USN-7030-1: py7zr vulnerability ›
24 September 2024
py7zr could be made to create arbitrary files when extracting the contents of a specially crafted 7z archive.
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
24 September 2024
py7zr could be made to create arbitrary files when extracting the contents of a specially crafted 7z archive.
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-39494 , CVE-2024-27012 , CVE-2024-42160 , and 5 others
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-32936 , CVE-2024-39490 , CVE-2024-39483 , and 224 others
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-38615 , CVE-2024-42082 , CVE-2024-39490 , and 216 others
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-32936 , CVE-2024-39490 , CVE-2024-39483 , and 217 others
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-26880 , CVE-2024-27398 , CVE-2024-38570 , and 19 others
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-42160 , CVE-2024-42224 , CVE-2024-42154 , and 3 others
23 September 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-42229 , CVE-2024-39509 , CVE-2024-39471 , and 216 others
23 September 2024
USN-6992-1 caused some minor regressions in Firefox.
19 September 2024
PostgreSQL could execute arbitrary SQL functions as the superuser if it received a specially crafted SQL object.