USN-7064-2: nano vulnerability ›
29 October 2024
nano could be made to give users administrator privileges.
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
29 October 2024
nano could be made to give users administrator privileges.
23 October 2024
libheif could be made to crash or read sensitive data if it opened a specially crafted file
23 October 2024
Several security issues were fixed in Go.
CVE-2024-34158 , CVE-2024-34155 , CVE-2024-24791 , and 1 other
22 October 2024
Unbound could be made to stop responding if it received specially crafted DNS traffic.
22 October 2024
Several security issues were fixed in WebKitGTK.
22 October 2024
Firefox could be made to crash or run programs as your login
21 October 2024
Several security issues were fixed in the Linux kernel.
21 October 2024
libgsf could be made to run programs as your login if it opened a specially crafted file.
21 October 2024
cups-browsed could be made to run programs if it received specially crafted network traffic.
21 October 2024
AMD processors may allow a privileged local attacker to further escalate their privileged and execute arbitrary code within the processor's firmware layer.