Releases: cloudfoundry/cflinuxfs4
Releases · cloudfoundry/cflinuxfs4
0.32.0
Notably, this release addresses:
USN-5627-1 USN-5627-1: PCRE vulnerabilities:
- CVE-2022-1586: An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
- CVE-2022-1587: An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
-ii bind9-dnsutils 1:9.18.1-1ubuntu1.1 amd64 Clients provided with BIND 9
-ii bind9-host 1:9.18.1-1ubuntu1.1 amd64 DNS Lookup Utility
-ii bind9-libs:amd64 1:9.18.1-1ubuntu1.1 amd64 Shared Libraries used by BIND 9
+ii bind9-dnsutils 1:9.18.1-1ubuntu1.2 amd64 Clients provided with BIND 9
+ii bind9-host 1:9.18.1-1ubuntu1.2 amd64 DNS Lookup Utility
+ii bind9-libs:amd64 1:9.18.1-1ubuntu1.2 amd64 Shared Libraries used by BIND 9
-ii dnsutils 1:9.18.1-1ubuntu1.1 all Transitional package for bind9-dnsutils
+ii dnsutils 1:9.18.1-1ubuntu1.2 all Transitional package for bind9-dnsutils
-ii gzip 1.10-4ubuntu4 amd64 GNU compression utilities
+ii gzip 1.10-4ubuntu4.1 amd64 GNU compression utilities
-ii libpcre2-16-0:amd64 10.39-3build1 amd64 New Perl Compatible Regular Expression Library - 16 bit runtime files
-ii libpcre2-32-0:amd64 10.39-3build1 amd64 New Perl Compatible Regular Expression Library - 32 bit runtime files
-ii libpcre2-8-0:amd64 10.39-3build1 amd64 New Perl Compatible Regular Expression Library- 8 bit runtime files
-ii libpcre2-dev:amd64 10.39-3build1 amd64 New Perl Compatible Regular Expression Library - development files
-ii libpcre2-posix3:amd64 10.39-3build1 amd64 New Perl Compatible Regular Expression Library - posix-compatible runtime files
+ii libpcre2-16-0:amd64 10.39-3ubuntu0.1 amd64 New Perl Compatible Regular Expression Library - 16 bit runtime files
+ii libpcre2-32-0:amd64 10.39-3ubuntu0.1 amd64 New Perl Compatible Regular Expression Library - 32 bit runtime files
+ii libpcre2-8-0:amd64 10.39-3ubuntu0.1 amd64 New Perl Compatible Regular Expression Library- 8 bit runtime files
+ii libpcre2-dev:amd64 10.39-3ubuntu0.1 amd64 New Perl Compatible Regular Expression Library - development files
+ii libpcre2-posix3:amd64 10.39-3ubuntu0.1 amd64 New Perl Compatible Regular Expression Library - posix-compatible runtime files
-ii libpython3-stdlib:amd64 3.10.4-0ubuntu2 amd64 interactive high-level object-oriented language (default python3 version)
-ii libpython3.10:amd64 3.10.4-3ubuntu0.1 amd64 Shared Python runtime library (version 3.10)
-ii libpython3.10-minimal:amd64 3.10.4-3ubuntu0.1 amd64 Minimal subset of the Python language (version 3.10)
-ii libpython3.10-stdlib:amd64 3.10.4-3ubuntu0.1 amd64 Interactive high-level object-oriented language (standard library, version 3.10)
+ii libpython3-stdlib:amd64 3.10.6-1~22.04 amd64 interactive high-level object-oriented language (default python3 version)
+ii libpython3.10:amd64 3.10.6-1~22.04 amd64 Shared Python runtime library (version 3.10)
+ii libpython3.10-minimal:amd64 3.10.6-1~22.04 amd64 Minimal subset of the Python language (version 3.10)
+ii libpython3.10-stdlib:amd64 3.10.6-1~22.04 amd64 Interactive high-level object-oriented language (standard library, version 3.10)
-ii libsystemd0:amd64 249.11-0ubuntu3.4 amd64 systemd utility library
+ii libsystemd0:amd64 249.11-0ubuntu3.6 amd64 systemd utility library
-ii libudev1:amd64 249.11-0ubuntu3.4 amd64 libudev shared library
+ii libudev1:amd64 249.11-0ubuntu3.6 amd64 libudev shared library
-ii python3 3.10.4-0ubuntu2 amd64 interactive high-level object-oriented language (default python3 version)
+ii python3 3.10.6-1~22.04 amd64 interactive high-level object-oriented language (default python3 version)
-ii python3-distutils 3.10.4-0ubuntu1 all distutils package for Python 3.x
+ii python3-distutils 3.10.6-1~22.04 all distutils package for Python 3.x
-ii python3-lib2to3 3.10.4-0ubuntu1 all Interactive high-level object-oriented language (lib2to3)
-ii python3-minimal 3.10.4-0ubuntu2 amd64 minimal subset of the Python language (default python3 version)
+ii python3-lib2to3 3.10.6-1~22.04 all Interactive high-level object-oriented language (lib2to3)
+ii python3-minimal 3.10.6-1~22.04 amd64 minimal subset of the Python language (default python3 version)
-ii python3.10 3.10.4-3ubuntu0.1 amd64 Interactive high-level object-oriented language (version 3.10)
-ii python3.10-minimal 3.10.4-3ubuntu0.1 amd64 Minimal subset of the Python language (version 3.10)
+ii python3.10 3.10.6-1~22.04 amd64 Interactive high-level object-oriented language (version 3.10)
+ii python3.10-minimal 3.10.6-1~22.04 amd64 Minimal subset of the Python language (version 3.10)
-ii systemd 249.11-0ubuntu3.4 amd64 system and service manager
-ii systemd-sysv 249.11-0ubuntu3.4 amd64 system and service manager - SysV links
+ii systemd 249.11-0ubuntu3.6 amd64 system and service manager
+ii systemd-sysv 249.11-0ubuntu3.6 amd64 system and service manager - SysV links
-ii udev 249.11-0ubuntu3.4 amd64 /dev/ and hotplug management daemon
+ii udev 249.11-0ubuntu3.6 amd64 /dev/ and hotplug management daemon
0.31.0
-ii linux-libc-dev:amd64 5.15.0-47.51 amd64 Linux Kernel Headers for development
+ii linux-libc-dev:amd64 5.15.0-48.54 amd64 Linux Kernel Headers for development
0.30.0
Notably, this release addresses:
USN-5619-1 USN-5619-1: LibTIFF vulnerabilities:
- CVE-2020-19131: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
- CVE-2020-19144: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
- CVE-2022-1354: A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
- CVE-2022-1355: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.
- CVE-2022-2058: Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
- CVE-2020-19144: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
- CVE-2022-1354: A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
- CVE-2022-2056: Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
- CVE-2022-2058: Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
- CVE-2022-2057: Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
- CVE-2020-19131: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
- CVE-2022-1355: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.
-ii gcc-12-base:amd64 12-20220319-1ubuntu1 amd64 GCC, the GNU Compiler Collection (base package)
+ii gcc-12-base:amd64 12.1.0-2ubuntu1~22.04 amd64 GCC, the GNU Compiler Collection (base package)
-ii libatomic1:amd64 12-20220319-1ubuntu1 amd64 support library providing __atomic built-in functions
+ii libatomic1:amd64 12.1.0-2ubuntu1~22.04 amd64 support library providing __atomic built-in functions
-ii libcc1-0:amd64 12-20220319-1ubuntu1 amd64 GCC cc1 plugin for GDB
+ii libcc1-0:amd64 12.1.0-2ubuntu1~22.04 amd64 GCC cc1 plugin for GDB
-ii libgcc-s1:amd64 12-20220319-1ubuntu1 amd64 GCC support library
+ii libgcc-s1:amd64 12.1.0-2ubuntu1~22.04 amd64 GCC support library
-ii libgfortran5:amd64 12-20220319-1ubuntu1 amd64 Runtime library for GNU Fortran applications
+ii libgfortran5:amd64 12.1.0-2ubuntu1~22.04 amd64 Runtime library for GNU Fortran applications
-ii libgomp1:amd64 12-20220319-1ubuntu1 amd64 GCC OpenMP (GOMP) support library
+ii libgomp1:amd64 12.1.0-2ubuntu1~22.04 amd64 GCC OpenMP (GOMP) support library
-ii libitm1:amd64 12-20220319-1ubuntu1 amd64 GNU Transactional Memory Library
+ii libitm1:amd64 12.1.0-2ubuntu1~22.04 amd64 GNU Transactional Memory Library
-ii liblsan0:amd64 12-20220319-1ubuntu1 amd64 LeakSanitizer -- a memory leak detector (runtime)
+ii liblsan0:amd64 12.1.0-2ubuntu1~22.04 amd64 LeakSanitizer -- a memory leak detector (runtime)
-ii libquadmath0:amd64 12-20220319-1ubuntu1 amd64 GCC Quad-Precision Math Library
+ii libquadmath0:amd64 12.1.0-2ubuntu1~22.04 amd64 GCC Quad-Precision Math Library
-ii libstdc++6:amd64 12-20220319-1ubuntu1 amd64 GNU Standard C++ Library v3
+ii libstdc++6:amd64 12.1.0-2ubuntu1~22.04 amd64 GNU Standard C++ Library v3
-ii libtiff-dev:amd64 4.3.0-6 amd64 Tag Image File Format library (TIFF), development files
-ii libtiff5:amd64 4.3.0-6 amd64 Tag Image File Format (TIFF) library
-ii libtiffxx5:amd64 4.3.0-6 amd64 Tag Image File Format (TIFF) library -- C++ interface
+ii libtiff-dev:amd64 4.3.0-6ubuntu0.1 amd64 Tag Image File Format library (TIFF), development files
+ii libtiff5:amd64 4.3.0-6ubuntu0.1 amd64 Tag Image File Format (TIFF) library
+ii libtiffxx5:amd64 4.3.0-6ubuntu0.1 amd64 Tag Image File Format (TIFF) library -- C++ interface
-ii libubsan1:amd64 12-20220319-1ubuntu1 amd64 UBSan -- undefined behaviour sanitizer (runtime)
+ii libubsan1:amd64 12.1.0-2ubuntu1~22.04 amd64 UBSan -- undefined behaviour sanitizer (runtime)
-ii vim-common 2:8.2.3995-1ubuntu2 all Vi IMproved - Common files
-ii vim-tiny 2:8.2.3995-1ubuntu2 amd64 Vi IMproved - enhanced vi editor - compact version
+ii vim-common 2:8.2.3995-1ubuntu2.1 all Vi IMproved - Common files
+ii vim-tiny 2:8.2.3995-1ubuntu2.1 amd64 Vi IMproved - enhanced vi editor - compact version
-ii xxd 2:8.2.3995-1ubuntu2 amd64 tool to make (or reverse) a hex dump
+ii xxd 2:8.2.3995-1ubuntu2.1 amd64 tool to make (or reverse) a hex dump
0.29.0
Notably, this release addresses:
USN-5607-1 USN-5607-1: GDK-PixBuf vulnerability:
- CVE-2021-44648: GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
-ii cmake 3.22.1-1ubuntu1 amd64 cross-platform, open-source make system
-ii cmake-data 3.22.1-1ubuntu1 all CMake data files (modules, templates and documentation)
+ii cmake 3.22.1-1ubuntu1.22.04.1 amd64 cross-platform, open-source make system
+ii cmake-data 3.22.1-1ubuntu1.22.04.1 all CMake data files (modules, templates and documentation)
-ii gir1.2-gdkpixbuf-2.0:amd64 2.42.8+dfsg-1 amd64 GDK Pixbuf library - GObject-Introspection
+ii gir1.2-gdkpixbuf-2.0:amd64 2.42.8+dfsg-1ubuntu0.1 amd64 GDK Pixbuf library - GObject-Introspection
-ii libgdk-pixbuf-2.0-0:amd64 2.42.8+dfsg-1 amd64 GDK Pixbuf library
-ii libgdk-pixbuf-2.0-dev:amd64 2.42.8+dfsg-1 amd64 GDK Pixbuf library (development files)
-ii libgdk-pixbuf2.0-bin 2.42.8+dfsg-1 amd64 GDK Pixbuf library (thumbnailer)
-ii libgdk-pixbuf2.0-common 2.42.8+dfsg-1 all GDK Pixbuf library - data files
+ii libgdk-pixbuf-2.0-0:amd64 2.42.8+dfsg-1ubuntu0.1 amd64 GDK Pixbuf library
+ii libgdk-pixbuf-2.0-dev:amd64 2.42.8+dfsg-1ubuntu0.1 amd64 GDK Pixbuf library (development files)
+ii libgdk-pixbuf2.0-bin 2.42.8+dfsg-1ubuntu0.1 amd64 GDK Pixbuf library (thumbnailer)
+ii libgdk-pixbuf2.0-common 2.42.8+dfsg-1ubuntu0.1 all GDK Pixbuf library - data files
-ii tzdata 2022a-0ubuntu1 all time zone and daylight-saving time data
+ii tzdata 2022c-0ubuntu0.22.04.0 all time zone and daylight-saving time data
-ii zlib1g:amd64 1:1.2.11.dfsg-2ubuntu9 amd64 compression library - runtime
-ii zlib1g-dev:amd64 1:1.2.11.dfsg-2ubuntu9 amd64 compression library - development
+ii zlib1g:amd64 1:1.2.11.dfsg-2ubuntu9.1 amd64 compression library - runtime
+ii zlib1g-dev:amd64 1:1.2.11.dfsg-2ubuntu9.1 amd64 compression library - development
0.28.0
Notably, this release addresses:
USN-5587-1 USN-5587-1: curl vulnerability:
- CVE-2022-35252: control code in cookie denial of service
-ii curl 7.81.0-1ubuntu1.3 amd64 command line tool for transferring data with URL syntax
+ii curl 7.81.0-1ubuntu1.4 amd64 command line tool for transferring data with URL syntax
-ii libcurl3-gnutls:amd64 7.81.0-1ubuntu1.3 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
-ii libcurl4:amd64 7.81.0-1ubuntu1.3 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
-ii libcurl4-openssl-dev:amd64 7.81.0-1ubuntu1.3 amd64 development files and documentation for libcurl (OpenSSL flavour)
+ii libcurl3-gnutls:amd64 7.81.0-1ubuntu1.4 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
+ii libcurl4:amd64 7.81.0-1ubuntu1.4 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
+ii libcurl4-openssl-dev:amd64 7.81.0-1ubuntu1.4 amd64 development files and documentation for libcurl (OpenSSL flavour)
-ii libldap-2.5-0:amd64 2.5.12+dfsg-0ubuntu0.22.04.1 amd64 OpenLDAP libraries
-ii libldap-dev:amd64 2.5.12+dfsg-0ubuntu0.22.04.1 amd64 OpenLDAP development libraries
-ii libldap2-dev 2.5.12+dfsg-0ubuntu0.22.04.1 all transitional package for libldap-dev
+ii libldap-2.5-0:amd64 2.5.13+dfsg-0ubuntu0.22.04.1 amd64 OpenLDAP libraries
+ii libldap-dev:amd64 2.5.13+dfsg-0ubuntu0.22.04.1 amd64 OpenLDAP development libraries
+ii libldap2-dev 2.5.13+dfsg-0ubuntu0.22.04.1 all transitional package for libldap-dev
-ii linux-libc-dev:amd64 5.15.0-46.49 amd64 Linux Kernel Headers for development
+ii linux-libc-dev:amd64 5.15.0-47.51 amd64 Linux Kernel Headers for development
-ii ubuntu-advantage-tools 27.9~22.04.1 amd64 management tools for Ubuntu Advantage
+ii ubuntu-advantage-tools 27.10.1~22.04.1 amd64 management tools for Ubuntu Advantage
0.27.0
Notably, this release addresses:
USN-5575-1 USN-5575-1: Libxslt vulnerabilities:
- CVE-2019-5815: Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.
- CVE-2021-30560: Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-5815: Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.
- CVE-2021-30560: Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
-ii isc-dhcp-client 4.4.1-2.3ubuntu2.1 amd64 DHCP client for automatically obtaining an IP address
+ii isc-dhcp-client 4.4.1-2.3ubuntu2.2 amd64 DHCP client for automatically obtaining an IP address
-ii libpq-dev 14.4-0ubuntu0.22.04.1 amd64 header files for libpq5 (PostgreSQL library)
-ii libpq5:amd64 14.4-0ubuntu0.22.04.1 amd64 PostgreSQL C client library
+ii libpq-dev 14.5-0ubuntu0.22.04.1 amd64 header files for libpq5 (PostgreSQL library)
+ii libpq5:amd64 14.5-0ubuntu0.22.04.1 amd64 PostgreSQL C client library
-ii libxslt1-dev:amd64 1.1.34-4build2 amd64 XSLT 1.0 processing library - development kit
-ii libxslt1.1:amd64 1.1.34-4build2 amd64 XSLT 1.0 processing library - runtime library
+ii libxslt1-dev:amd64 1.1.34-4ubuntu0.22.04.1 amd64 XSLT 1.0 processing library - development kit
+ii libxslt1.1:amd64 1.1.34-4ubuntu0.22.04.1 amd64 XSLT 1.0 processing library - runtime library
0.26.0
Notably, this release addresses:
USN-5569-1 USN-5569-1: Unbound vulnerabilities:
- CVE-2022-30699: NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue nameserver delays the response so that the cached delegation information is expired. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired entries. This action can be repeated when the delegation information is about to expire making the rogue delegation information ever-updating. From version 1.16.2 on, Unbound stores the start time for a query and uses that to decide if the cached delegation information can be overwritten.
- CVE-2022-30698: NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound's delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information. Since Unbound is a child-centric resolver, the ever-updating child delegation information can keep a rogue domain name resolvable long after revocation. From version 1.16.2 on, Unbound checks the validity of parent delegation records before using cached delegation information.
-ii apt 2.4.6 amd64 commandline package manager
-ii apt-utils 2.4.6 amd64 package management related utility programs
+ii apt 2.4.7 amd64 commandline package manager
+ii apt-utils 2.4.7 amd64 package management related utility programs
-ii libapt-pkg6.0:amd64 2.4.6 amd64 package management runtime library
+ii libapt-pkg6.0:amd64 2.4.7 amd64 package management runtime library
-ii libcryptsetup12:amd64 2:2.4.3-1ubuntu1 amd64 disk encryption support - shared library
+ii libcryptsetup12:amd64 2:2.4.3-1ubuntu1.1 amd64 disk encryption support - shared library
-ii libunbound8:amd64 1.13.1-1ubuntu5 amd64 library implementing DNS resolution and validation
+ii libunbound8:amd64 1.13.1-1ubuntu5.1 amd64 library implementing DNS resolution and validation
-ii linux-libc-dev:amd64 5.15.0-43.46 amd64 Linux Kernel Headers for development
+ii linux-libc-dev:amd64 5.15.0-46.49 amd64 Linux Kernel Headers for development
0.25.0
Notably, this release addresses:
USN-5550-1 USN-5550-1: GnuTLS vulnerabilities:
- CVE-2021-4209: GnuTLS: Null pointer dereference in MD_UPDATE
- CVE-2022-2509: A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
- CVE-2021-4209: GnuTLS: Null pointer dereference in MD_UPDATE
- CVE-2022-2509: A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
-ii base-files 12ubuntu4.1 amd64 Debian base system miscellaneous files
+ii base-files 12ubuntu4.2 amd64 Debian base system miscellaneous files
-ii libgnutls-dane0:amd64 3.7.3-4ubuntu1 amd64 GNU TLS library - DANE security support
-ii libgnutls-openssl27:amd64 3.7.3-4ubuntu1 amd64 GNU TLS library - OpenSSL wrapper
-ii libgnutls28-dev:amd64 3.7.3-4ubuntu1 amd64 GNU TLS library - development files
-ii libgnutls30:amd64 3.7.3-4ubuntu1 amd64 GNU TLS library - main runtime library
-ii libgnutlsxx28:amd64 3.7.3-4ubuntu1 amd64 GNU TLS library - C++ runtime library
+ii libgnutls-dane0:amd64 3.7.3-4ubuntu1.1 amd64 GNU TLS library - DANE security support
+ii libgnutls-openssl27:amd64 3.7.3-4ubuntu1.1 amd64 GNU TLS library - OpenSSL wrapper
+ii libgnutls28-dev:amd64 3.7.3-4ubuntu1.1 amd64 GNU TLS library - development files
+ii libgnutls30:amd64 3.7.3-4ubuntu1.1 amd64 GNU TLS library - main runtime library
+ii libgnutlsxx28:amd64 3.7.3-4ubuntu1.1 amd64 GNU TLS library - C++ runtime library
-ii libwbclient0:amd64 2:4.15.5~dfsg-0ubuntu5.1 amd64 Samba winbind client library
+ii libwbclient0:amd64 2:4.15.9+dfsg-0ubuntu0.2 amd64 Samba winbind client library
0.24.0
Notably, this release addresses:
USN-5538-1 USN-5538-1: libtirpc vulnerability:
- CVE-2021-46828: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
-ii apt 2.4.5 amd64 commandline package manager
-ii apt-utils 2.4.5 amd64 package management related utility programs
+ii apt 2.4.6 amd64 commandline package manager
+ii apt-utils 2.4.6 amd64 package management related utility programs
-ii libapt-pkg6.0:amd64 2.4.5 amd64 package management runtime library
+ii libapt-pkg6.0:amd64 2.4.6 amd64 package management runtime library
-ii libc-bin 2.35-0ubuntu3 amd64 GNU C Library: Binaries
-ii libc-dev-bin 2.35-0ubuntu3 amd64 GNU C Library: Development binaries
-ii libc6:amd64 2.35-0ubuntu3 amd64 GNU C Library: Shared libraries
-ii libc6-dev:amd64 2.35-0ubuntu3 amd64 GNU C Library: Development Libraries and Header Files
+ii libc-bin 2.35-0ubuntu3.1 amd64 GNU C Library: Binaries
+ii libc-dev-bin 2.35-0ubuntu3.1 amd64 GNU C Library: Development binaries
+ii libc6:amd64 2.35-0ubuntu3.1 amd64 GNU C Library: Shared libraries
+ii libc6-dev:amd64 2.35-0ubuntu3.1 amd64 GNU C Library: Development Libraries and Header Files
-ii libnetplan0:amd64 0.104-0ubuntu2 amd64 YAML network configuration abstraction runtime library
+ii libnetplan0:amd64 0.104-0ubuntu2.1 amd64 YAML network configuration abstraction runtime library
-ii libtirpc-common 1.3.2-2build1 all transport-independent RPC library - common files
-ii libtirpc-dev:amd64 1.3.2-2build1 amd64 transport-independent RPC library - development files
-ii libtirpc3:amd64 1.3.2-2build1 amd64 transport-independent RPC library
+ii libtirpc-common 1.3.2-2ubuntu0.1 all transport-independent RPC library - common files
+ii libtirpc-dev:amd64 1.3.2-2ubuntu0.1 amd64 transport-independent RPC library - development files
+ii libtirpc3:amd64 1.3.2-2ubuntu0.1 amd64 transport-independent RPC library
-ii linux-libc-dev:amd64 5.15.0-41.44 amd64 Linux Kernel Headers for development
-ii locales 2.35-0ubuntu3 all GNU C Library: National Language (locale) data [support]
+ii linux-libc-dev:amd64 5.15.0-43.46 amd64 Linux Kernel Headers for development
+ii locales 2.35-0ubuntu3.1 all GNU C Library: National Language (locale) data [support]
-ii netplan.io 0.104-0ubuntu2 amd64 YAML network configuration abstraction for various backends
+ii netplan.io 0.104-0ubuntu2.1 amd64 YAML network configuration abstraction for various backends
-ii python-apt-common 2.3.0ubuntu2 all Python interface to libapt-pkg (locales)
+ii python-apt-common 2.3.0ubuntu2.1 all Python interface to libapt-pkg (locales)
-ii python3-apt 2.3.0ubuntu2 amd64 Python 3 interface to libapt-pkg
+ii python3-apt 2.3.0ubuntu2.1 amd64 Python 3 interface to libapt-pkg
0.23.0
Notably, this release addresses:
USN-5528-1 USN-5528-1: FreeType vulnerabilities:
- CVE-2022-27405: FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
- CVE-2022-27406: FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
- CVE-2022-27404: FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
- CVE-2022-31782: ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.
-ii libfreetype-dev:amd64 2.11.1+dfsg-1build1 amd64 FreeType 2 font engine, development files
-ii libfreetype6:amd64 2.11.1+dfsg-1build1 amd64 FreeType 2 font engine, shared library files
-ii libfreetype6-dev:amd64 2.11.1+dfsg-1build1 amd64 FreeType 2 font engine, development files (transitional package)
+ii libfreetype-dev:amd64 2.11.1+dfsg-1ubuntu0.1 amd64 FreeType 2 font engine, development files
+ii libfreetype6:amd64 2.11.1+dfsg-1ubuntu0.1 amd64 FreeType 2 font engine, shared library files
+ii libfreetype6-dev:amd64 2.11.1+dfsg-1ubuntu0.1 amd64 FreeType 2 font engine, development files (transitional package)