server2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libfreerdp-shadow-subsystem2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libfreerdp-shadow2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libfreerdp2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libuwac0-0 - 2.10.0+dfsg1-1.1ubuntu1.2 libuwac0-dev - 2.10.0+dfsg1-1.1ubuntu1.2 libwinpr-tools2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libwinpr2-2 - 2.10.0+dfsg1-1.1ubuntu1.2 libwinpr2-dev - 2.10.0+dfsg1-1.1ubuntu1.2 winpr-utils - 2.10.0+dfsg1-1.1ubuntu1.2 No subscription required Medium CVE-2024-22211 CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 Ubuntu 23.10 Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-2609, CVE-2024-3852, CVE-2024-3864) Bartek Nowotarski discovered that Thunderbird did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Lukas Bernhard discovered that Thunderbird did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854) Lukas Bernhard discovered that Thunderbird did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Ronald Crane discovered that Thunderbird did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Ronald Crane discovered that Thunderbird did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Update Instructions: Run `sudo pro fix USN-6750-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-dev - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-gnome-support - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-af - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ar - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ast - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-be - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bg - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bn - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-bn-bd - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-br - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ca - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cak - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cs - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-cy - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-da - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-de - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-dsb - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-el - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en-gb - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-en-us - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es-ar - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-es-es - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-et - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-eu - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fa - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fi - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fr - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fy - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-fy-nl - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ga - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ga-ie - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-gd - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-gl - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-he - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hr - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hsb - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hu - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-hy - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-id - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-is - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-it - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ja - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ka - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-kab - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-kk - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ko - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-lt - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-lv - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-mk - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ms - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nb - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nb-no - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nl - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nn - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-nn-no - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pa - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pa-in - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pl - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-br - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-pt-pt - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-rm - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ro - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ru - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-si - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sk - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sl - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sq - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sr - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sv - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-sv-se - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ta - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-ta-lk - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-th - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-tr - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-uk - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-uz - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-vi - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-cn - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hans - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-hant - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-locale-zh-tw - 1:115.10.1+build1-0ubuntu0.23.10.1 thunderbird-mozsymbols - 1:115.10.1+build1-0ubuntu0.23.10.1 xul-ext-calendar-timezones - 1:115.10.1+build1-0ubuntu0.23.10.1 xul-ext-gdata-provider - 1:115.10.1+build1-0ubuntu0.23.10.1 xul-ext-lightning - 1:115.10.1+build1-0ubuntu0.23.10.1 No subscription required Medium CVE-2024-3852 CVE-2024-3854 CVE-2024-3857 CVE-2024-2609 CVE-2024-3859 CVE-2024-3861 CVE-2024-3302 CVE-2024-3864 Ubuntu 23.10 It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6752-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.10.0+dfsg1-1.1ubuntu1.3 freerdp2-shadow-x11 - 2.10.0+dfsg1-1.1ubuntu1.3 freerdp2-wayland - 2.10.0+dfsg1-1.1ubuntu1.3 freerdp2-x11 - 2.10.0+dfsg1-1.1ubuntu1.3 libfreerdp-client2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libfreerdp-server2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libfreerdp-shadow-subsystem2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libfreerdp-shadow2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libfreerdp2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libuwac0-0 - 2.10.0+dfsg1-1.1ubuntu1.3 libuwac0-dev - 2.10.0+dfsg1-1.1ubuntu1.3 libwinpr-tools2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libwinpr2-2 - 2.10.0+dfsg1-1.1ubuntu1.3 libwinpr2-dev - 2.10.0+dfsg1-1.1ubuntu1.3 winpr-utils - 2.10.0+dfsg1-1.1ubuntu1.3 No subscription required Low CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661 Ubuntu 23.10 It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511, CVE-2019-9513) It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487) It was discovered that nghttp2 could be made to process an unlimited number of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. (CVE-2024-28182) Update Instructions: Run `sudo pro fix USN-6754-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.55.1-1ubuntu0.2 libnghttp2-dev - 1.55.1-1ubuntu0.2 libnghttp2-doc - 1.55.1-1ubuntu0.2 nghttp2 - 1.55.1-1ubuntu0.2 nghttp2-client - 1.55.1-1ubuntu0.2 nghttp2-proxy - 1.55.1-1ubuntu0.2 nghttp2-server - 1.55.1-1ubuntu0.2 No subscription required Medium CVE-2019-9511 CVE-2019-9513 CVE-2023-44487 CVE-2024-28182 Ubuntu 23.10 Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host, even if using the option --no-absolute-filenames. Update Instructions: Run `sudo pro fix USN-6755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpio - 2.13+dfsg-7.1ubuntu0.1 cpio-win32 - 2.13+dfsg-7.1ubuntu0.1 No subscription required Medium CVE-2023-7207 Ubuntu 23.10 It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-6756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less - 590-2ubuntu0.23.10.2 No subscription required Medium CVE-2024-32487 Ubuntu 23.10 USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-4900) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass. (CVE-2024-2756) It was discovered that PHP incorrectly handled some passwords. An attacker could possibly use this issue to cause an account takeover attack. (CVE-2024-3096) Update Instructions: Run `sudo pro fix USN-6757-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php8.2 - 8.2.10-2ubuntu2.1 libphp8.2-embed - 8.2.10-2ubuntu2.1 php8.2 - 8.2.10-2ubuntu2.1 php8.2-bcmath - 8.2.10-2ubuntu2.1 php8.2-bz2 - 8.2.10-2ubuntu2.1 php8.2-cgi - 8.2.10-2ubuntu2.1 php8.2-cli - 8.2.10-2ubuntu2.1 php8.2-common - 8.2.10-2ubuntu2.1 php8.2-curl - 8.2.10-2ubuntu2.1 php8.2-dba - 8.2.10-2ubuntu2.1 php8.2-dev - 8.2.10-2ubuntu2.1 php8.2-enchant - 8.2.10-2ubuntu2.1 php8.2-fpm - 8.2.10-2ubuntu2.1 php8.2-gd - 8.2.10-2ubuntu2.1 php8.2-gmp - 8.2.10-2ubuntu2.1 php8.2-imap - 8.2.10-2ubuntu2.1 php8.2-interbase - 8.2.10-2ubuntu2.1 php8.2-intl - 8.2.10-2ubuntu2.1 php8.2-ldap - 8.2.10-2ubuntu2.1 php8.2-mbstring - 8.2.10-2ubuntu2.1 php8.2-mysql - 8.2.10-2ubuntu2.1 php8.2-odbc - 8.2.10-2ubuntu2.1 php8.2-opcache - 8.2.10-2ubuntu2.1 php8.2-pgsql - 8.2.10-2ubuntu2.1 php8.2-phpdbg - 8.2.10-2ubuntu2.1 php8.2-pspell - 8.2.10-2ubuntu2.1 php8.2-readline - 8.2.10-2ubuntu2.1 php8.2-snmp - 8.2.10-2ubuntu2.1 php8.2-soap - 8.2.10-2ubuntu2.1 php8.2-sqlite3 - 8.2.10-2ubuntu2.1 php8.2-sybase - 8.2.10-2ubuntu2.1 php8.2-tidy - 8.2.10-2ubuntu2.1 php8.2-xml - 8.2.10-2ubuntu2.1 php8.2-xsl - 8.2.10-2ubuntu2.1 php8.2-zip - 8.2.10-2ubuntu2.1 No subscription required Medium CVE-2022-4900 CVE-2024-2756 CVE-2024-3096 Ubuntu 23.10 George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service (application crash). Update Instructions: Run `sudo pro fix USN-6760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gerbv - 2.9.8-1ubuntu0.1 No subscription required Low CVE-2023-4508 Ubuntu 23.10 It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password. Update Instructions: Run `sudo pro fix USN-6761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: anope - 2.0.12-1ubuntu0.23.10.1 No subscription required Medium CVE-2024-30187 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 2.2.9-1ubuntu0.23.10.1 1.2.0-6ubuntu0.23.10.1 20230206.0~ds2-1.3ubuntu0.1 2.2.1-4ubuntu1 2:2.7.2+samba4.18.6+dfsg-1ubuntu2.1 2:4.18.6+dfsg-1ubuntu2.1 8.0.0~rc2-0ubuntu1 8.0.100-8.0.0~rc2-0ubuntu1 8.0.100~rc2-0ubuntu1 8.2.1-1ubuntu3.1 10.01.2~dfsg1-0ubuntu2.1 6.0.123-0ubuntu1 7.0.112-0ubuntu1 6.0.124-0ubuntu1~23.10.1 7.0.113-0ubuntu1~23.10.1 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1 3.0.10-1ubuntu2.1 2:9.0.1672-1ubuntu2.1 2:21.1.7-3ubuntu2.1 2:23.2.0-1ubuntu0.1 6.5.0-10.10 6.5.0-10.10.1 6.5.0-1006.8 6.5.0-1008.8 6.5.0-1009.9 6.5.0-1011.11 6.5.0-1005.8 6.5.0-1003.4 4.96-17ubuntu2.1 8.0.35-0ubuntu0.23.10.1 2:12.3.0-1ubuntu0.1 1:115.4.1+build1-0ubuntu0.23.10.1 1.4-28+deb10u1build0.23.10.1 1.2.2-1ubuntu0.23.10.1 1.26.16-1ubuntu0.1 23.2+dfsg-1ubuntu0.1 1.6.21-1ubuntu0.23.10.1 2:4.0.3-1ubuntu1.23.10.1 6.0.125-0ubuntu1~23.10.1 7.0.114-0ubuntu1~23.10.1 8.0.0-0ubuntu1~23.10.1 8.0.100-0ubuntu1~23.10.1 8.0.100-8.0.0-0ubuntu1~23.10.1 8.4.4-1.1ubuntu1.1 2:5.6.0-11ubuntu0.23.10.1 2.6.5-0ubuntu1.1 3.20231114.0ubuntu0.23.10.1 4.1-6ubuntu0.23.10.1 0.8-10ubuntu1.1 5.9.11-1ubuntu1.1 2.42.2-0ubuntu0.23.10.1 1.0.1+git20230216.9ac1209f7-0ubuntu1.23.10.1 8.4.4-1.1ubuntu1.2 3.8.1-4ubuntu1.1 6.1-2ubuntu1.1 3.12.1-1ubuntu0.1 6.5.0-1004.5 6.5.0-1006.9 6.5.0-1007.9 6.5.0-1010.10 6.5.0-1012.12 6.5.0-13.13 6.5.0-13.13.1 3.4.6-0ubuntu0.23.10.1 1.55.1-1ubuntu0.1 2.4.57-2ubuntu2.1 10.3-5ubuntu0.1 1:115.5.0+build1-0ubuntu0.23.10.1 5.36.0-9ubuntu1.1 2.10.34-1ubuntu0.23.10.1 2.10.0+dfsg1-1.1ubuntu1.1 1.22.4-1ubuntu1.1 11.0.21+9-0ubuntu1~23.10 17.0.9+9-1~23.10 21.0.1+12-2~23.10 8u392-ga-1~23.10 4.4.4+dfsg-2ubuntu1.23.10.1 8.2.1-1ubuntu3.2 6.5.0-1005.6 6.5.0-1007.10 6.5.0-1008.11 6.5.0-1011.11 6.5.0-1013.13 6.5.0-14.14 6.5.0-14.14.1 6.5.0-1010.10 15.5-0ubuntu0.23.10.1 38.0.4-4ubuntu0.23.10.1 5.68-0ubuntu1.1 1.34+dfsg-1.2ubuntu1.1 2.42.3-0ubuntu0.23.10.1 4:0.9+LibO7.6.4-0ubuntu0.23.10.1 4:1.2.0+LibO7.6.4-0ubuntu0.23.10.1 4:102.12+LibO7.6.4-0ubuntu0.23.10.1 4:7.6.4-0ubuntu0.23.10.1 10.01.2~dfsg1-0ubuntu2.2 1:45.0-1ubuntu3.1 2:21.1.7-3ubuntu2.4 2:23.2.0-1ubuntu0.3 1.7.0-3.0ubuntu1 2:9.0.1672-1ubuntu2.2 0.3.6-5+deb10u1build0.23.10.1 3.8.0-11ubuntu0.1 1:9.3p1-1ubuntu3.1 0.10.5-3ubuntu1.1 1:115.6.0+build2-0ubuntu0.23.10.1 1:9.3p1-1ubuntu3.2 3.42.0-1ubuntu0.1 1:8.0.4+dfsg-1ubuntu3.23.10.2 1.0.4+dfsg-0ubuntu0.23.10.1 1.0.4-0ubuntu0.23.10.1 6.5.0-1009.9 6.5.0-1010.10 1.20.8-1ubuntu0.23.10.1 1.21.1-1ubuntu0.23.10.1 22.4.0-4ubuntu0.23.10.1 6.0.126-0ubuntu1~23.10.1 7.0.115-0ubuntu1~23.10.1 8.0.1-0ubuntu1~23.10.1 8.0.101-0ubuntu1~23.10.1 8.0.101-8.0.1-0ubuntu1~23.10.1 3.2.4+debian-1ubuntu0.23.10.1 0.5.3+git20230121-2ubuntu0.23.10.1 2.42.4-0ubuntu0.23.10.1 1.11.0-2ubuntu0.1 3.18.0+ds2-9.1ubuntu0.1 2:21.1.7-3ubuntu2.6 2:23.2.0-1ubuntu0.4 2:21.1.7-3ubuntu2.7 1.5.2-6ubuntu1.1 3.65.0-3ubuntu0.1 3.8.1-2ubuntu0.1 3.8.1-2ubuntu0.2 0.10.5-3ubuntu1.2 3.8.1-4ubuntu1.2 6.1-2ubuntu1.2 5.6.5-4ubuntu2.1 2.12.0-2ubuntu1.23.10.2 3.1.2-1ubuntu0.23.10.1 1:10.11.6-0ubuntu0.23.10.2 6.5.0-1006.7 6.5.0-1008.11 6.5.0-1009.12 6.5.0-1011.11 6.5.0-1012.12 6.5.0-1014.14 6.5.0-15.15 6.5.0-15.15.1 4.96-17ubuntu2.2 2.6.2-6ubuntu0.23.10.1 18.2.0-0ubuntu3.1 1:3.5.1-11ubuntu0.23.10.1 8.0.36-0ubuntu0.23.10.1 10.0.0-1ubuntu0.1 1.1.7-0ubuntu2.2 2.38-1ubuntu6.1 3.0.10-1ubuntu2.2 3:4.2.4-1ubuntu2.1 6.5.0-1007.8 6.5.0-1009.12 6.5.0-1010.13 6.5.0-1013.13 6.5.0-1015.15 6.5.0-17.17 6.5.0-17.17.1 4.6.1-0ubuntu1.1 2.42.5-0ubuntu0.23.10.2 1:9.18.18-0ubuntu2.1 6.0.127-0ubuntu1~23.10.1 7.0.116-0ubuntu1~23.10.1 8.0.102-0ubuntu1~23.10.1 8.0.102-8.0.2-0ubuntu1~23.10.1 8.0.2-0ubuntu1~23.10.1 1.0.5+dfsg-0ubuntu0.23.10.1 2023.05-2ubuntu0.1 1:4.13+dfsg1-1ubuntu1.1 2.0.0+~1.1.0-1ubuntu0.1 4.5.1+git230720-1ubuntu1.1 6.5.0-1008.9 6.5.0-1010.13 6.5.0-1011.14 6.5.0-1014.14 6.5.0-1016.16 6.5.0-21.21 6.5.0-21.21.1 6.5.0-1015.15 1.6.2+dfsg-1ubuntu0.1 15.6-0ubuntu0.23.10.1 2.90-0ubuntu0.23.10.1 2.9.14+dfsg-1.3ubuntu0.1 11.0.22+7-0ubuntu2~23.10.1 17.0.10+7-1~23.10.1 21.0.2+13-1~23.10.1 3.0.10-1ubuntu2.3 590-2ubuntu0.23.10.1 1.17.1-2ubuntu0.1 1.44.2-1ubuntu0.1 1:115.8.1+build1-0ubuntu0.23.10.1 18.13.0+dfsg1-1ubuntu2.1 38.0.4-4ubuntu0.23.10.2 3:4.2.4-1ubuntu2.2 1.19.1-3ubuntu0.1 1.0.12-2ubuntu0.1 1.5.1+ds-1ubuntu1.1 8.4.4-1.1ubuntu1.3 6.5.0-1009.10 6.5.0-1011.14 6.5.0-1012.15 6.5.0-1015.15 6.5.0-1018.18 6.5.0-25.25 6.5.0-25.25.1 6.5.0-1016.16 6.5.0-1015.15 2.2.4-3ubuntu0.1 3.2.2-0ubuntu0.23.10.1 23.09.0-1ubuntu0.1 7.0.117-0ubuntu1~23.10.1 8.0.103-0ubuntu1~23.10.1 8.0.103-8.0.3-0ubuntu1~23.10.1 8.0.3-0ubuntu1~23.10.1 2.5.0-2ubuntu0.1 2023.20230311.66589-6ubuntu0.1 8u402-ga-2ubuntu1~23.10.1 2:9.0.1672-1ubuntu2.3 6.5.0-1010.11 6.5.0-1013.16 6.5.0-1016.16 6.5.0-1017.17 6.5.0-1019.19 6.5.0-26.26 6.5.0-26.26.1 6.5.0-1012.15 6.5.0-1016.16 11.5.0-1ubuntu1.1 0.88.1ubuntu1.2 2.3.12-1ubuntu0.23.10.1 1:115.9.0+build1-0ubuntu0.23.10.1 8.2.1-1ubuntu3.3 1:2.39.1-4ubuntu2.1 2.39.1-4ubuntu2.1 1:2.39.1-4ubuntu2.2 2.39.1-4ubuntu2.2 2:21.1.7-3ubuntu2.8 2:23.2.0-1ubuntu0.5 2:21.1.7-3ubuntu2.9 2:23.2.0-1ubuntu0.6 6.5.0-1011.12 6.5.0-1013.16 6.5.0-1017.17 6.5.0-1018.19 6.5.0-1020.20 6.5.0-27.28 6.5.0-27.28.1 6.5.0-1014.17 2:3.98-0ubuntu0.23.10.1 6.1-2ubuntu1.3 2.4.57-2ubuntu2.4 0.9.28-2ubuntu0.1 2.44.0-0ubuntu0.23.10.1 3.8.1-4ubuntu1.3 9.6.0-1ubuntu1.1 18.13.0+dfsg1-1ubuntu2.2 2.0.13-1ubuntu0.1 2.38-1ubuntu6.2 6.5.0-1012.13 6.5.0-1014.17 6.5.0-1015.18 6.5.0-1018.18 6.5.0-1019.20 6.5.0-1021.21 6.5.0-28.29 6.5.0-28.29.1 10.0.0-1ubuntu0.2 20230504.00-0ubuntu2.2 20231004.02-0ubuntu1~23.10.3 6.0.0-1.1ubuntu0.23.10.1 2.10.0+dfsg1-1.1ubuntu1.2 1:115.10.1+build1-0ubuntu0.23.10.1 2.10.0+dfsg1-1.1ubuntu1.3 1.55.1-1ubuntu0.2 2.13+dfsg-7.1ubuntu0.1 590-2ubuntu0.23.10.2 8.2.10-2ubuntu2.1 2.9.8-1ubuntu0.1 2.0.12-1ubuntu0.23.10.1 ^mutt(?::\w+|)\s+(.*)$ ^libtommath-dev(?::\w+|)\s+(.*)$ ^libtommath-doc(?::\w+|)\s+(.*)$ ^libtommath1(?::\w+|)\s+(.*)$ ^jami(?::\w+|)\s+(.*)$ ^jami-daemon(?::\w+|)\s+(.*)$ ^libcue-dev(?::\w+|)\s+(.*)$ ^libcue2(?::\w+|)\s+(.*)$ ^ldb-tools(?::\w+|)\s+(.*)$ ^libldb-dev(?::\w+|)\s+(.*)$ ^libldb2(?::\w+|)\s+(.*)$ ^python3-ldb(?::\w+|)\s+(.*)$ ^python3-ldb-dev(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^samba-ad-dc(?::\w+|)\s+(.*)$ ^samba-ad-provision(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-8.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-host-8.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-8.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-8.0(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet8(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-templates-8.0(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-8.0(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-common(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs10(?::\w+|)\s+(.*)$ ^libgs10-common(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-6.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-host(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-6.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-templates-6.0(?::\w+|)\s+(.*)$ ^dotnet6(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-host-7.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-7.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-templates-7.0(?::\w+|)\s+(.*)$ ^dotnet7(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-6.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-host(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-6.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-templates-6.0(?::\w+|)\s+(.*)$ ^dotnet6(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-host-7.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-7.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-templates-7.0(?::\w+|)\s+(.*)$ ^dotnet7(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-7.0(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib3(?::\w+|)\s+(.*)$ ^libsofia-sip-ua0(?::\w+|)\s+(.*)$ ^sofia-sip-bin(?::\w+|)\s+(.*)$ ^sofia-sip-doc(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl3(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-motif(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-containerinfo(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-salt-minion(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libaxis-java(?::\w+|)\s+(.*)$ ^libaxis-java-doc(?::\w+|)\s+(.*)$ ^libsndfile1(?::\w+|)\s+(.*)$ ^libsndfile1-dev(?::\w+|)\s+(.*)$ ^sndfile-programs(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^python3-pip-whl(?::\w+|)\s+(.*)$ ^memcached(?::\w+|)\s+(.*)$ ^libproc2-0(?::\w+|)\s+(.*)$ ^libproc2-dev(?::\w+|)\s+(.*)$ ^procps(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-6.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-host(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-6.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-templates-6.0(?::\w+|)\s+(.*)$ ^dotnet6(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-host-7.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-7.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-templates-7.0(?::\w+|)\s+(.*)$ ^dotnet7(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-8.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-host-8.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-8.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-8.0(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-templates-8.0(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-8.0(?::\w+|)\s+(.*)$ ^dotnet8(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^libtidy-dev(?::\w+|)\s+(.*)$ ^libtidy5deb1(?::\w+|)\s+(.*)$ ^tidy(?::\w+|)\s+(.*)$ ^openvpn(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libiniparser-dev(?::\w+|)\s+(.*)$ ^libiniparser-doc(?::\w+|)\s+(.*)$ ^libiniparser1(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^python3-avahi(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-0(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-dev(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-4(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-dev(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^hibagent(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-openssl(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^tracker-extract(?::\w+|)\s+(.*)$ ^tracker-miner-fs(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^glusterfs-cli(?::\w+|)\s+(.*)$ ^glusterfs-client(?::\w+|)\s+(.*)$ ^glusterfs-common(?::\w+|)\s+(.*)$ ^glusterfs-server(?::\w+|)\s+(.*)$ ^libgfapi0(?::\w+|)\s+(.*)$ ^libgfchangelog0(?::\w+|)\s+(.*)$ ^libgfrpc0(?::\w+|)\s+(.*)$ ^libgfxdr0(?::\w+|)\s+(.*)$ ^libglusterd0(?::\w+|)\s+(.*)$ ^libglusterfs-dev(?::\w+|)\s+(.*)$ ^libglusterfs0(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^libperl5.36(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl-modules-5.36(?::\w+|)\s+(.*)$ ^gimp(?::\w+|)\s+(.*)$ ^gimp-data(?::\w+|)\s+(.*)$ ^libgimp2.0(?::\w+|)\s+(.*)$ ^libgimp2.0-dev(?::\w+|)\s+(.*)$ ^libgimp2.0-doc(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-bad-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-opencv(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad-apps(?::\w+|)\s+(.*)$ ^libgstreamer-opencv1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-dev(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^request-tracker4(?::\w+|)\s+(.*)$ ^rt4-apache2(?::\w+|)\s+(.*)$ ^rt4-clients(?::\w+|)\s+(.*)$ ^rt4-db-mysql(?::\w+|)\s+(.*)$ ^rt4-db-postgresql(?::\w+|)\s+(.*)$ ^rt4-db-sqlite(?::\w+|)\s+(.*)$ ^rt4-doc-html(?::\w+|)\s+(.*)$ ^rt4-fcgi(?::\w+|)\s+(.*)$ ^rt4-standalone(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-15(?::\w+|)\s+(.*)$ ^postgresql-client-15(?::\w+|)\s+(.*)$ ^postgresql-doc-15(?::\w+|)\s+(.*)$ ^postgresql-plperl-15(?::\w+|)\s+(.*)$ ^postgresql-plpython3-15(?::\w+|)\s+(.*)$ ^postgresql-pltcl-15(?::\w+|)\s+(.*)$ ^postgresql-server-dev-15(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-meshd(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-0(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-dev(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-4(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-dev(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreoffice-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-dev-gui(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk4(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-nogui(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-qt6(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-sukapura(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-style-yaru(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-base(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-calc(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-common(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-draw(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-impress(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-math(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-uiconfig-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-scriptforge(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^ure-java(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-common(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs10(?::\w+|)\s+(.*)$ ^libgs10-common(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^gnome-control-center(?::\w+|)\s+(.*)$ ^gnome-control-center-data(?::\w+|)\s+(.*)$ ^gnome-control-center-dev(?::\w+|)\s+(.*)$ ^gnome-control-center-faces(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^budgie-app-launcher-applet(?::\w+|)\s+(.*)$ ^budgie-applications-menu-applet(?::\w+|)\s+(.*)$ ^budgie-brightness-controller-applet(?::\w+|)\s+(.*)$ ^budgie-clockworks-applet(?::\w+|)\s+(.*)$ ^budgie-countdown-applet(?::\w+|)\s+(.*)$ ^budgie-dropby-applet(?::\w+|)\s+(.*)$ ^budgie-extras-common(?::\w+|)\s+(.*)$ ^budgie-extras-daemon(?::\w+|)\s+(.*)$ ^budgie-fuzzyclock-applet(?::\w+|)\s+(.*)$ ^budgie-hotcorners-applet(?::\w+|)\s+(.*)$ ^budgie-kangaroo-applet(?::\w+|)\s+(.*)$ ^budgie-keyboard-autoswitch-applet(?::\w+|)\s+(.*)$ ^budgie-network-manager-applet(?::\w+|)\s+(.*)$ ^budgie-previews(?::\w+|)\s+(.*)$ ^budgie-quickchar(?::\w+|)\s+(.*)$ ^budgie-quicknote-applet(?::\w+|)\s+(.*)$ ^budgie-recentlyused-applet(?::\w+|)\s+(.*)$ ^budgie-rotation-lock-applet(?::\w+|)\s+(.*)$ ^budgie-showtime-applet(?::\w+|)\s+(.*)$ ^budgie-takeabreak-applet(?::\w+|)\s+(.*)$ ^budgie-trash-applet(?::\w+|)\s+(.*)$ ^budgie-visualspace-applet(?::\w+|)\s+(.*)$ ^budgie-wallstreet(?::\w+|)\s+(.*)$ ^budgie-weathershow-applet(?::\w+|)\s+(.*)$ ^budgie-window-shuffler(?::\w+|)\s+(.*)$ ^budgie-workspace-stopwatch-applet(?::\w+|)\s+(.*)$ ^budgie-workspace-wallpaper-applet(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-motif(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^audiofile-tools(?::\w+|)\s+(.*)$ ^libaudiofile-dev(?::\w+|)\s+(.*)$ ^libaudiofile1(?::\w+|)\s+(.*)$ ^libzookeeper-java(?::\w+|)\s+(.*)$ ^libzookeeper-java-doc(?::\w+|)\s+(.*)$ ^libzookeeper-mt-dev(?::\w+|)\s+(.*)$ ^libzookeeper-mt2(?::\w+|)\s+(.*)$ ^libzookeeper-st-dev(?::\w+|)\s+(.*)$ ^libzookeeper-st2(?::\w+|)\s+(.*)$ ^python3-zookeeper(?::\w+|)\s+(.*)$ ^zookeeper(?::\w+|)\s+(.*)$ ^zookeeper-bin(?::\w+|)\s+(.*)$ ^zookeeperd(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^sqlite3-tools(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-system-xen(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^libclamav11(?::\w+|)\s+(.*)$ ^clamav-testfiles-rar(?::\w+|)\s+(.*)$ ^libclamunrar(?::\w+|)\s+(.*)$ ^libclamunrar11(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^golang-1.20(?::\w+|)\s+(.*)$ ^golang-1.20-doc(?::\w+|)\s+(.*)$ ^golang-1.20-go(?::\w+|)\s+(.*)$ ^golang-1.20-src(?::\w+|)\s+(.*)$ ^golang-1.21(?::\w+|)\s+(.*)$ ^golang-1.21-doc(?::\w+|)\s+(.*)$ ^golang-1.21-go(?::\w+|)\s+(.*)$ ^golang-1.21-src(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-6.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-host(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-6.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-templates-6.0(?::\w+|)\s+(.*)$ ^dotnet6(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-host-7.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-7.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-templates-7.0(?::\w+|)\s+(.*)$ ^dotnet7(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-8.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-host-8.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-8.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-8.0(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-templates-8.0(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-8.0(?::\w+|)\s+(.*)$ ^dotnet8(?::\w+|)\s+(.*)$ ^libxerces-c-dev(?::\w+|)\s+(.*)$ ^libxerces-c-doc(?::\w+|)\s+(.*)$ ^libxerces-c-samples(?::\w+|)\s+(.*)$ ^libxerces-c3.2(?::\w+|)\s+(.*)$ ^w3m(?::\w+|)\s+(.*)$ ^w3m-img(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-0(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-dev(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-4(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-dev(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libssh2-1(?::\w+|)\s+(.*)$ ^libssh2-1-dev(?::\w+|)\s+(.*)$ ^libfreeimage-dev(?::\w+|)\s+(.*)$ ^libfreeimage3(?::\w+|)\s+(.*)$ ^libfreeimageplus-dev(?::\w+|)\s+(.*)$ ^libfreeimageplus-doc(?::\w+|)\s+(.*)$ ^libfreeimageplus3(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^filezilla(?::\w+|)\s+(.*)$ ^filezilla-common(?::\w+|)\s+(.*)$ ^postfix(?::\w+|)\s+(.*)$ ^postfix-cdb(?::\w+|)\s+(.*)$ ^postfix-doc(?::\w+|)\s+(.*)$ ^postfix-ldap(?::\w+|)\s+(.*)$ ^postfix-lmdb(?::\w+|)\s+(.*)$ ^postfix-mysql(?::\w+|)\s+(.*)$ ^postfix-pcre(?::\w+|)\s+(.*)$ ^postfix-pgsql(?::\w+|)\s+(.*)$ ^postfix-sqlite(?::\w+|)\s+(.*)$ ^postfix(?::\w+|)\s+(.*)$ ^postfix-cdb(?::\w+|)\s+(.*)$ ^postfix-doc(?::\w+|)\s+(.*)$ ^postfix-ldap(?::\w+|)\s+(.*)$ ^postfix-lmdb(?::\w+|)\s+(.*)$ ^postfix-mysql(?::\w+|)\s+(.*)$ ^postfix-pcre(?::\w+|)\s+(.*)$ ^postfix-pgsql(?::\w+|)\s+(.*)$ ^postfix-sqlite(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-openssl(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^puma(?::\w+|)\s+(.*)$ ^paramiko-doc(?::\w+|)\s+(.*)$ ^python3-paramiko(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-client-core(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-plugin-hashicorp-key-management(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-plugin-provider-bzip2(?::\w+|)\s+(.*)$ ^mariadb-plugin-provider-lz4(?::\w+|)\s+(.*)$ ^mariadb-plugin-provider-lzma(?::\w+|)\s+(.*)$ ^mariadb-plugin-provider-lzo(?::\w+|)\s+(.*)$ ^mariadb-plugin-provider-snappy(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-s3(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-server-10.5(?::\w+|)\s+(.*)$ ^mariadb-server-core(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^libtinyxml-dev(?::\w+|)\s+(.*)$ ^libtinyxml-doc(?::\w+|)\s+(.*)$ ^libtinyxml2.6.2v5(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^ceph-grafana-dashboards(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^ceph-prometheus-alerts(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^ceph-volume(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^cephfs-mirror(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^crimson-osd(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^libsqlite3-mod-ceph(?::\w+|)\s+(.*)$ ^libsqlite3-mod-ceph-dev(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc-devtools(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl3(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-0(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-dev(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-4(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-dev(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dev(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-6.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-host(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-6.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-6.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-6.0(?::\w+|)\s+(.*)$ ^dotnet-templates-6.0(?::\w+|)\s+(.*)$ ^dotnet6(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-host-7.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-7.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-templates-7.0(?::\w+|)\s+(.*)$ ^dotnet7(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-templates-8.0(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-8.0(?::\w+|)\s+(.*)$ ^dotnet8(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-8.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-host-8.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-8.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-8.0(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^libclamav11(?::\w+|)\s+(.*)$ ^efi-shell-aa64(?::\w+|)\s+(.*)$ ^efi-shell-arm(?::\w+|)\s+(.*)$ ^efi-shell-ia32(?::\w+|)\s+(.*)$ ^efi-shell-x64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^ovmf-ia32(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^libsubid-dev(?::\w+|)\s+(.*)$ ^libsubid4(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^node-ip(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff6(?::\w+|)\s+(.*)$ ^libtiffxx6(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^roundcube(?::\w+|)\s+(.*)$ ^roundcube-core(?::\w+|)\s+(.*)$ ^roundcube-mysql(?::\w+|)\s+(.*)$ ^roundcube-pgsql(?::\w+|)\s+(.*)$ ^roundcube-plugins(?::\w+|)\s+(.*)$ ^roundcube-sqlite3(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-15(?::\w+|)\s+(.*)$ ^postgresql-client-15(?::\w+|)\s+(.*)$ ^postgresql-doc-15(?::\w+|)\s+(.*)$ ^postgresql-plperl-15(?::\w+|)\s+(.*)$ ^postgresql-plpython3-15(?::\w+|)\s+(.*)$ ^postgresql-pltcl-15(?::\w+|)\s+(.*)$ ^postgresql-server-dev-15(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl3(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^less(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode108(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libgit2-1.5(?::\w+|)\s+(.*)$ ^libgit2-dev(?::\w+|)\s+(.*)$ ^libgit2-fixtures(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle|-oracle-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-ipsec(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^ovn-central(?::\w+|)\s+(.*)$ ^ovn-common(?::\w+|)\s+(.*)$ ^ovn-controller-vtep(?::\w+|)\s+(.*)$ ^ovn-doc(?::\w+|)\s+(.*)$ ^ovn-docker(?::\w+|)\s+(.*)$ ^ovn-host(?::\w+|)\s+(.*)$ ^ovn-ic(?::\w+|)\s+(.*)$ ^ovn-ic-db(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-7.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-host-7.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-7.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-7.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-7.0(?::\w+|)\s+(.*)$ ^dotnet-templates-7.0(?::\w+|)\s+(.*)$ ^dotnet7(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-7.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0(?::\w+|)\s+(.*)$ ^dotnet-sdk-8.0-source-built-artifacts(?::\w+|)\s+(.*)$ ^dotnet-templates-8.0(?::\w+|)\s+(.*)$ ^netstandard-targeting-pack-2.1-8.0(?::\w+|)\s+(.*)$ ^dotnet8(?::\w+|)\s+(.*)$ ^aspnetcore-runtime-8.0(?::\w+|)\s+(.*)$ ^aspnetcore-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-apphost-pack-8.0(?::\w+|)\s+(.*)$ ^dotnet-host-8.0(?::\w+|)\s+(.*)$ ^dotnet-hostfxr-8.0(?::\w+|)\s+(.*)$ ^dotnet-runtime-8.0(?::\w+|)\s+(.*)$ ^dotnet-targeting-pack-8.0(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libkpathsea-dev(?::\w+|)\s+(.*)$ ^libkpathsea6(?::\w+|)\s+(.*)$ ^libptexenc-dev(?::\w+|)\s+(.*)$ ^libptexenc1(?::\w+|)\s+(.*)$ ^libsynctex-dev(?::\w+|)\s+(.*)$ ^libsynctex2(?::\w+|)\s+(.*)$ ^libtexlua-dev(?::\w+|)\s+(.*)$ ^libtexlua53(?::\w+|)\s+(.*)$ ^libtexlua53-5(?::\w+|)\s+(.*)$ ^libtexlua53-dev(?::\w+|)\s+(.*)$ ^libtexluajit-dev(?::\w+|)\s+(.*)$ ^libtexluajit2(?::\w+|)\s+(.*)$ ^texlive-binaries(?::\w+|)\s+(.*)$ ^texlive-binaries-sse2(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-motif(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle|-oracle-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libqpdf-dev(?::\w+|)\s+(.*)$ ^libqpdf29(?::\w+|)\s+(.*)$ ^qpdf(?::\w+|)\s+(.*)$ ^debian-goodies(?::\w+|)\s+(.*)$ ^libodbc2(?::\w+|)\s+(.*)$ ^libodbccr2(?::\w+|)\s+(.*)$ ^libodbcinst2(?::\w+|)\s+(.*)$ ^odbcinst(?::\w+|)\s+(.*)$ ^unixodbc(?::\w+|)\s+(.*)$ ^unixodbc-common(?::\w+|)\s+(.*)$ ^unixodbc-dev(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^bsdextrautils(?::\w+|)\s+(.*)$ ^eject(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^util-linux-extra(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^bsdextrautils(?::\w+|)\s+(.*)$ ^eject(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^util-linux-extra(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle|-oracle-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-openssl(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^yard(?::\w+|)\s+(.*)$ ^yard-doc(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit-6.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-0(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.1-dev(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-1(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-6.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.1-dev(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-4(?::\w+|)\s+(.*)$ ^libwebkitgtk-6.0-dev(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-clients-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-daemon-config-network(?::\w+|)\s+(.*)$ ^libvirt-daemon-config-nwfilter(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-iscsi-direct(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-l10n(?::\w+|)\s+(.*)$ ^libvirt-login-shell(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode108(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^klibc-utils(?::\w+|)\s+(.*)$ ^libklibc(?::\w+|)\s+(.*)$ ^libklibc-dev(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc-devtools(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-starfive)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-laptop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-azure|-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-oracle|-oracle-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-generic|-generic-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?6.5.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^google-osconfig-agent(?::\w+|)\s+(.*)$ ^google-guest-agent(?::\w+|)\s+(.*)$ ^ruby-sanitize(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^cpio(?::\w+|)\s+(.*)$ ^cpio-win32(?::\w+|)\s+(.*)$ ^less(?::\w+|)\s+(.*)$ ^libapache2-mod-php8.2(?::\w+|)\s+(.*)$ ^libphp8.2-embed(?::\w+|)\s+(.*)$ ^php8.2(?::\w+|)\s+(.*)$ ^php8.2-bcmath(?::\w+|)\s+(.*)$ ^php8.2-bz2(?::\w+|)\s+(.*)$ ^php8.2-cgi(?::\w+|)\s+(.*)$ ^php8.2-cli(?::\w+|)\s+(.*)$ ^php8.2-common(?::\w+|)\s+(.*)$ ^php8.2-curl(?::\w+|)\s+(.*)$ ^php8.2-dba(?::\w+|)\s+(.*)$ ^php8.2-dev(?::\w+|)\s+(.*)$ ^php8.2-enchant(?::\w+|)\s+(.*)$ ^php8.2-fpm(?::\w+|)\s+(.*)$ ^php8.2-gd(?::\w+|)\s+(.*)$ ^php8.2-gmp(?::\w+|)\s+(.*)$ ^php8.2-imap(?::\w+|)\s+(.*)$ ^php8.2-interbase(?::\w+|)\s+(.*)$ ^php8.2-intl(?::\w+|)\s+(.*)$ ^php8.2-ldap(?::\w+|)\s+(.*)$ ^php8.2-mbstring(?::\w+|)\s+(.*)$ ^php8.2-mysql(?::\w+|)\s+(.*)$ ^php8.2-odbc(?::\w+|)\s+(.*)$ ^php8.2-opcache(?::\w+|)\s+(.*)$ ^php8.2-pgsql(?::\w+|)\s+(.*)$ ^php8.2-phpdbg(?::\w+|)\s+(.*)$ ^php8.2-pspell(?::\w+|)\s+(.*)$ ^php8.2-readline(?::\w+|)\s+(.*)$ ^php8.2-snmp(?::\w+|)\s+(.*)$ ^php8.2-soap(?::\w+|)\s+(.*)$ ^php8.2-sqlite3(?::\w+|)\s+(.*)$ ^php8.2-sybase(?::\w+|)\s+(.*)$ ^php8.2-tidy(?::\w+|)\s+(.*)$ ^php8.2-xml(?::\w+|)\s+(.*)$ ^php8.2-xsl(?::\w+|)\s+(.*)$ ^php8.2-zip(?::\w+|)\s+(.*)$ ^gerbv(?::\w+|)\s+(.*)$ ^anope(?::\w+|)\s+(.*)$