USN-7061-1: Go vulnerabilities ›
10 October 2024
Several security issues were fixed in Go.
CVE-2023-29405 , CVE-2023-29406 , CVE-2024-24785 , and 8 others
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
10 October 2024
Several security issues were fixed in Go.
CVE-2023-29405 , CVE-2023-29406 , CVE-2024-24785 , and 8 others
10 October 2024
libgsf could be made to run programs as your login if it opened a specially crafted file.
10 October 2024
Several security issues were fixed in the Linux kernel.
CVE-2024-42160 , CVE-2024-26787 , CVE-2024-38570 , and 7 others
10 October 2024
Several security issues were fixed in EDK II.
CVE-2021-38578 , CVE-2021-28210 , CVE-2019-0161 , and 3 others
9 October 2024
oath-toolkit could be made overwrite files as the administrator.
9 October 2024
cups-filters could be made to run programs if it received specially crafted network traffic.
9 October 2024
cups-browsed could be made to run programs if it received specially crafted network traffic.
8 October 2024
Several security issues were fixed in dotnet6, dotnet8.
CVE-2024-43485 , CVE-2024-38229 , CVE-2024-43483 , and 1 other
8 October 2024
WEBrick could allow a HTTP request smuggling attack.
8 October 2024
nginx could be made to crash if it received specially crafted network traffic.