This topic includes release notes for Xenial 621.x stemcells used with Tanzu Operations Manager.
To download a stemcell, see Stemcells (Ubuntu Xenial) on the Broadcom Support portal.
621.969
Release Date: June 12, 2024
Metadata:
BOSH Agent Version: 2.268.258
Kernel Version: 4.15.0.225.237~16.04.1
USNs:
Title: USN-6824-1: GIFLIB vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6824-1
Priorities: low
CVEs:
- CVE-2021-40633
- CVE-2022-28506
- CVE-2023-39742
- CVE-2023-39742
- CVE-2021-40633
- CVE-2022-28506
Title: USN-6806-1: GDK-PixBuf vulnerability
URL: https://ubuntu.com/security/notices/USN-6806-1
Priorities: medium
CVEs:
- CVE-2022-48622
Title: USN-6797-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6797-1
Priorities: medium
CVEs:
- CVE-2023-22655
- CVE-2023-28746
- CVE-2023-38575
- CVE-2023-39368
- CVE-2023-43490
- CVE-2023-45733
- CVE-2023-45745
- CVE-2023-47855
- CVE-2023-46103
- CVE-2023-46103
- CVE-2023-22655
- CVE-2023-39368
- CVE-2023-38575
- CVE-2023-47855
- CVE-2023-43490
- CVE-2023-45733
- CVE-2023-45745
- CVE-2023-28746
Title: USN-6777-2: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6777-2
Priorities: low,medium,negligible
CVEs:
- CVE-2023-47233
- CVE-2023-52524
- CVE-2023-52530
- CVE-2023-52601
- CVE-2023-52439
- CVE-2024-26635
- CVE-2023-52602
- CVE-2024-26614
- CVE-2024-26704
- CVE-2023-52604
- CVE-2023-52566
- CVE-2021-46981
- CVE-2024-26622
- CVE-2024-26735
- CVE-2024-26805
- CVE-2024-26801
- CVE-2023-52583
- CVE-2023-47233
- CVE-2024-26622
- CVE-2023-52530
- CVE-2023-52602
- CVE-2021-46981
- CVE-2024-26704
- CVE-2023-52583
- CVE-2024-26805
- CVE-2024-26635
- CVE-2023-52524
- CVE-2023-52601
- CVE-2023-52566
- CVE-2024-26735
- CVE-2024-26801
- CVE-2024-26614
- CVE-2023-52604
- CVE-2023-52439
Title: USN-6777-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6777-1
Priorities: low,medium,negligible
CVEs:
- CVE-2023-47233
- CVE-2023-52524
- CVE-2023-52530
- CVE-2023-52601
- CVE-2023-52439
- CVE-2024-26635
- CVE-2023-52602
- CVE-2024-26614
- CVE-2024-26704
- CVE-2023-52604
- CVE-2023-52566
- CVE-2021-46981
- CVE-2024-26622
- CVE-2024-26735
- CVE-2024-26805
- CVE-2024-26801
- CVE-2023-52583
- CVE-2023-52524
- CVE-2021-46981
- CVE-2023-52601
- CVE-2023-52602
- CVE-2024-26635
- CVE-2024-26704
- CVE-2024-26805
- CVE-2024-26735
- CVE-2024-26614
- CVE-2023-52439
- CVE-2023-52604
- CVE-2024-26801
- CVE-2023-52530
- CVE-2023-47233
- CVE-2024-26622
- CVE-2023-52566
- CVE-2023-52583
Title: USN-6777-3: Linux kernel (GCP) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6777-3
Priorities: low,medium,negligible
CVEs:
- CVE-2023-47233
- CVE-2023-52524
- CVE-2023-52530
- CVE-2023-52601
- CVE-2023-52439
- CVE-2024-26635
- CVE-2023-52602
- CVE-2024-26614
- CVE-2024-26704
- CVE-2023-52604
- CVE-2023-52566
- CVE-2021-46981
- CVE-2024-26622
- CVE-2024-26735
- CVE-2024-26805
- CVE-2024-26801
- CVE-2023-52583
- CVE-2024-26614
- CVE-2021-46981
- CVE-2023-52602
- CVE-2023-52530
- CVE-2024-26622
- CVE-2024-26801
- CVE-2024-26805
- CVE-2023-52583
- CVE-2023-52566
- CVE-2024-26735
- CVE-2023-52524
- CVE-2023-52601
- CVE-2024-26704
- CVE-2023-52604
- CVE-2023-52439
- CVE-2023-47233
- CVE-2024-26635
Title: USN-6778-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6778-1
Priorities: low,medium
CVEs:
- CVE-2023-47233
- CVE-2023-52601
- CVE-2024-26622
- CVE-2024-26805
- CVE-2024-26635
- CVE-2023-52602
- CVE-2024-26801
- CVE-2023-52566
- CVE-2024-26704
- CVE-2021-46939
- CVE-2024-26614
- CVE-2023-52604
- CVE-2023-52530
- CVE-2023-52524
- CVE-2021-46939
- CVE-2023-52524
- CVE-2023-52601
- CVE-2023-52602
- CVE-2024-26635
- CVE-2024-26704
- CVE-2024-26805
- CVE-2024-26614
- CVE-2023-52604
- CVE-2024-26801
- CVE-2023-52530
- CVE-2023-47233
- CVE-2024-26622
- CVE-2023-52566
Title: USN-6783-1: VLC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6783-1
Priorities: medium
CVEs:
- CVE-2023-47360
- CVE-2023-47359
Title: USN-6803-1: FFmpeg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6803-1
Priorities: medium
CVEs:
- CVE-2023-49501
- CVE-2023-49502
- CVE-2023-49528
- CVE-2023-50007
- CVE-2023-50008
- CVE-2023-50009
- CVE-2023-50010
- CVE-2023-51793
- CVE-2023-51794
- CVE-2023-51798
- CVE-2023-51795
- CVE-2023-51796
- CVE-2024-31578
- CVE-2024-31582
- CVE-2024-31585
- CVE-2023-51795
- CVE-2023-49502
- CVE-2024-31585
- CVE-2023-51793
- CVE-2023-51794
- CVE-2023-51798
- CVE-2023-50010
- CVE-2024-31578
- CVE-2023-50007
- CVE-2023-50008
- CVE-2024-31582
- CVE-2023-49501
- CVE-2023-51796
- CVE-2023-50009
- CVE-2023-49528
Title: USN-6764-1: libde265 vulnerability
URL: https://ubuntu.com/security/notices/USN-6764-1
Priorities: medium
CVEs:
- CVE-2023-51792
Title: USN-6781-1: Spreadsheet::ParseExcel vulnerability
URL: https://ubuntu.com/security/notices/USN-6781-1
Priorities: medium
CVEs:
- CVE-2023-7101
Title: USN-6804-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6804-1
Priorities: medium
CVEs:
- CVE-2024-33599
- CVE-2024-33600
- CVE-2024-33601
- CVE-2024-33602
- CVE-2024-33601
- CVE-2024-33599
- CVE-2024-33600
- CVE-2024-33602
Title: USN-6787-1: Jinja2 vulnerability
URL: https://ubuntu.com/security/notices/USN-6787-1
Priorities: medium
CVEs:
- CVE-2024-34064
Title: USN-6799-1: Werkzeug vulnerability
URL: https://ubuntu.com/security/notices/USN-6799-1
Priorities: medium
CVEs:
- CVE-2024-34069
Title: USN-6780-1: idna vulnerability
URL: https://ubuntu.com/security/notices/USN-6780-1
Priorities: medium
CVEs:
- CVE-2024-3651
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-trusty/v3586.153…ubuntu-xenial/v621.969
621.958
Release Date: May 20, 2024
Metadata:
BOSH Agent Version: 2.268.254
Kernel Version: 4.15.0.225.237~16.04.1
USNs:
Title: USN-6777-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6777-1
Priorities: low,medium,negligible
CVEs:
- CVE-2023-47233
- CVE-2023-52524
- CVE-2023-52530
- CVE-2023-52601
- CVE-2023-52439
- CVE-2024-26635
- CVE-2023-52602
- CVE-2024-26614
- CVE-2024-26704
- CVE-2023-52604
- CVE-2023-52566
- CVE-2021-46981
- CVE-2024-26622
- CVE-2024-26735
- CVE-2024-26805
- CVE-2024-26801
- CVE-2023-52583
- CVE-2023-52524
- CVE-2021-46981
- CVE-2023-52601
- CVE-2023-52602
- CVE-2024-26635
- CVE-2024-26704
- CVE-2024-26805
- CVE-2024-26735
- CVE-2024-26614
- CVE-2023-52439
- CVE-2023-52604
- CVE-2024-26801
- CVE-2023-52530
- CVE-2023-47233
- CVE-2024-26622
- CVE-2023-52566
- CVE-2023-52583
Title: USN-6778-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6778-1
Priorities: low,medium
CVEs:
- CVE-2023-47233
- CVE-2023-52601
- CVE-2024-26622
- CVE-2024-26805
- CVE-2024-26635
- CVE-2023-52602
- CVE-2024-26801
- CVE-2023-52566
- CVE-2024-26704
- CVE-2021-46939
- CVE-2024-26614
- CVE-2023-52604
- CVE-2023-52530
- CVE-2023-52524
- CVE-2021-46939
- CVE-2023-52524
- CVE-2023-52601
- CVE-2023-52602
- CVE-2024-26635
- CVE-2024-26704
- CVE-2024-26805
- CVE-2024-26614
- CVE-2023-52604
- CVE-2024-26801
- CVE-2023-52530
- CVE-2023-47233
- CVE-2024-26622
- CVE-2023-52566
Title: USN-6764-1: libde265 vulnerability
URL: https://ubuntu.com/security/notices/USN-6764-1
Priorities: medium
CVEs:
- CVE-2023-51792
621.944
Release Date: May 08, 2024
Metadata:
BOSH Agent Version: 2.268.250
Kernel Version: 4.15.0.224.236~16.04.1
USNs:
Title: USN-6736-1: klibc vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6736-1
Priorities: low,medium
CVEs:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2018-25032
- CVE-2022-37434
- CVE-2018-25032
- CVE-2016-9840
- CVE-2022-37434
- CVE-2016-9841
Title: USN-6731-1: YARD vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6731-1
Priorities: medium
CVEs:
- CVE-2017-17042
- CVE-2019-1020001
- CVE-2024-27285
- CVE-2017-17042
- CVE-2019-1020001
- CVE-2024-27285
Title: USN-6754-1: nghttp2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6754-1
Priorities: medium
CVEs:
- CVE-2019-9511
- CVE-2019-9513
- CVE-2023-44487
- CVE-2024-28182
- CVE-2024-28182
- CVE-2019-9511
- CVE-2019-9513
- CVE-2023-44487
Title: USN-6739-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6739-1
Priorities: medium,low
CVEs:
- CVE-2022-20422
- CVE-2023-1382
- CVE-2023-1998
- CVE-2023-24023
- CVE-2023-51043
- CVE-2023-51779
- CVE-2023-52429
- CVE-2024-23851
- CVE-2021-46966
- CVE-2021-46936
- CVE-2023-52451
- CVE-2019-25162
- CVE-2023-52445
- CVE-2023-52600
- CVE-2021-46990
- CVE-2021-46955
- CVE-2023-52603
- CVE-2023-1382
- CVE-2023-52445
- CVE-2023-52600
- CVE-2024-23851
- CVE-2021-46990
- CVE-2021-46955
- CVE-2019-25162
- CVE-2023-52451
- CVE-2023-24023
- CVE-2021-46936
- CVE-2022-20422
- CVE-2023-52603
- CVE-2023-1998
- CVE-2023-52429
- CVE-2021-46966
- CVE-2023-51779
- CVE-2023-51043
Title: USN-6745-1: Percona XtraBackup vulnerability
URL: https://ubuntu.com/security/notices/USN-6745-1
Priorities: medium
CVEs:
- CVE-2022-25834
Title: USN-6730-1: Apache Maven Shared Utils vulnerability
URL: https://ubuntu.com/security/notices/USN-6730-1
Priorities: medium
CVEs:
- CVE-2022-29599
Title: USN-6751-1: Zabbix vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6751-1
Priorities: medium
CVEs:
- CVE-2022-35229
- CVE-2022-35230
- CVE-2022-35230
- CVE-2022-35229
Title: USN-6757-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6757-1
Priorities: low,medium
CVEs:
- CVE-2022-4900
- CVE-2024-2756
- CVE-2024-3096
- CVE-2022-4900
- CVE-2024-2756
- CVE-2024-3096
Title: USN-6740-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6740-1
Priorities: medium,low
CVEs:
- CVE-2023-1382
- CVE-2023-1838
- CVE-2023-1998
- CVE-2023-24023
- CVE-2023-51043
- CVE-2023-51779
- CVE-2023-52429
- CVE-2024-23851
- CVE-2023-6915
- CVE-2024-0639
- CVE-2023-52603
- CVE-2023-52464
- CVE-2023-52600
- CVE-2023-52445
- CVE-2023-52451
- CVE-2024-23851
- CVE-2023-51043
- CVE-2023-6915
- CVE-2023-1838
- CVE-2023-1998
- CVE-2023-52464
- CVE-2023-52600
- CVE-2023-52603
- CVE-2024-0639
- CVE-2023-52451
- CVE-2023-52429
- CVE-2023-24023
- CVE-2023-51779
- CVE-2023-52445
- CVE-2023-1382
Title: LSN-0102-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0102-1
Priorities: medium,high
CVEs:
- CVE-2023-1872
- CVE-2023-4569
- CVE-2023-6176
- CVE-2023-51781
- CVE-2024-0646
- CVE-2024-1086
- CVE-2023-6176
- CVE-2023-4569
- CVE-2024-0646
- CVE-2024-1086
- CVE-2023-51781
- CVE-2023-1872
Title: USN-6735-1: Node.js vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6735-1
Priorities: medium
CVEs:
- CVE-2023-30588
- CVE-2023-30589
- CVE-2023-30590
- CVE-2023-30588
- CVE-2023-30589
- CVE-2023-30590
Title: USN-6729-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6729-2
Priorities: medium
CVEs:
- CVE-2023-38709
- CVE-2024-24795
- CVE-2024-27316
- CVE-2024-27316
- CVE-2024-24795
- CVE-2023-38709
Title: USN-6760-1: Gerbv vulnerability
URL: https://ubuntu.com/security/notices/USN-6760-1
Priorities: low
CVEs:
- CVE-2023-4508
Title: USN-6753-1: CryptoJS vulnerability
URL: https://ubuntu.com/security/notices/USN-6753-1
Priorities: medium
CVEs:
- CVE-2023-46233
Title: USN-6738-1: LXD vulnerability
URL: https://ubuntu.com/security/notices/USN-6738-1
Priorities: medium
CVEs:
- CVE-2023-48795
Title: USN-6657-2: Dnsmasq vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6657-2
Priorities: medium,low
CVEs:
- CVE-2023-50387
- CVE-2023-50868
- CVE-2023-28450
- CVE-2023-50387
- CVE-2023-28450
- CVE-2023-50868
Title: USN-6744-1: Pillow vulnerability
URL: https://ubuntu.com/security/notices/USN-6744-1
Priorities: medium
CVEs:
- CVE-2024-28219
Title: USN-6761-1: Anope vulnerability
URL: https://ubuntu.com/security/notices/USN-6761-1
Priorities: medium
CVEs:
- CVE-2024-30187
Title: USN-6721-2: X.Org X Server regression
URL: https://ubuntu.com/security/notices/USN-6721-2
Priorities: medium
CVEs:
- CVE-2024-31080
- CVE-2024-31081
- CVE-2024-31082
- CVE-2024-31083
621.924
Release Date: April 08, 2024
Metadata:
BOSH Agent Version: 2.268.247
Kernel Version: 4.15.0.223.7
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-xenial/v621.897…ubuntu-xenial/v621.924
USNs:
Title: USN-6700-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6700-1
Priorities: medium,low,high
CVEs:
- CVE-2022-20567
- CVE-2023-34256
- CVE-2023-39197
- CVE-2023-51781
- CVE-2024-0775
- CVE-2024-1086
- CVE-2024-24855
- CVE-2023-34256
- CVE-2023-51781
- CVE-2024-24855
- CVE-2023-39197
- CVE-2024-0775
- CVE-2022-20567
- CVE-2024-1086
Title: USN-6700-2: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6700-2
Priorities: medium,low,high
CVEs:
- CVE-2022-20567
- CVE-2023-34256
- CVE-2023-39197
- CVE-2023-51781
- CVE-2024-0775
- CVE-2024-1086
- CVE-2024-24855
- CVE-2024-0775
- CVE-2022-20567
- CVE-2024-1086
- CVE-2023-51781
- CVE-2024-24855
- CVE-2023-39197
- CVE-2023-34256
Title: LSN-0102-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0102-1
Priorities: medium,high
CVEs:
- CVE-2023-1872
- CVE-2023-4569
- CVE-2023-6176
- CVE-2023-51781
- CVE-2024-0646
- CVE-2024-1086
- CVE-2023-6176
- CVE-2023-4569
- CVE-2024-0646
- CVE-2024-1086
- CVE-2023-51781
- CVE-2023-1872
Title: USN-6701-2: Linux kernel (GCP) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6701-2
Priorities: medium,low,high
CVEs:
- CVE-2023-2002
- CVE-2023-23000
- CVE-2023-3006
- CVE-2023-34256
- CVE-2023-39197
- CVE-2023-4132
- CVE-2023-46838
- CVE-2023-51781
- CVE-2023-6121
- CVE-2024-0775
- CVE-2024-1086
- CVE-2024-24855
- CVE-2023-51781
- CVE-2023-2002
- CVE-2023-23000
- CVE-2023-34256
- CVE-2024-0775
- CVE-2024-1086
- CVE-2023-39197
- CVE-2023-3006
- CVE-2023-6121
- CVE-2023-4132
- CVE-2024-24855
- CVE-2023-46838
Title: USN-6701-3: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6701-3
Priorities: medium,low,high
CVEs:
- CVE-2023-2002
- CVE-2023-23000
- CVE-2023-3006
- CVE-2023-34256
- CVE-2023-39197
- CVE-2023-4132
- CVE-2023-46838
- CVE-2023-51781
- CVE-2023-6121
- CVE-2024-0775
- CVE-2024-1086
- CVE-2024-24855
- CVE-2024-0775
- CVE-2023-6121
- CVE-2023-46838
- CVE-2024-1086
- CVE-2023-51781
- CVE-2023-2002
- CVE-2023-4132
- CVE-2024-24855
- CVE-2023-34256
- CVE-2023-39197
- CVE-2023-23000
- CVE-2023-3006
Title: USN-6673-2: python-cryptography vulnerability
URL: https://ubuntu.com/security/notices/USN-6673-2
Priorities: medium
CVEs:
- CVE-2023-50782
- CVE-2023-50782
Title: USN-6715-1: unixODBC vulnerability
URL: https://ubuntu.com/security/notices/USN-6715-1
Priorities: medium
CVEs:
- CVE-2024-1013
Title: USN-6588-2: PAM vulnerability
URL: https://ubuntu.com/security/notices/USN-6588-2
Priorities: medium
CVEs:
- CVE-2024-22365
Title: USN-6698-1: Vim vulnerability
URL: https://ubuntu.com/security/notices/USN-6698-1
Priorities: low
CVEs:
- CVE-2024-22667
Title: USN-6718-2: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-6718-2
Priorities: medium
CVEs:
- CVE-2024-2398
- CVE-2024-2398
621.897
Release Date: March 14, 2024
Metadata:
BOSH Agent Version: 2.268.238
Kernel Version: 4.15.0.222.6
USNs:
Title: USN-6685-1: mqtt-client vulnerability
URL: https://ubuntu.com/security/notices/USN-6685-1
Priorities: medium
CVEs:
- CVE-2019-0222
Title: USN-6678-1: libgit2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6678-1
Priorities: medium
CVEs:
- CVE-2020-12278
- CVE-2020-12279
- CVE-2023-22742
- CVE-2024-24575
- CVE-2024-24577
- CVE-2024-24575
- CVE-2024-24577
- CVE-2020-12278
- CVE-2023-22742
- CVE-2020-12279
Title: USN-6584-2: Libspf2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6584-2
Priorities: medium
CVEs:
- CVE-2021-33912
- CVE-2021-33913
- CVE-2021-20314
- CVE-2021-33912
- CVE-2021-33913
- CVE-2021-33913
- CVE-2021-33912
Title: USN-6659-1: libde265 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6659-1
Priorities: medium
CVEs:
- CVE-2022-43244
- CVE-2022-43249
- CVE-2022-43250
- CVE-2022-47665
- CVE-2023-25221
- CVE-2022-43245
- CVE-2023-24751
- CVE-2023-24752
- CVE-2023-24754
- CVE-2023-24755
- CVE-2023-24756
- CVE-2023-24757
- CVE-2023-24758
- CVE-2022-47665
- CVE-2023-24752
- CVE-2022-43244
- CVE-2023-24754
- CVE-2023-24756
- CVE-2022-43245
- CVE-2023-24758
- CVE-2023-24751
- CVE-2023-25221
- CVE-2022-43250
- CVE-2022-43249
- CVE-2023-24757
- CVE-2023-24755
Title: USN-6677-1: libde265 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6677-1
Priorities: medium
CVEs:
- CVE-2023-27102
- CVE-2023-27103
- CVE-2023-43887
- CVE-2023-47471
- CVE-2023-49465
- CVE-2023-49467
- CVE-2023-49468
- CVE-2023-49468
- CVE-2023-49465
- CVE-2023-27102
- CVE-2023-49467
- CVE-2023-27103
- CVE-2023-47471
- CVE-2023-43887
Title: USN-6305-2: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6305-2
Priorities: medium
CVEs:
- CVE-2023-3823
- CVE-2023-3824
- CVE-2023-3823
- CVE-2023-3824
Title: USN-6654-1: Roundcube Webmail vulnerability
URL: https://ubuntu.com/security/notices/USN-6654-1
Priorities: medium
CVEs:
- CVE-2023-43770
- CVE-2023-43770
Title: USN-6684-1: ncurses vulnerability
URL: https://ubuntu.com/security/notices/USN-6684-1
Priorities: low
CVEs:
- CVE-2023-50495
Title: USN-6646-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6646-1
Priorities: medium,high
CVEs:
- CVE-2023-51780
- CVE-2023-51782
- CVE-2023-7192
- CVE-2023-51782
- CVE-2023-51780
- CVE-2023-7192
Title: USN-6647-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6647-1
Priorities: medium,high
CVEs:
- CVE-2023-51780
- CVE-2023-51782
- CVE-2023-7192
- CVE-2023-7192
- CVE-2023-51780
- CVE-2023-51782
Title: LSN-0101-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0101-1
Priorities: high
CVEs:
- CVE-2023-6817
- CVE-2023-6932
- CVE-2023-7192
- CVE-2024-0193
- CVE-2024-0646
- CVE-2023-6817
- CVE-2023-6932
- CVE-2023-7192
- CVE-2024-0193
- CVE-2024-0646
Title: USN-6658-2: libxml2 vulnerability
URL: https://ubuntu.com/security/notices/USN-6658-2
Priorities: medium
CVEs:
- CVE-2024-25062
Title: USN-6676-1: c-ares vulnerability
URL: https://ubuntu.com/security/notices/USN-6676-1
Priorities: unknown
CVEs:
- CVE-2024-25629
621.872
Release Date: February 21, 2024
Metadata:
BOSH Agent Version: 2.268.230
USNs:
Title: USN-6617-1: libde265 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6617-1
Priorities: medium
CVEs:
- CVE-2020-21594
- CVE-2020-21595
- CVE-2020-21596
- CVE-2020-21599
- CVE-2020-21600
- CVE-2020-21601
- CVE-2020-21602
- CVE-2020-21603
- CVE-2020-21604
- CVE-2020-21605
- CVE-2020-21597
- CVE-2020-21598
- CVE-2020-21606
- CVE-2021-36408
- CVE-2020-21606
- CVE-2021-36408
- CVE-2020-21595
- CVE-2020-21601
- CVE-2020-21598
- CVE-2020-21602
- CVE-2020-21605
- CVE-2020-21600
- CVE-2020-21597
- CVE-2020-21599
- CVE-2020-21603
- CVE-2020-21594
- CVE-2020-21596
- CVE-2020-21604
Title: USN-6627-1: libde265 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6627-1
Priorities: medium,low
CVEs:
- CVE-2021-35452
- CVE-2021-36411
- CVE-2022-43238
- CVE-2022-43241
- CVE-2022-43242
- CVE-2021-36408
- CVE-2021-36409
- CVE-2021-36410
- CVE-2022-43235
- CVE-2022-43236
- CVE-2022-43237
- CVE-2022-43239
- CVE-2022-43240
- CVE-2022-43243
- CVE-2022-43248
- CVE-2022-43252
- CVE-2022-43253
- CVE-2022-1253
- CVE-2022-43242
- CVE-2022-43243
- CVE-2021-36409
- CVE-2021-36410
- CVE-2022-43240
- CVE-2022-43239
- CVE-2022-43237
- CVE-2021-36411
- CVE-2022-1253
- CVE-2022-43236
- CVE-2022-43253
- CVE-2022-43241
- CVE-2022-43235
- CVE-2021-35452
- CVE-2021-36408
- CVE-2022-43252
- CVE-2022-43238
- CVE-2022-43248
Title: USN-6604-2: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6604-2
Priorities: low,high,medium
CVEs:
- CVE-2023-1079
- CVE-2023-20588
- CVE-2023-45863
- CVE-2023-6606
- CVE-2023-6931
- CVE-2023-6932
- CVE-2023-20588
- CVE-2023-6931
- CVE-2023-1079
- CVE-2023-6932
- CVE-2023-45863
- CVE-2023-6606
Title: USN-6613-1: Ceph vulnerability
URL: https://ubuntu.com/security/notices/USN-6613-1
Priorities: medium
CVEs:
- CVE-2023-43040
Title: USN-6641-1: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-6641-1
Priorities: medium
CVEs:
- CVE-2023-46218
Title: USN-6640-1: shadow vulnerability
URL: https://ubuntu.com/security/notices/USN-6640-1
Priorities: low
CVEs:
- CVE-2023-4641
Title: USN-6591-2: Postfix update
URL: https://ubuntu.com/security/notices/USN-6591-2
Priorities: medium
CVEs:
- CVE-2023-51764
Title: USN-6646-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6646-1
Priorities: medium,high
CVEs:
- CVE-2023-51780
- CVE-2023-51782
- CVE-2023-7192
- CVE-2023-51782
- CVE-2023-51780
- CVE-2023-7192
Title: USN-6644-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6644-1
Priorities: medium,low
CVEs:
- CVE-2023-52356
- CVE-2023-6228
- CVE-2023-6277
- CVE-2023-6228
- CVE-2023-52356
- CVE-2023-6277
Title: USN-6621-1: ImageMagick vulnerability
URL: https://ubuntu.com/security/notices/USN-6621-1
Priorities: medium
CVEs:
- CVE-2023-5341
Title: LSN-0100-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0100-1
Priorities: high,medium
CVEs:
- CVE-2023-5345
- CVE-2023-6040
- CVE-2023-6176
- CVE-2023-6817
- CVE-2023-6932
- CVE-2023-6817
- CVE-2023-6040
- CVE-2023-6932
- CVE-2023-6176
- CVE-2023-5345
Title: USN-6632-1: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6632-1
Priorities: low
CVEs:
- CVE-2023-5678
- CVE-2024-0727
- CVE-2023-5678
- CVE-2024-0727
Title: USN-6592-2: libssh vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6592-2
Priorities: medium
CVEs:
- CVE-2023-6004
- CVE-2023-6918
- CVE-2023-6918
- CVE-2023-6004
Title: USN-6587-4: X.Org X Server regression
URL: https://ubuntu.com/security/notices/USN-6587-4
Priorities: medium
CVEs:
- CVE-2023-6816
- CVE-2024-0229
- CVE-2024-0408
- CVE-2024-0409
- CVE-2024-21885
- CVE-2024-21886
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-trusty/v3586.153…ubuntu-xenial/v621.872
621.813
Release Date: January 30, 2024
Fixes
- The bosh-agent no longer blocks when running an asynchronous action and receiving a second asynchronous action. It will not run multiple actions in parallel, but it will not block so
get_taskactions are able to be processed.
Metadata:
BOSH Agent Version: 2.268.214
USNs:
Title: USN-6604-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6604-1
Priorities: low,high,medium
CVEs:
- CVE-2023-1079
- CVE-2023-20588
- CVE-2023-45863
- CVE-2023-6606
- CVE-2023-6931
- CVE-2023-6932
- CVE-2023-20588
- CVE-2023-1079
- CVE-2023-45863
- CVE-2023-6606
- CVE-2023-6932
- CVE-2023-6931
Title: USN-6604-2: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6604-2
Priorities: low,high,medium
CVEs:
- CVE-2023-1079
- CVE-2023-20588
- CVE-2023-45863
- CVE-2023-6606
- CVE-2023-6931
- CVE-2023-6932
- CVE-2023-20588
- CVE-2023-6931
- CVE-2023-1079
- CVE-2023-6932
- CVE-2023-45863
- CVE-2023-6606
Title: USN-6611-1: Exim vulnerability
URL: https://ubuntu.com/security/notices/USN-6611-1
Priorities: medium
CVEs:
- CVE-2023-51766
621.809
Release Date: January 29, 2024
Metadata:
BOSH Agent Version: 2.268.213
USNs:
Title: USN-6579-1: Xerces-C++ vulnerability
URL: https://ubuntu.com/security/notices/USN-6579-1
Priorities: medium
CVEs:
- CVE-2018-1311
Title: USN-6590-1: Xerces-C++ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6590-1
Priorities: medium
CVEs:
- CVE-2018-1311
- CVE-2023-37536
- CVE-2018-1311
- CVE-2023-37536
Title: USN-6559-1: ZooKeeper vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6559-1
Priorities: low,medium
CVEs:
- CVE-2019-0201
- CVE-2023-44981
- CVE-2023-44981
- CVE-2019-0201
Title: USN-6586-1: FreeImage vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6586-1
Priorities: medium
CVEs:
- CVE-2019-12211
- CVE-2019-12213
- CVE-2020-21427
- CVE-2020-21428
- CVE-2020-22524
- CVE-2020-21427
- CVE-2020-21428
- CVE-2019-12213
- CVE-2020-22524
- CVE-2019-12211
Title: USN-6599-1: Jinja2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6599-1
Priorities: low,medium
CVEs:
- CVE-2020-28493
- CVE-2024-22195
- CVE-2020-28493
- CVE-2024-22195
Title: USN-6584-1: Libspf2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6584-1
Priorities: medium
CVEs:
- CVE-2021-20314
- CVE-2021-33912
- CVE-2021-33913
- CVE-2021-33912
- CVE-2021-33913
- CVE-2021-20314
Title: USN-6571-1: Monit vulnerability
URL: https://ubuntu.com/security/notices/USN-6571-1
Priorities: medium
CVEs:
- CVE-2022-26563
Title: USN-6038-2: Go vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6038-2
Priorities: medium
CVEs:
- CVE-2022-29526
- CVE-2022-30630
- CVE-2022-1705
- CVE-2022-1962
- CVE-2022-27664
- CVE-2022-28131
- CVE-2022-30630
- CVE-2022-30631
- CVE-2022-30632
- CVE-2022-30633
- CVE-2022-30635
- CVE-2022-32189
- CVE-2022-41715
- CVE-2022-41717
- CVE-2023-24534
- CVE-2023-24537
- CVE-2022-2879
- CVE-2022-2880
- CVE-2022-29526
- CVE-2022-30629
- CVE-2022-32148
- CVE-2023-24538
- CVE-2022-2879
- CVE-2022-1705
- CVE-2022-30630
- CVE-2022-30633
- CVE-2022-28131
- CVE-2022-30635
- CVE-2022-32148
- CVE-2023-24534
- CVE-2023-24538
- CVE-2022-32189
- CVE-2022-41717
- CVE-2023-24537
- CVE-2022-27664
- CVE-2022-2880
- CVE-2022-29526
- CVE-2022-30631
- CVE-2022-30632
- CVE-2022-30629
Title: USN-6577-1: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6577-1
Priorities: high,medium
CVEs:
- CVE-2023-20588
- CVE-2023-45863
- CVE-2023-45863
- CVE-2023-20588
Title: USN-6602-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6602-1
Priorities: high,medium
CVEs:
- CVE-2023-20588
- CVE-2023-45863
- CVE-2023-6606
- CVE-2023-6931
- CVE-2023-6932
- CVE-2023-20588
- CVE-2023-45863
- CVE-2023-6606
- CVE-2023-6932
- CVE-2023-6931
Title: USN-6583-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6583-1
Priorities: medium
CVEs:
- CVE-2023-22084
- CVE-2023-22028
Title: USN-6560-2: OpenSSH vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6560-2
Priorities: medium
CVEs:
- CVE-2023-48795
- CVE-2023-51385
- CVE-2023-48795
- CVE-2023-51385
Title: USN-6591-1: Postfix vulnerability
URL: https://ubuntu.com/security/notices/USN-6591-1
Priorities: medium
CVEs:
- CVE-2023-51764
Title: USN-6570-1: PostgreSQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6570-1
Priorities: medium
CVEs:
- CVE-2023-5869
- CVE-2023-5870
- CVE-2023-5869
- CVE-2023-5870
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-trusty/v3586.153…ubuntu-xenial/v621.809
621.793
Release Date: January 03, 2024
Metadata:
BOSH Agent Version: 2.268.208
USNs:
Title: USN-6558-1: audiofile vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6558-1
Priorities: low,medium
CVEs:
- CVE-2018-13440
- CVE-2018-17095
- CVE-2019-13147
- CVE-2022-24599
- CVE-2018-17095
- CVE-2019-13147
- CVE-2018-13440
- CVE-2022-24599
Title: USN-6557-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6557-1
Priorities: low,medium
CVEs:
- CVE-2022-1725
- CVE-2022-1771
- CVE-2022-1886
- CVE-2022-1897
- CVE-2022-2000
- CVE-2022-2042
- CVE-2023-46246
- CVE-2023-48231
- CVE-2023-48232
- CVE-2023-48233
- CVE-2023-48234
- CVE-2023-48235
- CVE-2023-48236
- CVE-2023-48237
- CVE-2023-48706
- CVE-2023-48706
- CVE-2023-48234
- CVE-2023-48231
- CVE-2023-46246
- CVE-2023-48235
- CVE-2022-1725
- CVE-2023-48232
- CVE-2022-2042
- CVE-2022-2000
- CVE-2022-1886
- CVE-2023-48233
- CVE-2023-48236
- CVE-2022-1771
- CVE-2022-1897
- CVE-2023-48237
Title: USN-6555-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6555-2
Priorities: medium
CVEs:
- CVE-2023-6377
- CVE-2023-6478
- CVE-2023-6478
- CVE-2023-6377
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-trusty/v3586.153…ubuntu-xenial/v621.793
621.782
Release Date: December 12, 2023
Metadata:
BOSH Agent Version: 2.268.203
USNs:
Title: USN-6473-2: pip vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6473-2
Priorities: medium
CVEs:
- CVE-2018-25091
- CVE-2023-43804
- CVE-2023-45803
- CVE-2023-45803
- CVE-2018-25091
- CVE-2023-43804
Title: USN-6508-1: poppler vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6508-1
Priorities: medium
CVEs:
- CVE-2020-23804
- CVE-2022-37050
- CVE-2022-37051
- CVE-2022-37052
- CVE-2022-38349
- CVE-2022-37051
- CVE-2020-23804
- CVE-2022-38349
- CVE-2022-37050
- CVE-2022-37052
Title: USN-6542-1: TinyXML vulnerability
URL: https://ubuntu.com/security/notices/USN-6542-1
Priorities: medium
CVEs:
- CVE-2021-42260
Title: USN-6531-1: Redis vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6531-1
Priorities: medium
CVEs:
- CVE-2022-24834
- CVE-2022-35977
- CVE-2022-36021
- CVE-2023-25155
- CVE-2023-28856
- CVE-2023-45145
- CVE-2023-25155
- CVE-2022-36021
- CVE-2022-24834
- CVE-2023-45145
- CVE-2023-28856
- CVE-2022-35977
Title: LSN-0099-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0099-1
Priorities: medium,high
CVEs:
- CVE-2022-3643
- CVE-2023-3567
- CVE-2023-3609
- CVE-2023-3776
- CVE-2023-3777
- CVE-2023-3995
- CVE-2023-4004
- CVE-2023-4622
- CVE-2023-4623
- CVE-2023-4881
- CVE-2023-5197
- CVE-2023-31436
- CVE-2023-34319
- CVE-2023-40283
- CVE-2023-42752
- CVE-2023-42753
- CVE-2023-42752
- CVE-2023-3777
- CVE-2023-3609
- CVE-2023-4881
- CVE-2023-42753
- CVE-2023-4623
- CVE-2023-3567
- CVE-2023-3995
- CVE-2023-40283
- CVE-2023-5197
- CVE-2023-3776
- CVE-2023-4622
- CVE-2023-4004
- CVE-2023-34319
- CVE-2022-3643
- CVE-2023-31436
Title: USN-6512-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6512-1
Priorities: medium,negligible
CVEs:
- CVE-2022-40090
- CVE-2023-3576
- CVE-2023-3576
- CVE-2022-40090
Title: USN-6528-1: OpenJDK 8 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6528-1
Priorities: medium
CVEs:
- CVE-2022-40433
- CVE-2023-22025
- CVE-2023-22067
- CVE-2023-22081
- CVE-2023-22067
- CVE-2022-40433
- CVE-2023-22081
- CVE-2023-22025
Title: USN-6513-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6513-1
Priorities: medium
CVEs:
- CVE-2022-48564
- CVE-2023-40217
- CVE-2023-40217
- CVE-2022-48564
Title: USN-6532-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6532-1
Priorities: high,low,medium
CVEs:
- CVE-2023-20593
- CVE-2023-31085
- CVE-2023-39189
- CVE-2023-39192
- CVE-2023-39193
- CVE-2023-39194
- CVE-2023-42754
- CVE-2023-45862
- CVE-2023-45871
- CVE-2023-5717
- CVE-2023-45871
- CVE-2023-20593
- CVE-2023-39194
- CVE-2023-39193
- CVE-2023-42754
- CVE-2023-39192
- CVE-2023-45862
- CVE-2023-39189
- CVE-2023-31085
- CVE-2023-5717
Title: USN-6494-2: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6494-2
Priorities: low,medium
CVEs:
- CVE-2023-31085
- CVE-2023-39189
- CVE-2023-39192
- CVE-2023-39193
- CVE-2023-39194
- CVE-2023-42754
- CVE-2023-45862
- CVE-2023-45871
- CVE-2023-5717
- CVE-2023-45871
- CVE-2023-39194
- CVE-2023-39193
- CVE-2023-42754
- CVE-2023-39192
- CVE-2023-45862
- CVE-2023-39189
- CVE-2023-31085
- CVE-2023-5717
Title: USN-6510-1: Apache HTTP Server vulnerability
URL: https://ubuntu.com/security/notices/USN-6510-1
Priorities: low
CVEs:
- CVE-2023-31122
Title: USN-6463-2: Open VM Tools vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6463-2
Priorities: medium
CVEs:
- CVE-2023-34058
- CVE-2023-34059
- CVE-2023-34058
- CVE-2023-34059
Title: USN-6487-1: Avahi vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6487-1
Priorities: medium
CVEs:
- CVE-2023-38469
- CVE-2023-38470
- CVE-2023-38471
- CVE-2023-38472
- CVE-2023-38473
- CVE-2023-38469
- CVE-2023-38471
- CVE-2023-38472
- CVE-2023-38470
- CVE-2023-38473
Title: USN-6540-1: BlueZ vulnerability
URL: https://ubuntu.com/security/notices/USN-6540-1
Priorities: medium
CVEs:
- CVE-2023-45866
Title: USN-6541-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6541-1
Priorities: low,medium
CVEs:
- CVE-2023-4806
- CVE-2023-4813
- CVE-2023-4806
- CVE-2023-5156
- CVE-2023-4806
- CVE-2023-4813
- CVE-2023-5156
621.759
Release Date: November 19, 2023
Metadata:
BOSH Agent Version: 2.268.196
USNs:
Title: USN-6475-1: Cobbler vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6475-1
Priorities: medium,low,high
CVEs:
- CVE-2014-3225
- CVE-2017-1000469
- CVE-2021-45082
- CVE-2018-10931
- CVE-2018-1000225
- CVE-2018-1000226
- CVE-2021-40323
- CVE-2021-40324
- CVE-2021-40325
- CVE-2021-45083
- CVE-2022-0860
- CVE-2021-40323
- CVE-2018-1000225
- CVE-2021-45082
- CVE-2021-40324
- CVE-2021-45083
- CVE-2017-1000469
- CVE-2021-40325
- CVE-2022-0860
- CVE-2018-10931
- CVE-2018-1000226
- CVE-2014-3225
Title: USN-6474-1: xrdp vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6474-1
Priorities: medium
CVEs:
- CVE-2022-23479
- CVE-2022-23481
- CVE-2022-23483
- CVE-2023-42822
- CVE-2023-40184
- CVE-2022-23468
- CVE-2022-23480
- CVE-2022-23482
- CVE-2022-23484
- CVE-2022-23477
- CVE-2022-23493
- CVE-2022-23478
- CVE-2022-23613
- CVE-2022-23468
- CVE-2022-23477
- CVE-2022-23479
- CVE-2022-23484
- CVE-2022-23481
- CVE-2022-23613
- CVE-2022-23493
- CVE-2022-23480
- CVE-2022-23483
- CVE-2022-23478
- CVE-2023-42822
- CVE-2022-23482
- CVE-2023-40184
Title: USN-6485-1: Intel Microcode vulnerability
URL: https://ubuntu.com/security/notices/USN-6485-1
Priorities: high
CVEs:
- CVE-2023-23583
Title: USN-6477-1: procps-ng vulnerability
URL: https://ubuntu.com/security/notices/USN-6477-1
Priorities: low
CVEs:
- CVE-2023-4016
621.753
Release Date: November 14, 2023
Metadata:
BOSH Agent Version: 2.268.193
USNs:
Title: USN-6473-1: urllib3 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6473-1
Priorities: medium
CVEs:
- CVE-2018-25091
- CVE-2023-43804
- CVE-2023-45803
- CVE-2023-45803
- CVE-2023-43804
- CVE-2018-25091
Title: USN-6451-1: ncurses vulnerability
URL: https://ubuntu.com/security/notices/USN-6451-1
Priorities: medium
CVEs:
- CVE-2020-19189
Title: USN-6472-1: GNU Scientific Library vulnerability
URL: https://ubuntu.com/security/notices/USN-6472-1
Priorities: medium
CVEs:
- CVE-2020-35357
Title: USN-6469-1: xrdp vulnerability
URL: https://ubuntu.com/security/notices/USN-6469-1
Priorities: medium
CVEs:
- CVE-2020-4044
Title: USN-6471-1: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-6471-1
Priorities: medium
CVEs:
- CVE-2022-33065
Title: USN-6440-3: Linux kernel (HWE) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6440-3
Priorities: medium,low,high
CVEs:
- CVE-2023-0597
- CVE-2023-1206
- CVE-2023-31083
- CVE-2023-34319
- CVE-2023-3772
- CVE-2023-42752
- CVE-2023-42753
- CVE-2023-42755
- CVE-2023-4622
- CVE-2023-4623
- CVE-2023-4881
- CVE-2023-4921
- CVE-2023-1206
- CVE-2023-4623
- CVE-2023-4921
- CVE-2023-42755
- CVE-2023-42752
- CVE-2023-4622
- CVE-2023-4881
- CVE-2023-42753
- CVE-2023-31083
- CVE-2023-34319
- CVE-2023-3772
- CVE-2023-0597
Title: USN-6288-2: MySQL vulnerability
URL: https://ubuntu.com/security/notices/USN-6288-2
Priorities: medium
CVEs:
- CVE-2023-22053
Title: USN-6448-1: Sofia-SIP vulnerability
URL: https://ubuntu.com/security/notices/USN-6448-1
Priorities: medium
CVEs:
- CVE-2023-32307
Title: USN-6199-2: PHP vulnerability
URL: https://ubuntu.com/security/notices/USN-6199-2
Priorities: medium
CVEs:
- CVE-2023-3247
Title: USN-6467-1: Kerberos vulnerability
URL: https://ubuntu.com/security/notices/USN-6467-1
Priorities: medium
CVEs:
- CVE-2023-36054
Title: USN-6452-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6452-1
Priorities: medium
CVEs:
- CVE-2023-3896
- CVE-2023-4733
- CVE-2023-4750
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-5344
- CVE-2023-4738
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-5535
- CVE-2023-4781
- CVE-2023-5441
- CVE-2023-4752
- CVE-2023-5535
- CVE-2023-4733
- CVE-2023-4750
- CVE-2023-3896
- CVE-2023-4781
- CVE-2023-5344
- CVE-2023-4751
- CVE-2023-5441
- CVE-2023-4735
- CVE-2023-4738
- CVE-2023-4734
Title: USN-6470-1: Axis vulnerability
URL: https://ubuntu.com/security/notices/USN-6470-1
Priorities: medium
CVEs:
- CVE-2023-40743
- CVE-2023-40743
Title: USN-6455-1: Exim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6455-1
Priorities: medium
CVEs:
- CVE-2023-42117
- CVE-2023-42119
- CVE-2023-42117
- CVE-2023-42119
Title: USN-6408-2: libXpm vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6408-2
Priorities: medium
CVEs:
- CVE-2023-43786
- CVE-2023-43787
- CVE-2023-43788
- CVE-2023-43789
- CVE-2023-43789
- CVE-2023-43787
- CVE-2023-43786
- CVE-2023-43788
Title: USN-6453-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6453-2
Priorities: medium
CVEs:
- CVE-2023-5367
- CVE-2023-5380
- CVE-2023-5380
- CVE-2023-5367
621.730
Release Date: October 23, 2023
Metadata:
BOSH Agent Version: 2.268.187
USNs:
Title: USN-6419-1: jQuery UI vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6419-1
Priorities: medium
CVEs:
- CVE-2016-7103
- CVE-2021-41182
- CVE-2021-41183
- CVE-2021-41184
- CVE-2022-31160
- CVE-2021-41183
- CVE-2022-31160
- CVE-2021-41184
- CVE-2021-41182
- CVE-2016-7103
Title: USN-6413-1: GNU binutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6413-1
Priorities: low,medium
CVEs:
- CVE-2017-17122
- CVE-2017-8421
- CVE-2018-20671
- CVE-2018-6543
- CVE-2022-35205
- CVE-2022-47007
- CVE-2022-47008
- CVE-2022-47010
- CVE-2022-47011
- CVE-2022-48063
- CVE-2022-35205
- CVE-2022-47007
- CVE-2018-20671
- CVE-2017-8421
- CVE-2022-47011
- CVE-2017-17122
- CVE-2022-48063
- CVE-2022-47010
- CVE-2022-47008
- CVE-2018-6543
Title: USN-6437-1: VIPS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6437-1
Priorities: medium,low
CVEs:
- CVE-2018-7998
- CVE-2019-6976
- CVE-2020-20739
- CVE-2021-27847
- CVE-2023-40032
- CVE-2020-20739
- CVE-2018-7998
- CVE-2019-6976
- CVE-2023-40032
- CVE-2021-27847
Title: USN-6430-1: FFmpeg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6430-1
Priorities: medium
CVEs:
- CVE-2020-22024
- CVE-2020-22039
- CVE-2020-22040
- CVE-2020-22043
- CVE-2020-22051
- CVE-2021-28429
- CVE-2020-22040
- CVE-2020-22051
- CVE-2021-28429
- CVE-2020-22043
- CVE-2020-22039
- CVE-2020-22024
Title: USN-6398-1: ReadyMedia vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6398-1
Priorities: medium
CVEs:
- CVE-2022-26505
- CVE-2023-33476
- CVE-2022-26505
- CVE-2023-33476
Title: USN-6394-2: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-6394-2
Priorities: medium
CVEs:
- CVE-2022-48560
Title: USN-6439-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6439-1
Priorities: medium,low,high
CVEs:
- CVE-2023-1206
- CVE-2023-31083
- CVE-2023-34319
- CVE-2023-3772
- CVE-2023-42752
- CVE-2023-42753
- CVE-2023-42755
- CVE-2023-4622
- CVE-2023-4623
- CVE-2023-4881
- CVE-2023-4921
- CVE-2023-31083
- CVE-2023-42753
- CVE-2023-4921
- CVE-2023-4881
- CVE-2023-42752
- CVE-2023-42755
- CVE-2023-4622
- CVE-2023-34319
- CVE-2023-4623
- CVE-2023-1206
- CVE-2023-3772
Title: USN-6428-1: LibTIFF vulnerability
URL: https://ubuntu.com/security/notices/USN-6428-1
Priorities: low
CVEs:
- CVE-2023-1916
Title: LSN-0098-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0098-1
Priorities: high
CVEs:
- CVE-2023-3090
- CVE-2023-3567
- CVE-2023-3609
- CVE-2023-3776
- CVE-2023-3777
- CVE-2023-3995
- CVE-2023-4004
- CVE-2023-4128
- CVE-2023-21400
- CVE-2023-40283
- CVE-2023-3776
- CVE-2023-3609
- CVE-2023-21400
- CVE-2023-4004
- CVE-2023-3777
- CVE-2023-40283
- CVE-2023-3090
- CVE-2023-3995
- CVE-2023-3567
- CVE-2023-4128
Title: USN-6421-1: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-6421-1
Priorities: medium
CVEs:
- CVE-2023-3341
Title: USN-6429-2: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-6429-2
Priorities: low
CVEs:
- CVE-2023-38546
- CVE-2023-38546
Title: USN-6432-1: Quagga vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6432-1
Priorities: medium,low
CVEs:
- CVE-2023-41358
- CVE-2023-41360
- CVE-2023-41360
- CVE-2023-41358
Title: USN-6411-1: Exim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6411-1
Priorities: medium
CVEs:
- CVE-2023-42114
- CVE-2023-42115
- CVE-2023-42116
- CVE-2023-42115
- CVE-2023-42114
- CVE-2023-42116
Title: USN-6407-2: libx11 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6407-2
Priorities: medium
CVEs:
- CVE-2023-43785
- CVE-2023-43786
- CVE-2023-43787
- CVE-2023-43786
- CVE-2023-43785
- CVE-2023-43787
621.699
Release Date: September 28, 2023
Metadata:
BOSH Agent Version: 2.268.177
USNs:
Title: USN-6360-2: FLAC vulnerability
URL: https://ubuntu.com/security/notices/USN-6360-2
Priorities: medium
CVEs:
- CVE-2020-22219
Title: USN-6396-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6396-1
Priorities: medium,low,high
CVEs:
- CVE-2022-27672
- CVE-2022-40982
- CVE-2023-3212
- CVE-2023-3863
- CVE-2023-40283
- CVE-2023-4128
- CVE-2022-27672
- CVE-2022-40982
- CVE-2023-3863
- CVE-2023-3212
- CVE-2023-40283
- CVE-2023-4128
Title: USN-6388-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6388-1
Priorities: medium,low,high
CVEs:
- CVE-2022-40982
- CVE-2023-3212
- CVE-2023-32269
- CVE-2023-3863
- CVE-2023-40283
- CVE-2023-4128
- CVE-2023-4385
- CVE-2023-4387
- CVE-2023-4459
- CVE-2023-32269
- CVE-2023-4385
- CVE-2023-3212
- CVE-2023-4387
- CVE-2023-3863
- CVE-2023-4459
- CVE-2023-4128
- CVE-2022-40982
- CVE-2023-40283
Title: USN-6393-1: ImageMagick vulnerability
URL: https://ubuntu.com/security/notices/USN-6393-1
Priorities: low
CVEs:
- CVE-2022-48541
Title: USN-6394-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-6394-1
Priorities: medium
CVEs:
- CVE-2022-48560
Title: USN-6365-2: Open VM Tools vulnerability
URL: https://ubuntu.com/security/notices/USN-6365-2
Priorities: medium
CVEs:
- CVE-2023-20900
Title: USN-6190-2: AccountsService vulnerability
URL: https://ubuntu.com/security/notices/USN-6190-2
Priorities: medium
CVEs:
- CVE-2023-3297
Title: USN-6391-2: CUPS vulnerability
URL: https://ubuntu.com/security/notices/USN-6391-2
Priorities: medium
CVEs:
- CVE-2023-4504
621.687
Release Date: September 20, 2023
Metadata:
BOSH Agent Version: 2.268.173
USNs:
Title: USN-6380-1: Node.js vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6380-1
Priorities: medium
CVEs:
- CVE-2019-15604
- CVE-2019-15605
- CVE-2019-15606
- CVE-2020-8174
- CVE-2020-8265
- CVE-2020-8287
- CVE-2019-15604
- CVE-2019-15606
- CVE-2020-8265
- CVE-2019-15605
- CVE-2020-8287
- CVE-2020-8174
Title: USN-6356-1: OpenDMARC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6356-1
Priorities: low,medium
CVEs:
- CVE-2020-12272
- CVE-2020-12460
- CVE-2020-12460
- CVE-2020-12272
Title: USN-6381-1: GNU binutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6381-1
Priorities: medium
CVEs:
- CVE-2020-19724
- CVE-2020-21490
- CVE-2020-19726
- CVE-2021-46174
- CVE-2022-45703
- CVE-2020-35342
- CVE-2022-44840
- CVE-2022-47695
- CVE-2020-19726
- CVE-2020-35342
- CVE-2022-44840
- CVE-2020-21490
- CVE-2022-45703
- CVE-2021-46174
- CVE-2020-19724
- CVE-2022-47695
Title: USN-6364-1: Ghostscript vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6364-1
Priorities: medium
CVEs:
- CVE-2020-21710
- CVE-2020-21890
- CVE-2020-21890
- CVE-2020-21710
Title: USN-6371-1: libssh2 vulnerability
URL: https://ubuntu.com/security/notices/USN-6371-1
Priorities: medium
CVEs:
- CVE-2020-22218
Title: USN-6370-1: ModSecurity vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6370-1
Priorities: medium
CVEs:
- CVE-2021-42717
- CVE-2022-48279
- CVE-2023-24021
- CVE-2021-42717
- CVE-2023-24021
- CVE-2022-48279
Title: USN-6388-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6388-1
Priorities: medium,low,high
CVEs:
- CVE-2022-40982
- CVE-2023-3212
- CVE-2023-32269
- CVE-2023-3863
- CVE-2023-40283
- CVE-2023-4128
- CVE-2023-4385
- CVE-2023-4387
- CVE-2023-4459
- CVE-2023-32269
- CVE-2023-4385
- CVE-2023-3212
- CVE-2023-4387
- CVE-2023-3863
- CVE-2023-4459
- CVE-2023-4128
- CVE-2022-40982
- CVE-2023-40283
Title: USN-6342-2: Linux kernel (Azure)
URL: https://ubuntu.com/security/notices/USN-6342-2
Priorities: high,medium,low
CVEs:
- CVE-2023-20593
- CVE-2023-2269
- CVE-2023-2985
- CVE-2023-31084
- CVE-2023-3611
- CVE-2023-3776
- CVE-2023-3611
- CVE-2023-2269
- CVE-2023-2985
- CVE-2023-31084
- CVE-2023-3776
- CVE-2023-20593
Title: USN-6237-3: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6237-3
Priorities: low,medium
CVEs:
- CVE-2023-28321
- CVE-2023-28322
- CVE-2023-32001
- CVE-2023-28322
- CVE-2023-28321
Title: USN-6164-2: c-ares vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6164-2
Priorities: medium
CVEs:
- CVE-2023-31130
- CVE-2023-32067
- CVE-2023-32067
- CVE-2023-31130
Title: USN-6358-1: RedCloth vulnerability
URL: https://ubuntu.com/security/notices/USN-6358-1
Priorities: medium
CVEs:
- CVE-2023-31606
Title: USN-6372-1: DBus vulnerability
URL: https://ubuntu.com/security/notices/USN-6372-1
Priorities: low
CVEs:
- CVE-2023-34969
Title: USN-6366-1: PostgreSQL vulnerability
URL: https://ubuntu.com/security/notices/USN-6366-1
Priorities: medium
CVEs:
- CVE-2023-39417
Title: USN-6373-1: gawk vulnerability
URL: https://ubuntu.com/security/notices/USN-6373-1
Priorities: medium
CVEs:
- CVE-2023-4156
Title: USN-6374-1: Mutt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6374-1
Priorities: medium
CVEs:
- CVE-2023-4874
- CVE-2023-4875
- CVE-2023-4874
- CVE-2023-4875
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-trusty/v3586.153…ubuntu-xenial/v621.687
621.676
Release Date: September 07, 2023
Metadata:
BOSH Agent Version: 2.268.170
USNs:
Title: USN-6336-1: Docker Registry vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6336-1
Priorities: low,medium
CVEs:
- CVE-2017-11468
- CVE-2017-11468
- CVE-2023-2253
- CVE-2017-11468
Title: USN-6322-1: elfutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6322-1
Priorities: low,medium
CVEs:
- CVE-2018-16062
- CVE-2018-16403
- CVE-2018-18310
- CVE-2018-18520
- CVE-2018-18521
- CVE-2019-7149
- CVE-2019-7150
- CVE-2019-7665
- CVE-2020-21047
- CVE-2021-33294
- CVE-2021-33294
- CVE-2020-21047
- CVE-2018-18521
- CVE-2018-18520
- CVE-2019-7665
- CVE-2018-16062
- CVE-2019-7150
- CVE-2018-16403
- CVE-2019-7149
- CVE-2018-18310
Title: USN-6334-1: atftp vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6334-1
Priorities: medium
CVEs:
- CVE-2020-6097
- CVE-2021-41054
- CVE-2021-46671
- CVE-2020-6097
- CVE-2021-46671
- CVE-2021-41054
Title: USN-6335-1: BusyBox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6335-1
Priorities: low,medium
CVEs:
- CVE-2021-28831
- CVE-2022-48174
- CVE-2022-48174
- CVE-2021-28831
Title: USN-6313-1: FAAD2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6313-1
Priorities: medium
CVEs:
- CVE-2021-32272
- CVE-2021-32273
- CVE-2021-32274
- CVE-2021-32277
- CVE-2021-32278
- CVE-2023-38857
- CVE-2023-38858
- CVE-2021-32276
- CVE-2021-32276
- CVE-2021-32278
- CVE-2023-38857
- CVE-2021-32273
- CVE-2021-32274
- CVE-2021-32277
- CVE-2023-38858
- CVE-2021-32272
Title: USN-6353-1: PLIB vulnerability
URL: https://ubuntu.com/security/notices/USN-6353-1
Priorities: medium
CVEs:
- CVE-2021-38714
Title: USN-6354-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-6354-1
Priorities: medium
CVEs:
- CVE-2022-48565
Title: USN-6319-1: AMD Microcode vulnerability
URL: https://ubuntu.com/security/notices/USN-6319-1
Priorities: medium
CVEs:
- CVE-2023-20569
Title: USN-6342-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6342-1
Priorities: high,medium,low
CVEs:
- CVE-2023-20593
- CVE-2023-2269
- CVE-2023-2985
- CVE-2023-31084
- CVE-2023-3611
- CVE-2023-3776
- CVE-2023-2985
- CVE-2023-2269
- CVE-2023-3776
- CVE-2023-31084
- CVE-2023-3611
- CVE-2023-20593
Title: USN-6327-1: Linux kernel (KVM) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6327-1
Priorities: medium,low,high
CVEs:
- CVE-2023-2269
- CVE-2023-2985
- CVE-2023-31084
- CVE-2023-3567
- CVE-2023-3611
- CVE-2023-3776
- CVE-2023-3611
- CVE-2023-2269
- CVE-2023-3567
- CVE-2023-3776
- CVE-2023-2985
- CVE-2023-31084
Title: LSN-0097-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0097-1
Priorities: high
CVEs:
- CVE-2023-3090
- CVE-2023-3389
- CVE-2023-3390
- CVE-2023-31248
- CVE-2023-32629
- CVE-2023-35001
- CVE-2023-35788
- CVE-2023-31248
- CVE-2023-32629
- CVE-2023-3090
- CVE-2023-3390
- CVE-2023-35788
- CVE-2023-35001
- CVE-2023-3389
Title: USN-6345-1: SoX vulnerability
URL: https://ubuntu.com/security/notices/USN-6345-1
Priorities: medium
CVEs:
- CVE-2023-32627
Title: USN-6326-1: GitPython vulnerability
URL: https://ubuntu.com/security/notices/USN-6326-1
Priorities: medium
CVEs:
- CVE-2023-40267
621.655
Release Date: August 29, 2023
Metadata:
BOSH Agent Version: 2.268.165
USNs:
Title: USN-6291-1: GStreamer vulnerability
URL: https://ubuntu.com/security/notices/USN-6291-1
Priorities: low
CVEs:
- CVE-2017-5838
Title: USN-6298-1: ZZIPlib vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6298-1
Priorities: low
CVEs:
- CVE-2018-7727
- CVE-2020-18442
- CVE-2020-18442
- CVE-2018-7727
Title: USN-6303-2: ClamAV vulnerability
URL: https://ubuntu.com/security/notices/USN-6303-2
Priorities: medium
CVEs:
- CVE-2023-20197
Title: USN-6309-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6309-1
Priorities: medium,low,high
CVEs:
- CVE-2023-2269
- CVE-2023-2985
- CVE-2023-31084
- CVE-2023-3567
- CVE-2023-3611
- CVE-2023-3776
- CVE-2023-3776
- CVE-2023-31084
- CVE-2023-3611
- CVE-2023-2985
- CVE-2023-3567
- CVE-2023-2269
Title: USN-6297-1: Ghostscript vulnerability
URL: https://ubuntu.com/security/notices/USN-6297-1
Priorities: medium
CVEs:
- CVE-2023-38559
621.644
Release Date: August 17, 2023
Metadata:
BOSH Agent Version: 2.268.161
USNs:
Title: USN-6265-1: RabbitMQ vulnerability
URL: https://ubuntu.com/security/notices/USN-6265-1
Priorities: low
CVEs:
- CVE-2017-4966
Title: USN-6276-1: unixODBC vulnerability
URL: https://ubuntu.com/security/notices/USN-6276-1
Priorities: low
CVEs:
- CVE-2018-7409
Title: USN-6262-1: Wireshark vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6262-1
Priorities: low,medium
CVEs:
- CVE-2020-13164
- CVE-2020-15466
- CVE-2020-17498
- CVE-2020-25862
- CVE-2020-25863
- CVE-2020-13164
- CVE-2020-17498
- CVE-2020-15466
- CVE-2020-25863
- CVE-2020-25862
Title: USN-6281-1: Velocity Engine vulnerability
URL: https://ubuntu.com/security/notices/USN-6281-1
Priorities: medium
CVEs:
- CVE-2020-13936
Title: USN-6282-1: Velocity Tools vulnerability
URL: https://ubuntu.com/security/notices/USN-6282-1
Priorities: medium
CVEs:
- CVE-2020-13959
Title: USN-6259-1: Open-iSCSI vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6259-1
Priorities: low
CVEs:
- CVE-2020-13987
- CVE-2020-13988
- CVE-2020-17437
- CVE-2020-13988
- CVE-2020-13987
- CVE-2020-17437
Title: USN-5193-3: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5193-3
Priorities: medium
CVEs:
- CVE-2021-4011
- CVE-2021-4008
- CVE-2021-4009
Title: USN-6287-1: Go yaml vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6287-1
Priorities: medium
CVEs:
- CVE-2021-4235
- CVE-2022-3064
- CVE-2022-3064
- CVE-2021-4235
Title: USN-6252-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6252-1
Priorities: medium,low,high
CVEs:
- CVE-2022-1184
- CVE-2022-3303
- CVE-2023-1611
- CVE-2023-1670
- CVE-2023-1859
- CVE-2023-1990
- CVE-2023-2124
- CVE-2023-3090
- CVE-2023-3111
- CVE-2023-3141
- CVE-2023-3268
- CVE-2023-3390
- CVE-2023-35001
- CVE-2023-3390
- CVE-2023-1990
- CVE-2023-3268
- CVE-2023-1670
- CVE-2022-1184
- CVE-2023-1859
- CVE-2023-3141
- CVE-2023-3111
- CVE-2023-2124
- CVE-2023-35001
- CVE-2023-3090
- CVE-2022-3303
- CVE-2023-1611
Title: USN-6270-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6270-1
Priorities: medium,low
CVEs:
- CVE-2022-2182
- CVE-2022-2208
- CVE-2022-2210
- CVE-2022-2231
- CVE-2022-2257
- CVE-2022-2264
- CVE-2022-2284
- CVE-2022-2289
- CVE-2022-2285
- CVE-2022-2286
- CVE-2022-2287
- CVE-2022-2208
- CVE-2022-2182
- CVE-2022-2264
- CVE-2022-2286
- CVE-2022-2287
- CVE-2022-2231
- CVE-2022-2210
- CVE-2022-2285
- CVE-2022-2289
- CVE-2022-2284
- CVE-2022-2257
Title: USN-6271-1: MaraDNS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6271-1
Priorities: medium
CVEs:
- CVE-2022-30256
- CVE-2023-31137
- CVE-2023-31137
- CVE-2022-30256
Title: USN-6286-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6286-1
Priorities: medium
CVEs:
- CVE-2022-40982
- CVE-2022-41804
- CVE-2023-23908
- CVE-2022-40982
- CVE-2023-23908
- CVE-2022-41804
Title: USN-6290-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6290-1
Priorities: medium,low
CVEs:
- CVE-2022-48281
- CVE-2023-2731
- CVE-2023-2908
- CVE-2023-3316
- CVE-2023-3618
- CVE-2023-25433
- CVE-2023-26966
- CVE-2023-26965
- CVE-2023-38288
- CVE-2023-38289
- CVE-2022-48281
- CVE-2023-2908
- CVE-2023-3316
- CVE-2023-3618
- CVE-2023-38288
- CVE-2023-25433
- CVE-2023-38289
- CVE-2023-2731
- CVE-2023-26966
- CVE-2023-26965
Title: USN-6254-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6254-1
Priorities: medium,low,high
CVEs:
- CVE-2023-0458
- CVE-2023-1611
- CVE-2023-2124
- CVE-2023-2162
- CVE-2023-2513
- CVE-2023-3090
- CVE-2023-3141
- CVE-2023-3159
- CVE-2023-3161
- CVE-2023-3268
- CVE-2023-3390
- CVE-2023-35001
- CVE-2023-2513
- CVE-2023-3268
- CVE-2023-3390
- CVE-2023-2162
- CVE-2023-3141
- CVE-2023-0458
- CVE-2023-3159
- CVE-2023-3161
- CVE-2023-35001
- CVE-2023-2124
- CVE-2023-3090
- CVE-2023-1611
Title: USN-6257-1: Open VM Tools vulnerability
URL: https://ubuntu.com/security/notices/USN-6257-1
Priorities: low
CVEs:
- CVE-2023-20867
- CVE-2023-20867
Title: USN-6263-1: OpenJDK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6263-1
Priorities: medium,low
CVEs:
- CVE-2023-22006
- CVE-2023-22036
- CVE-2023-22041
- CVE-2023-22044
- CVE-2023-22045
- CVE-2023-22049
- CVE-2023-25193
- CVE-2023-22045
- CVE-2023-22036
- CVE-2023-22044
- CVE-2023-25193
- CVE-2023-22049
- CVE-2023-22006
- CVE-2023-22041
Title: USN-6274-1: XMLTooling vulnerability
URL: https://ubuntu.com/security/notices/USN-6274-1
Priorities: medium
CVEs:
- CVE-2023-36661
Title: USN-6242-2: OpenSSH vulnerability
URL: https://ubuntu.com/security/notices/USN-6242-2
Priorities: medium
CVEs:
- CVE-2023-38408
Title: USN-6275-1: Cargo vulnerability
URL: https://ubuntu.com/security/notices/USN-6275-1
Priorities: medium
CVEs:
- CVE-2023-38497
621.615
Release Date: July 26, 2023
Metadata:
BOSH Agent Version: 2.268.150
USNs:
Title: USN-6233-1: YAJL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6233-1
Priorities: low,medium
CVEs:
- CVE-2017-16516
- CVE-2022-24795
- CVE-2023-33460
- CVE-2023-33460
- CVE-2022-24795
- CVE-2017-16516
Title: USN-6232-1: wkhtmltopdf vulnerability
URL: https://ubuntu.com/security/notices/USN-6232-1
Priorities: medium
CVEs:
- CVE-2020-21365
Title: USN-6236-1: ConnMan vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6236-1
Priorities: medium
CVEs:
- CVE-2021-26675
- CVE-2021-33833
- CVE-2021-26676
- CVE-2022-23096
- CVE-2022-23097
- CVE-2022-23098
- CVE-2022-32292
- CVE-2022-32293
- CVE-2023-28488
- CVE-2021-26676
- CVE-2022-32293
- CVE-2023-28488
- CVE-2022-23098
- CVE-2021-26675
- CVE-2021-33833
- CVE-2022-23097
- CVE-2022-23096
- CVE-2022-32292
Title: USN-6239-1: ECDSA Util vulnerability
URL: https://ubuntu.com/security/notices/USN-6239-1
Priorities: medium
CVEs:
- CVE-2022-24884
Title: USN-6244-1: AMD Microcode vulnerability
URL: https://ubuntu.com/security/notices/USN-6244-1
Priorities: high
CVEs:
- CVE-2023-20593
Title: USN-6183-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-6183-2
Priorities: medium
CVEs:
- CVE-2023-2828
- CVE-2023-2911
- CVE-2023-2828
621.609
Release Date: July 19, 2023
Metadata:
BOSH Agent Version: 2.268.149
USNs:
Title: USN-6200-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6200-1
Priorities: negligible,medium,low
CVEs:
- CVE-2020-29599
- CVE-2021-20224
- CVE-2021-20241
- CVE-2021-20243
- CVE-2021-20244
- CVE-2021-20309
- CVE-2021-20246
- CVE-2021-20312
- CVE-2021-20313
- CVE-2021-39212
- CVE-2022-28463
- CVE-2022-32545
- CVE-2022-32546
- CVE-2022-32547
- CVE-2021-3610
- CVE-2023-1906
- CVE-2023-3428
- CVE-2023-1289
- CVE-2023-3195
- CVE-2023-34151
- CVE-2023-1289
- CVE-2021-20243
- CVE-2021-20246
- CVE-2021-3610
- CVE-2021-20224
- CVE-2021-20312
- CVE-2023-3428
- CVE-2021-20313
- CVE-2021-20309
- CVE-2021-39212
- CVE-2021-20241
- CVE-2023-3195
- CVE-2022-32545
- CVE-2022-28463
- CVE-2021-20244
- CVE-2023-1906
- CVE-2023-34151
- CVE-2020-29599
- CVE-2022-32547
- CVE-2022-32546
Title: USN-6221-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6221-1
Priorities: medium,low
CVEs:
- CVE-2021-20321
- CVE-2021-3753
- CVE-2022-1184
- CVE-2022-26373
- CVE-2022-29901
- CVE-2023-1990
- CVE-2023-3111
- CVE-2022-29901
- CVE-2022-26373
- CVE-2023-3111
- CVE-2021-20321
- CVE-2023-1990
- CVE-2021-3753
- CVE-2022-1184
Title: USN-6225-1: Knot Resolver vulnerability
URL: https://ubuntu.com/security/notices/USN-6225-1
Priorities: medium
CVEs:
- CVE-2022-40188
Title: USN-6230-1: PostgreSQL vulnerability
URL: https://ubuntu.com/security/notices/USN-6230-1
Priorities: medium
CVEs:
- CVE-2023-2454
Title: USN-6198-1: GNU Screen vulnerability
URL: https://ubuntu.com/security/notices/USN-6198-1
Priorities: low
CVEs:
- CVE-2023-24626
Title: USN-6202-1: containerd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6202-1
Priorities: medium
CVEs:
- CVE-2023-25153
- CVE-2023-25173
- CVE-2023-25153
- CVE-2023-25173
Title: USN-6229-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6229-1
Priorities: medium,low
CVEs:
- CVE-2023-25433
- CVE-2023-26965
- CVE-2023-26966
- CVE-2023-3316
- CVE-2023-25433
- CVE-2023-26965
- CVE-2023-3316
- CVE-2023-26966
Title: USN-6219-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6219-1
Priorities: medium
CVEs:
- CVE-2023-28755
- CVE-2023-28755
- CVE-2023-36617
- CVE-2023-36617
- CVE-2023-28755
Title: USN-6197-1: OpenLDAP vulnerability
URL: https://ubuntu.com/security/notices/USN-6197-1
Priorities: low
CVEs:
- CVE-2023-2953
Title: USN-6210-1: Doorkeeper vulnerability
URL: https://ubuntu.com/security/notices/USN-6210-1
Priorities: high
CVEs:
- CVE-2023-34246
621.584
Release Date: June 26, 2023
Metadata:
BOSH Agent Version: 2.268.145
USNs:
Title: USN-6180-1: VLC media player vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6180-1
Priorities: low,medium
CVEs:
- CVE-2019-19721
- CVE-2020-13428
- CVE-2021-25801
- CVE-2021-25802
- CVE-2021-25803
- CVE-2021-25804
- CVE-2022-41325
- CVE-2021-25801
- CVE-2021-25802
- CVE-2022-41325
- CVE-2019-19721
- CVE-2021-25804
- CVE-2021-25803
- CVE-2020-13428
Title: USN-6182-1: pngcheck vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6182-1
Priorities: medium
CVEs:
- CVE-2020-27818
- CVE-2020-35511
Title: USN-6163-1: pano13 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6163-1
Priorities: medium
CVEs:
- CVE-2021-20307
- CVE-2021-33293
- CVE-2021-20307
- CVE-2021-33293
Title: USN-6167-1: QEMU vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6167-1
Priorities: low,medium
CVEs:
- CVE-2022-1050
- CVE-2022-4144
- CVE-2022-4172
- CVE-2023-0330
- CVE-2022-4172
- CVE-2022-4144
- CVE-2022-1050
- CVE-2023-0330
Title: USN-6169-1: GNU SASL vulnerability
URL: https://ubuntu.com/security/notices/USN-6169-1
Priorities: low
CVEs:
- CVE-2022-2469
Title: USN-6176-1: PyPDF2 vulnerability
URL: https://ubuntu.com/security/notices/USN-6176-1
Priorities: medium
CVEs:
- CVE-2022-24859
Title: USN-6179-1: Jettison vulnerability
URL: https://ubuntu.com/security/notices/USN-6179-1
Priorities: medium
CVEs:
- CVE-2023-1436
Title: USN-6154-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6154-1
Priorities: medium
CVEs:
- CVE-2023-2426
- CVE-2023-2609
- CVE-2023-2610
- CVE-2023-2609
- CVE-2023-2610
- CVE-2023-2426
Title: USN-6083-2: cups-filters vulnerability
URL: https://ubuntu.com/security/notices/USN-6083-2
Priorities: medium
CVEs:
- CVE-2023-24805
Title: USN-6166-2: libcap2 vulnerability
URL: https://ubuntu.com/security/notices/USN-6166-2
Priorities: medium
CVEs:
- CVE-2023-2603
- CVE-2023-2603
Title: USN-6188-1: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-6188-1
Priorities: medium
CVEs:
- CVE-2023-2650
Title: USN-6159-1: Tornado vulnerability
URL: https://ubuntu.com/security/notices/USN-6159-1
Priorities: medium
CVEs:
- CVE-2023-28370
Title: USN-6168-2: libx11 vulnerability
URL: https://ubuntu.com/security/notices/USN-6168-2
Priorities: medium
CVEs:
- CVE-2023-3138
Title: USN-6155-2: Requests vulnerability
URL: https://ubuntu.com/security/notices/USN-6155-2
Priorities: medium
CVEs:
- CVE-2023-32681
621.561
Release Date: June 09, 2023
Metadata:
BOSH Agent Version: 2.268.141
USNs:
Title: USN-6146-1: Netatalk vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6146-1
Priorities: medium,high
CVEs:
- CVE-2021-31439
- CVE-2022-0194
- CVE-2022-23121
- CVE-2022-23122
- CVE-2022-23123
- CVE-2022-23124
- CVE-2022-23125
- CVE-2022-43634
- CVE-2022-45188
- CVE-2022-23123
- CVE-2022-43634
- CVE-2022-23122
- CVE-2021-31439
- CVE-2022-23121
- CVE-2022-23124
- CVE-2022-23125
- CVE-2022-0194
- CVE-2022-45188
Title: USN-6145-1: Sysstat vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6145-1
Priorities: medium
CVEs:
- CVE-2022-39377
- CVE-2022-39377
- CVE-2023-33204
- CVE-2023-33204
- CVE-2022-39377
Title: USN-6149-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6149-1
Priorities: high,medium
CVEs:
- CVE-2023-32233
- CVE-2023-31436
- CVE-2023-30456
- CVE-2023-1380
- CVE-2023-1073
- CVE-2023-28328
- CVE-2023-32233
- CVE-2023-28328
- CVE-2023-1073
- CVE-2023-30456
- CVE-2023-1380
- CVE-2023-31436
621.553
Release Date: June 06, 2023
Metadata:
BOSH Agent Version: 2.268.141
USNs:
Title: USN-6117-1: Apache Batik vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6117-1
Priorities: medium
CVEs:
- CVE-2019-17566
- CVE-2020-11987
- CVE-2022-38398
- CVE-2022-38648
- CVE-2022-40146
- CVE-2022-41704
- CVE-2022-42890
- CVE-2022-40146
- CVE-2020-11987
- CVE-2022-41704
- CVE-2022-38648
- CVE-2022-38398
- CVE-2019-17566
- CVE-2022-42890
Title: USN-6099-1: ncurses vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6099-1
Priorities: negligible,medium
CVEs:
- CVE-2019-17594
- CVE-2019-17595
- CVE-2021-39537
- CVE-2022-29458
- CVE-2023-29491
- CVE-2021-39537
- CVE-2023-29491
- CVE-2022-29458
- CVE-2019-17594
- CVE-2019-17595
Title: USN-6098-1: Jhead vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6098-1
Priorities: medium,low
CVEs:
- CVE-2019-19035
- CVE-2019-1010301
- CVE-2019-1010302
- CVE-2020-6624
- CVE-2020-6625
- CVE-2020-26208
- CVE-2021-28276
- CVE-2021-28278
- CVE-2019-1010302
- CVE-2021-28278
- CVE-2019-1010301
- CVE-2020-6624
- CVE-2020-26208
- CVE-2019-19035
- CVE-2020-6625
- CVE-2021-28276
Title: USN-6088-2: runC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6088-2
Priorities: medium,low
CVEs:
- CVE-2019-19921
- CVE-2021-43784
- CVE-2022-29162
- CVE-2023-25809
- CVE-2023-27561
- CVE-2023-28642
- CVE-2022-29162
- CVE-2023-25809
- CVE-2023-28642
- CVE-2021-43784
- CVE-2023-27561
- CVE-2019-19921
Title: USN-6142-1: nghttp2 vulnerability
URL: https://ubuntu.com/security/notices/USN-6142-1
Priorities: medium
CVEs:
- CVE-2020-11080
Title: USN-5725-2: Go vulnerability
URL: https://ubuntu.com/security/notices/USN-5725-2
Priorities: low
CVEs:
- CVE-2020-16845
Title: USN-6108-1: Jhead vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6108-1
Priorities: medium
CVEs:
- CVE-2021-34055
- CVE-2022-41751
- CVE-2022-41751
- CVE-2021-34055
Title: USN-6110-1: Jhead vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6110-1
Priorities: medium
CVEs:
- CVE-2021-3496
- CVE-2021-28275
- CVE-2021-28275
- CVE-2021-28277
- CVE-2021-28275
- CVE-2021-3496
Title: USN-6097-1: Linux PTP vulnerability
URL: https://ubuntu.com/security/notices/USN-6097-1
Priorities: medium
CVEs:
- CVE-2021-3570
Title: USN-6125-1: snapd vulnerability
URL: https://ubuntu.com/security/notices/USN-6125-1
Priorities: medium
CVEs:
- CVE-2023-1523
Title: USN-6101-1: GNU binutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6101-1
Priorities: medium,low
CVEs:
- CVE-2023-1579
- CVE-2023-1972
- CVE-2023-25584
- CVE-2023-25585
- CVE-2023-25588
- CVE-2023-1972
- CVE-2023-25588
- CVE-2023-25585
- CVE-2023-25584
- CVE-2023-1579
Title: USN-6100-1: HTML::StripScripts vulnerability
URL: https://ubuntu.com/security/notices/USN-6100-1
Priorities: medium
CVEs:
- CVE-2023-24038
Title: USN-6139-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-6139-1
Priorities: medium
CVEs:
- CVE-2023-24329
- CVE-2023-24329
Title: USN-6005-2: Sudo vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6005-2
Priorities: medium
CVEs:
- CVE-2023-28486
- CVE-2023-28487
Title: USN-6054-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-6054-2
Priorities: low
CVEs:
- CVE-2023-31047
Title: USN-6112-1: Perl vulnerability
URL: https://ubuntu.com/security/notices/USN-6112-1
Priorities: medium
CVEs:
- CVE-2023-31484
Title: USN-6130-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6130-1
Priorities: high
CVEs:
- CVE-2023-32233
- CVE-2023-31436
- CVE-2023-30456
- CVE-2023-1380
- CVE-2023-30456
- CVE-2023-1380
- CVE-2023-32233
- CVE-2023-31436
Title: USN-6128-2: CUPS vulnerability
URL: https://ubuntu.com/security/notices/USN-6128-2
Priorities: medium
CVEs:
- CVE-2023-32324
621.543
Release Date: May 22, 2023
Metadata:
BOSH Agent Version: 2.268.139
USNs:
Title: USN-6065-1: css-what vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6065-1
Priorities: medium
CVEs:
- CVE-2021-33587
- CVE-2022-21222
- CVE-2022-21222
- CVE-2021-33587
Title: USN-6082-1: EventSource vulnerability
URL: https://ubuntu.com/security/notices/USN-6082-1
Priorities: medium
CVEs:
- CVE-2022-1650
Title: USN-6081-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6081-1
Priorities: medium,low,negligible
CVEs:
- CVE-2023-0459
- CVE-2023-1513
- CVE-2023-2162
- CVE-2023-32269
- CVE-2023-1118
- CVE-2023-1513
- CVE-2023-1118
- CVE-2023-32269
- CVE-2023-0459
- CVE-2023-2162
Title: USN-6084-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6084-1
Priorities: medium,low,negligible
CVEs:
- CVE-2023-0459
- CVE-2023-1513
- CVE-2023-2162
- CVE-2023-32269
- CVE-2023-1118
- CVE-2023-1513
- CVE-2023-1118
- CVE-2023-32269
- CVE-2023-0459
- CVE-2023-2162
Title: USN-6092-1: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6092-1
Priorities: medium,low,negligible
CVEs:
- CVE-2023-0459
- CVE-2023-1513
- CVE-2023-2162
- CVE-2023-32269
- CVE-2023-1118
- CVE-2023-32269
- CVE-2023-2162
- CVE-2023-1118
- CVE-2023-1513
- CVE-2023-0459
Title: USN-6053-1: PHP vulnerability
URL: https://ubuntu.com/security/notices/USN-6053-1
Priorities: medium
CVEs:
- CVE-2023-0567
Title: USN-6058-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-6058-1
Priorities: high
CVEs:
- CVE-2023-1829
Title: USN-6060-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6060-2
Priorities: medium
CVEs:
- CVE-2023-21912
- CVE-2023-21980
Title: USN-6050-2: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-6050-2
Priorities: medium
CVEs:
- CVE-2023-25652
- CVE-2023-29007
- CVE-2023-25652
- CVE-2023-29007
- CVE-2023-25652
- CVE-2023-29007
Title: USN-6055-2: Ruby regression
URL: https://ubuntu.com/security/notices/USN-6055-2
Priorities: medium
CVEs:
- CVE-2023-28755
- CVE-2023-28755
- CVE-2023-28755
Title: USN-6055-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6055-1
Priorities: medium
CVEs:
- CVE-2023-28755
- CVE-2023-28756
- CVE-2023-28755
- CVE-2023-28756
Title: USN-6087-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6087-1
Priorities: medium
CVEs:
- CVE-2023-28755
- CVE-2023-28756
- CVE-2023-28756
- CVE-2023-28755
621.508
Release Date: April 28, 2023
Metadata:
BOSH Agent Version: 2.268.135
USNs:
Title: USN-6035-1: KAuth vulnerability
URL: https://ubuntu.com/security/notices/USN-6035-1
Priorities: medium
CVEs:
- CVE-2019-7443
Title: USN-6039-1: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6039-1
Priorities: low,negligible
CVEs:
- CVE-2022-3996
- CVE-2023-0464
- CVE-2023-0465
- CVE-2023-0466
- CVE-2022-3996
- CVE-2023-0464
- CVE-2023-0466
Title: USN-6042-1: Cloud-init vulnerability
URL: https://ubuntu.com/security/notices/USN-6042-1
Priorities: medium
CVEs:
- CVE-2023-1786
Title: USN-6047-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-6047-1
Priorities: high
CVEs:
- CVE-2023-1829
Title: USN-6045-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6045-1
Priorities: high,medium,low
CVEs:
- CVE-2023-1829
- CVE-2022-3586
- CVE-2022-4095
- CVE-2023-1390
- CVE-2023-1670
- CVE-2022-3586
- CVE-2023-1829
- CVE-2023-1670
- CVE-2023-1390
- CVE-2022-4095
Title: USN-6034-1: Dnsmasq vulnerability
URL: https://ubuntu.com/security/notices/USN-6034-1
Priorities: low
CVEs:
- CVE-2023-28450
621.499
Release Date: April 19, 2023
Metadata:
BOSH Agent Version: 2.268.134
USNs:
Title: USN-6022-1: Kamailio vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6022-1
Priorities: medium
CVEs:
- CVE-2018-16657
- CVE-2020-27507
- CVE-2020-27507
- CVE-2018-16657
Title: USN-6014-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6014-1
Priorities: medium,low,negligible
CVEs:
- CVE-2020-36516
- CVE-2021-26401
- CVE-2021-28711
- CVE-2021-28712
- CVE-2021-28713
- CVE-2021-3428
- CVE-2021-3659
- CVE-2021-3669
- CVE-2021-3732
- CVE-2021-3772
- CVE-2021-4149
- CVE-2021-4203
- CVE-2021-45868
- CVE-2022-0487
- CVE-2022-0494
- CVE-2022-0617
- CVE-2022-1016
- CVE-2022-1195
- CVE-2022-1205
- CVE-2022-1462
- CVE-2022-1516
- CVE-2022-1974
- CVE-2022-1975
- CVE-2022-20132
- CVE-2022-20572
- CVE-2022-2503
- CVE-2022-2318
- CVE-2022-2380
- CVE-2022-2663
- CVE-2022-2991
- CVE-2022-3061
- CVE-2022-3111
- CVE-2022-3303
- CVE-2022-3628
- CVE-2022-36280
- CVE-2022-3646
- CVE-2022-36879
- CVE-2022-3903
- CVE-2022-39188
- CVE-2022-41218
- CVE-2022-41849
- CVE-2022-41850
- CVE-2022-4662
- CVE-2022-47929
- CVE-2023-0394
- CVE-2023-1074
- CVE-2023-1095
- CVE-2023-23455
- CVE-2023-26545
- CVE-2023-26607
- CVE-2023-1118
- CVE-2023-1095
- CVE-2021-3772
- CVE-2021-45868
- CVE-2022-36280
- CVE-2021-4149
- CVE-2022-1462
- CVE-2021-28711
- CVE-2022-4662
- CVE-2023-26545
- CVE-2022-3061
- CVE-2022-2663
- CVE-2022-3628
- CVE-2022-1516
- CVE-2022-36879
- CVE-2022-41218
- CVE-2022-47929
- CVE-2021-26401
- CVE-2022-39188
- CVE-2022-1974
- CVE-2022-3111
- CVE-2023-23455
- CVE-2022-0617
- CVE-2020-36516
- CVE-2023-1118
- CVE-2023-26607
- CVE-2022-3646
- CVE-2023-0394
- CVE-2021-4203
- CVE-2022-2380
- CVE-2022-0487
- CVE-2022-41849
- CVE-2023-1074
- CVE-2022-1195
- CVE-2022-20572
- CVE-2022-1205
- CVE-2021-3732
- CVE-2022-1975
- CVE-2022-0494
- CVE-2021-3428
- CVE-2021-28712
- CVE-2022-3303
- CVE-2021-28713
- CVE-2021-3669
- CVE-2022-2503
- CVE-2022-2991
- CVE-2022-3903
- CVE-2022-2318
- CVE-2022-41850
- CVE-2022-1016
- CVE-2021-3659
- CVE-2022-20132
Title: USN-6009-1: Linux kernel (GCP) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6009-1
Priorities: low,medium
CVEs:
- CVE-2021-3669
- CVE-2022-3424
- CVE-2022-36280
- CVE-2022-41218
- CVE-2022-47929
- CVE-2023-0045
- CVE-2023-0266
- CVE-2023-0394
- CVE-2023-23455
- CVE-2023-23559
- CVE-2023-28328
- CVE-2023-23559
- CVE-2023-0394
- CVE-2022-3424
- CVE-2022-36280
- CVE-2023-23455
- CVE-2023-28328
- CVE-2022-47929
- CVE-2023-0266
- CVE-2021-3669
- CVE-2023-0045
- CVE-2022-41218
Title: USN-5855-4: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5855-4
Priorities: medium
CVEs:
- CVE-2022-44267
- CVE-2022-44268
Title: USN-6007-1: Linux kernel (GCP) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6007-1
Priorities: high,medium,low
CVEs:
- CVE-2023-0461
- CVE-2022-20369
- CVE-2022-26373
- CVE-2022-2663
- CVE-2022-29900
- CVE-2022-29901
- CVE-2022-3521
- CVE-2022-3545
- CVE-2022-3628
- CVE-2022-3640
- CVE-2022-3646
- CVE-2022-3649
- CVE-2022-39842
- CVE-2022-41849
- CVE-2022-41850
- CVE-2022-42328
- CVE-2022-42329
- CVE-2022-42895
- CVE-2022-43750
- CVE-2023-26607
- CVE-2022-42328
- CVE-2022-3646
- CVE-2022-29900
- CVE-2023-0461
- CVE-2022-41850
- CVE-2023-26607
- CVE-2022-42329
- CVE-2022-43750
- CVE-2022-39842
- CVE-2022-3649
- CVE-2022-20369
- CVE-2022-3628
- CVE-2022-42895
- CVE-2022-3545
- CVE-2022-29901
- CVE-2022-3640
- CVE-2022-26373
- CVE-2022-41849
- CVE-2022-3521
- CVE-2022-2663
Title: LSN-0094-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0094-1
Priorities: high
CVEs:
- CVE-2023-0468
- CVE-2023-1281
- CVE-2023-1281
- CVE-2023-0468
Title: USN-6029-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6029-1
Priorities: high,low,medium
CVEs:
- CVE-2023-1281
- CVE-2022-3903
- CVE-2023-1073
- CVE-2023-1074
- CVE-2023-26545
- CVE-2023-1074
- CVE-2022-3903
- CVE-2023-26545
- CVE-2023-1073
- CVE-2023-1281
Title: USN-6017-1: Ghostscript vulnerability
URL: https://ubuntu.com/security/notices/USN-6017-1
Priorities: medium
CVEs:
- CVE-2023-28879
621.488
Release Date: April 07, 2023
Metadata:
BOSH Agent Version: 2.268.132
USNs:
Title: USN-5961-1: abcm2ps vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5961-1
Priorities: medium,low
CVEs:
- CVE-2018-10753
- CVE-2018-10771
- CVE-2019-1010069
- CVE-2021-32434
- CVE-2021-32435
- CVE-2021-32436
- CVE-2021-32435
- CVE-2018-10771
- CVE-2019-1010069
- CVE-2021-32434
- CVE-2021-32436
- CVE-2018-10753
Title: USN-5974-1: GraphicsMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5974-1
Priorities: medium
CVEs:
- CVE-2018-20184
- CVE-2018-20189
- CVE-2018-5685
- CVE-2018-9018
- CVE-2019-11006
- CVE-2020-12672
- CVE-2022-1270
- CVE-2019-11006
- CVE-2018-9018
- CVE-2022-1270
- CVE-2018-20189
- CVE-2020-12672
- CVE-2018-20184
- CVE-2018-5685
Title: USN-5973-1: url-parse vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5973-1
Priorities: medium,low
CVEs:
- CVE-2018-3774
- CVE-2020-8124
- CVE-2021-27515
- CVE-2021-3664
- CVE-2022-0512
- CVE-2022-0639
- CVE-2022-0691
- CVE-2022-0686
- CVE-2021-3664
- CVE-2022-0639
- CVE-2021-27515
- CVE-2022-0686
- CVE-2020-8124
- CVE-2022-0512
- CVE-2022-0691
- CVE-2018-3774
Title: USN-5990-1: musl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5990-1
Priorities: medium
CVEs:
- CVE-2019-14697
- CVE-2020-28928
- CVE-2020-28928
- CVE-2019-14697
Title: USN-5988-1: Xcftools vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5988-1
Priorities: medium
CVEs:
- CVE-2019-5086
- CVE-2019-5087
- CVE-2019-5086
- CVE-2019-5087
Title: USN-5983-1: Nette vulnerability
URL: https://ubuntu.com/security/notices/USN-5983-1
Priorities: medium
CVEs:
- CVE-2020-15227
Title: USN-5997-1: IPMItool vulnerability
URL: https://ubuntu.com/security/notices/USN-5997-1
Priorities: medium
CVEs:
- CVE-2020-5208
Title: USN-5904-2: SoX regression
URL: https://ubuntu.com/security/notices/USN-5904-2
Priorities: medium,low
CVEs:
- CVE-2021-33844
- CVE-2019-13590
- CVE-2021-23159
- CVE-2021-23172
- CVE-2021-23210
- CVE-2021-33844
- CVE-2021-3643
- CVE-2021-40426
- CVE-2022-31650
- CVE-2022-31651
- CVE-2021-33844
Title: USN-5981-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5981-1
Priorities: low,medium
CVEs:
- CVE-2021-3669
- CVE-2022-3424
- CVE-2022-36280
- CVE-2022-41218
- CVE-2022-47929
- CVE-2023-0045
- CVE-2023-0266
- CVE-2023-0394
- CVE-2023-23455
- CVE-2023-23559
- CVE-2023-28328
- CVE-2022-41218
- CVE-2023-0394
- CVE-2022-36280
- CVE-2021-3669
- CVE-2023-23455
- CVE-2022-3424
- CVE-2023-0045
- CVE-2023-0266
- CVE-2022-47929
- CVE-2023-23559
- CVE-2023-28328
Title: USN-5969-1: gif2apng vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5969-1
Priorities: medium
CVEs:
- CVE-2021-45909
- CVE-2021-45910
- CVE-2021-45911
- CVE-2021-45911
- CVE-2021-45909
- CVE-2021-45910
Title: USN-5968-1: GitPython vulnerability
URL: https://ubuntu.com/security/notices/USN-5968-1
Priorities: medium
CVEs:
- CVE-2022-24439
Title: USN-5958-1: FFmpeg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5958-1
Priorities: medium
CVEs:
- CVE-2022-3109
- CVE-2022-3341
- CVE-2022-3964
- CVE-2022-3965
- CVE-2022-3341
- CVE-2022-3109
- CVE-2022-3965
- CVE-2022-3964
Title: USN-5966-2: amanda regression
URL: https://ubuntu.com/security/notices/USN-5966-2
Priorities: low,medium,high
CVEs:
- CVE-2022-37703
- CVE-2022-37704
- CVE-2022-37705
Title: USN-5966-1: amanda vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5966-1
Priorities: low,medium,high
CVEs:
- CVE-2022-37703
- CVE-2022-37704
- CVE-2022-37705
- CVE-2022-37703
- CVE-2022-37704
- CVE-2022-37705
Title: USN-5686-4: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-5686-4
Priorities: medium
CVEs:
- CVE-2022-39253
- CVE-2022-39253
Title: USN-5963-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5963-1
Priorities: medium
CVEs:
- CVE-2022-47024
- CVE-2023-0049
- CVE-2023-0054
- CVE-2023-0288
- CVE-2023-0433
- CVE-2023-0051
- CVE-2023-1170
- CVE-2023-1175
- CVE-2023-1264
- CVE-2023-0054
- CVE-2023-1175
- CVE-2023-0049
- CVE-2023-1264
- CVE-2023-0433
- CVE-2022-47024
- CVE-2023-0051
- CVE-2023-0288
- CVE-2023-1170
Title: LSN-0093-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0093-1
Priorities: high
CVEs:
- CVE-2023-0179
- CVE-2023-0461
- CVE-2023-0461
- CVE-2023-0179
Title: USN-5975-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5975-1
Priorities: high,low,medium
CVEs:
- CVE-2023-0461
- CVE-2021-3669
- CVE-2022-20369
- CVE-2022-26373
- CVE-2022-2663
- CVE-2022-29900
- CVE-2022-29901
- CVE-2022-3424
- CVE-2022-3521
- CVE-2022-3545
- CVE-2022-3628
- CVE-2022-36280
- CVE-2022-3640
- CVE-2022-3646
- CVE-2022-3649
- CVE-2022-39842
- CVE-2022-41218
- CVE-2022-41849
- CVE-2022-41850
- CVE-2022-42328
- CVE-2022-42329
- CVE-2022-42895
- CVE-2022-43750
- CVE-2022-47929
- CVE-2023-0045
- CVE-2023-0266
- CVE-2023-0394
- CVE-2023-23455
- CVE-2023-23559
- CVE-2023-26607
- CVE-2023-28328
- CVE-2022-43750
- CVE-2022-3521
- CVE-2022-3424
- CVE-2022-41218
- CVE-2022-47929
- CVE-2022-3628
- CVE-2022-3640
- CVE-2023-23455
- CVE-2022-42329
- CVE-2023-26607
- CVE-2023-23559
- CVE-2022-3649
- CVE-2023-0045
- CVE-2022-2663
- CVE-2021-3669
- CVE-2022-29901
- CVE-2022-3646
- CVE-2022-29900
- CVE-2022-42328
- CVE-2022-41850
- CVE-2022-39842
- CVE-2022-3545
- CVE-2023-0266
- CVE-2023-0394
- CVE-2023-0461
- CVE-2022-20369
- CVE-2022-42895
- CVE-2022-36280
- CVE-2023-28328
- CVE-2022-26373
- CVE-2022-41849
Title: USN-5960-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-5960-1
Priorities: medium
CVEs:
- CVE-2023-24329
Title: USN-5942-2: Apache HTTP Server vulnerability
URL: https://ubuntu.com/security/notices/USN-5942-2
Priorities: medium
CVEs:
- CVE-2023-25690
- CVE-2023-25690
- CVE-2023-25690
Title: USN-5989-1: GlusterFS vulnerability
URL: https://ubuntu.com/security/notices/USN-5989-1
Priorities: medium
CVEs:
- CVE-2023-26253
Title: USN-5996-1: Liblouis vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5996-1
Priorities: medium
CVEs:
- CVE-2023-26767
- CVE-2023-26768
- CVE-2023-26769
- CVE-2023-26769
- CVE-2023-26768
- CVE-2023-26767
Title: USN-5964-2: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5964-2
Priorities: low,medium
CVEs:
- CVE-2023-27533
- CVE-2023-27535
- CVE-2023-27536
- CVE-2023-27535
- CVE-2023-27536
- CVE-2023-27533
621.463
Release Date: March 16, 2023
Metadata:
BOSH Agent Version: 2.268.127
Changes:
* AWS light stemcells are now compatible with the eu-central-2 region.
USNs:
Title: USN-5904-1: SoX vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5904-1
Priorities: medium,low
CVEs:
- CVE-2019-13590
- CVE-2021-23159
- CVE-2021-23172
- CVE-2021-23210
- CVE-2021-33844
- CVE-2021-3643
- CVE-2021-40426
- CVE-2022-31650
- CVE-2022-31651
- CVE-2021-3643
- CVE-2021-23172
- CVE-2021-23159
- CVE-2022-31650
- CVE-2019-13590
- CVE-2021-40426
- CVE-2021-33844
- CVE-2021-23210
- CVE-2022-31651
Title: USN-5926-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5926-1
Priorities: medium,low
CVEs:
- CVE-2021-4155
- CVE-2022-20566
- CVE-2022-41858
- CVE-2022-42895
- CVE-2023-0045
- CVE-2023-23559
- CVE-2022-42895
- CVE-2021-4155
- CVE-2022-41858
- CVE-2023-0045
- CVE-2023-23559
- CVE-2022-20566
Title: USN-5922-1: FriBidi vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5922-1
Priorities: medium
CVEs:
- CVE-2022-25308
- CVE-2022-25309
- CVE-2022-25310
- CVE-2022-25308
- CVE-2022-25309
- CVE-2022-25310
Title: USN-5944-1: SnakeYAML vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5944-1
Priorities: low,medium
CVEs:
- CVE-2022-25857
- CVE-2022-38749
- CVE-2022-38750
- CVE-2022-38751
- CVE-2022-38750
- CVE-2022-25857
- CVE-2022-38749
- CVE-2022-38751
Title: USN-5932-1: Sofia-SIP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5932-1
Priorities: medium
CVEs:
- CVE-2022-31001
- CVE-2022-31002
- CVE-2022-31003
- CVE-2022-47516
- CVE-2023-22741
- CVE-2022-47516
- CVE-2022-31001
- CVE-2023-22741
- CVE-2022-31003
- CVE-2022-31002
Title: USN-5905-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5905-1
Priorities: medium
CVEs:
- CVE-2022-31628
- CVE-2022-31629
- CVE-2022-31631
- CVE-2023-0568
- CVE-2023-0662
- CVE-2023-0568
- CVE-2023-0662
- CVE-2022-31629
- CVE-2022-31628
- CVE-2022-31631
Title: USN-5928-1: systemd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5928-1
Priorities: medium
CVEs:
- CVE-2022-3821
- CVE-2022-4415
- CVE-2022-45873
- CVE-2022-3821
- CVE-2022-45873
- CVE-2022-4415
Title: USN-5821-3: pip regression
URL: https://ubuntu.com/security/notices/USN-5821-3
Priorities: medium
CVEs:
- CVE-2022-40898
Title: LSN-0092-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0092-1
Priorities: high
CVEs:
- CVE-2022-4378
- CVE-2022-42896
- CVE-2022-43945
- CVE-2022-42896
- CVE-2022-4378
- CVE-2022-43945
Title: USN-5910-1: Rack vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5910-1
Priorities: medium
CVEs:
- CVE-2022-44570
- CVE-2022-44571
- CVE-2022-44572
- CVE-2022-44571
- CVE-2022-44572
- CVE-2022-44570
Title: USN-5899-1: AWStats vulnerability
URL: https://ubuntu.com/security/notices/USN-5899-1
Priorities: low
CVEs:
- CVE-2022-46391
Title: USN-5937-1: Opusfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5937-1
Priorities: medium
CVEs:
- CVE-2022-47021
Title: USN-5900-1: tar vulnerability
URL: https://ubuntu.com/security/notices/USN-5900-1
Priorities: medium
CVEs:
- CVE-2022-48303
Title: USN-5919-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5919-1
Priorities: high,medium
CVEs:
- CVE-2023-0461
- CVE-2022-4378
- CVE-2022-3521
- CVE-2022-3545
- CVE-2022-3628
- CVE-2022-3640
- CVE-2022-3646
- CVE-2022-3649
- CVE-2022-42328
- CVE-2022-42329
- CVE-2022-42895
- CVE-2022-43750
- CVE-2022-3646
- CVE-2022-3521
- CVE-2022-4378
- CVE-2022-3545
- CVE-2022-42895
- CVE-2022-42328
- CVE-2022-3628
- CVE-2022-42329
- CVE-2022-3649
- CVE-2022-43750
- CVE-2023-0461
- CVE-2022-3640
Title: USN-5892-2: NSS vulnerability
URL: https://ubuntu.com/security/notices/USN-5892-2
Priorities: medium
CVEs:
- CVE-2023-0767
- CVE-2023-0767
Title: USN-5923-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5923-1
Priorities: medium
CVEs:
- CVE-2023-0795
- CVE-2023-0796
- CVE-2023-0797
- CVE-2023-0798
- CVE-2023-0799
- CVE-2023-0800
- CVE-2023-0801
- CVE-2023-0802
- CVE-2023-0803
- CVE-2023-0804
- CVE-2023-0802
- CVE-2023-0796
- CVE-2023-0803
- CVE-2023-0799
- CVE-2023-0800
- CVE-2023-0801
- CVE-2023-0798
- CVE-2023-0795
- CVE-2023-0797
- CVE-2023-0804
Title: USN-5898-1: OpenJDK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5898-1
Priorities: medium,low
CVEs:
- CVE-2023-21830
- CVE-2023-21843
- CVE-2023-21830
- CVE-2023-21843
621.448
Release Date: February 28, 2023
Metadata:
BOSH Agent Version: 2.268.123
USNs:
Title: USN-5866-1: Nova vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5866-1
Priorities: low,medium
CVEs:
- CVE-2015-9543
- CVE-2017-18191
- CVE-2020-17376
- CVE-2021-3654
- CVE-2022-37394
- CVE-2021-3654
- CVE-2017-18191
- CVE-2020-17376
- CVE-2022-37394
- CVE-2015-9543
Title: USN-5889-1: ZoneMinder vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5889-1
Priorities: medium,high
CVEs:
- CVE-2019-6777
- CVE-2019-6990
- CVE-2019-6992
- CVE-2019-6991
- CVE-2019-7325
- CVE-2019-7329
- CVE-2019-7326
- CVE-2019-7327
- CVE-2019-7328
- CVE-2019-7330
- CVE-2019-7332
- CVE-2019-7331
- CVE-2022-29806
- CVE-2019-7332
- CVE-2019-7326
- CVE-2019-7328
- CVE-2019-7330
- CVE-2019-7329
- CVE-2019-6777
- CVE-2019-7325
- CVE-2019-6991
- CVE-2019-6992
- CVE-2019-7327
- CVE-2019-6990
- CVE-2019-7331
- CVE-2022-29806
Title: USN-5884-1: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5884-1
Priorities: medium,low
CVEs:
- CVE-2021-4155
- CVE-2022-20566
- CVE-2022-41858
- CVE-2022-42895
- CVE-2023-0045
- CVE-2023-23559
- CVE-2023-0045
- CVE-2023-23559
- CVE-2022-41858
- CVE-2021-4155
- CVE-2022-42895
- CVE-2022-20566
Title: USN-5886-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5886-1
Priorities: medium
CVEs:
- CVE-2022-21216
- CVE-2022-33196
- CVE-2022-33972
- CVE-2022-38090
- CVE-2022-33972
- CVE-2022-38090
- CVE-2022-21216
- CVE-2022-33196
Title: USN-5872-1: NSS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5872-1
Priorities: low,medium
CVEs:
- CVE-2022-22747
- CVE-2022-34480
- CVE-2022-22747
- CVE-2022-34480
Title: USN-5870-1: apr-util vulnerability
URL: https://ubuntu.com/security/notices/USN-5870-1
Priorities: medium
CVEs:
- CVE-2022-25147
Title: USN-5883-1: Linux kernel (HWE) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5883-1
Priorities: high,medium,low
CVEs:
- CVE-2022-4378
- CVE-2022-20369
- CVE-2022-26373
- CVE-2022-2663
- CVE-2022-29900
- CVE-2022-29901
- CVE-2022-3521
- CVE-2022-3545
- CVE-2022-3628
- CVE-2022-3640
- CVE-2022-3646
- CVE-2022-3649
- CVE-2022-39842
- CVE-2022-41849
- CVE-2022-41850
- CVE-2022-42328
- CVE-2022-42895
- CVE-2022-43750
- CVE-2023-0461
- CVE-2022-43750
- CVE-2022-26373
- CVE-2022-41849
- CVE-2022-3521
- CVE-2023-0461
- CVE-2022-20369
- CVE-2022-42328
- CVE-2022-29901
- CVE-2022-3545
- CVE-2022-42895
- CVE-2022-41850
- CVE-2022-29900
- CVE-2022-39842
- CVE-2022-3649
- CVE-2022-2663
- CVE-2022-3640
- CVE-2022-3628
- CVE-2022-4378
- CVE-2022-3646
Title: USN-5863-1: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5863-1
Priorities: high,medium
CVEs:
- CVE-2022-43945
- CVE-2022-42896
- CVE-2022-3643
- CVE-2022-45934
- CVE-2022-45934
- CVE-2022-43945
- CVE-2022-3643
- CVE-2022-42896
Title: USN-5807-2: libXpm vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5807-2
Priorities: medium
CVEs:
- CVE-2022-44617
- CVE-2022-46285
- CVE-2022-4883
- CVE-2022-44617
- CVE-2022-4883
- CVE-2022-46285
Title: USN-5778-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5778-2
Priorities: medium
CVEs:
- CVE-2022-46344
- CVE-2023-0494
- CVE-2022-46341
- CVE-2022-46340
- CVE-2022-46343
- CVE-2022-46342
- CVE-2022-4283
Title: USN-5887-1: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5887-1
Priorities: medium
CVEs:
- CVE-2023-20032
- CVE-2023-20052
- CVE-2023-20032
- CVE-2023-20052
Title: USN-5871-1: Git vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5871-1
Priorities: medium
CVEs:
- CVE-2023-22490
- CVE-2023-23946
- CVE-2023-23946
- CVE-2023-22490
621.418
Release Date: February 09, 2023
Metadata:
BOSH Agent Version: 2.268.118
USNs:
Title: USN-5834-1: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5834-1
Priorities: medium
CVEs:
- CVE-2006-20001
- CVE-2022-36760
- CVE-2022-36760
- CVE-2006-20001
Title: USN-4781-2: Slurm vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4781-2
Priorities: medium,high
CVEs:
- CVE-2016-10030
- CVE-2018-10995
- CVE-2016-10030
- CVE-2017-15566
- CVE-2018-7033
- CVE-2018-10995
- CVE-2019-6438
- CVE-2020-12693
- CVE-2020-27745
- CVE-2020-27746
- CVE-2021-31215
- CVE-2016-10030
- CVE-2018-10995
Title: USN-5828-1: Kerberos vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5828-1
Priorities: medium
CVEs:
- CVE-2018-20217
- CVE-2022-42898
- CVE-2022-42898
- CVE-2018-20217
Title: USN-5838-1: AdvanceCOMP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5838-1
Priorities: low,medium
CVEs:
- CVE-2022-35014
- CVE-2022-35017
- CVE-2022-35018
- CVE-2022-35019
- CVE-2022-35020
- CVE-2022-35015
- CVE-2022-35016
- CVE-2022-35016
- CVE-2022-35018
- CVE-2022-35015
- CVE-2022-35014
- CVE-2022-35019
- CVE-2022-35020
- CVE-2022-35017
Title: USN-5833-1: python-future vulnerability
URL: https://ubuntu.com/security/notices/USN-5833-1
Priorities: medium
CVEs:
- CVE-2022-40899
Title: USN-5836-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5836-1
Priorities: medium
CVEs:
- CVE-2022-47024
- CVE-2023-0049
- CVE-2023-0054
- CVE-2023-0288
- CVE-2023-0433
- CVE-2022-47024
- CVE-2023-0049
- CVE-2023-0054
- CVE-2023-0288
- CVE-2023-0433
Title: USN-5845-2: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5845-2
Priorities: high,medium
CVEs:
- CVE-2023-0286
- CVE-2023-0215
- CVE-2023-0286
- CVE-2023-0215
Title: USN-5842-1: EditorConfig Core C vulnerability
URL: https://ubuntu.com/security/notices/USN-5842-1
Priorities: medium
CVEs:
- CVE-2023-0341
Title: USN-5837-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-5837-2
Priorities: medium
CVEs:
- CVE-2023-23969
621.401
Release Date: January 26, 2023
Metadata:
BOSH Agent Version: 2.268.116
USNs:
Title: USN-5806-1: Ruby vulnerability
URL: https://ubuntu.com/security/notices/USN-5806-1
Priorities: medium
CVEs:
- CVE-2021-33621
Title: USN-5790-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5790-1
Priorities: medium
CVEs:
- CVE-2021-4159
- CVE-2022-20421
- CVE-2022-3061
- CVE-2022-3586
- CVE-2022-39188
- CVE-2022-40307
- CVE-2022-4095
- CVE-2022-39188
- CVE-2022-20421
- CVE-2022-3586
- CVE-2022-4095
- CVE-2021-4159
- CVE-2022-40307
- CVE-2022-3061
Title: USN-5800-1: Heimdal vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5800-1
Priorities: medium
CVEs:
- CVE-2021-44758
- CVE-2022-3437
- CVE-2022-42898
- CVE-2022-44640
- CVE-2022-42898
- CVE-2022-44640
- CVE-2021-44758
- CVE-2022-3437
Title: USN-5795-2: Net-SNMP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5795-2
Priorities: medium
CVEs:
- CVE-2022-24805
- CVE-2022-24810
- CVE-2022-44793
- CVE-2022-24807
- CVE-2022-24808
- CVE-2022-44792
- CVE-2022-24809
- CVE-2022-24806
Title: USN-5817-1: Setuptools vulnerability
URL: https://ubuntu.com/security/notices/USN-5817-1
Priorities: medium
CVEs:
- CVE-2022-40897
Title: USN-5804-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5804-1
Priorities: high,medium
CVEs:
- CVE-2022-43945
- CVE-2022-42896
- CVE-2022-3643
- CVE-2022-45934
- CVE-2022-42896
- CVE-2022-43945
- CVE-2022-45934
- CVE-2022-3643
Title: USN-5794-1: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5794-1
Priorities: high,medium
CVEs:
- CVE-2022-43945
- CVE-2022-42896
- CVE-2022-3643
- CVE-2022-45934
- CVE-2022-42896
- CVE-2022-45934
- CVE-2022-3643
- CVE-2022-43945
Title: USN-5802-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5802-1
Priorities: high,medium
CVEs:
- CVE-2022-43945
- CVE-2022-42896
- CVE-2022-3643
- CVE-2022-45934
- CVE-2022-42896
- CVE-2022-45934
- CVE-2022-3643
- CVE-2022-43945
Title: USN-5813-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5813-1
Priorities: high,medium
CVEs:
- CVE-2022-43945
- CVE-2022-42896
- CVE-2022-3643
- CVE-2022-45934
- CVE-2022-45934
- CVE-2022-43945
- CVE-2022-3643
- CVE-2022-42896
Title: USN-5811-2: Sudo vulnerability
URL: https://ubuntu.com/security/notices/USN-5811-2
Priorities: medium
CVEs:
- CVE-2023-22809
- CVE-2023-22809
621.376
Release Date: January 05, 2023
Metadata:
BOSH Agent Version: 2.268.112
USNs:
Title: USN-5769-1: protobuf vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5769-1
Priorities: low
CVEs:
- CVE-2015-5237
- CVE-2022-1941
- CVE-2022-1941
- CVE-2015-5237
Title: USN-5768-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5768-1
Priorities: negligible,low
CVEs:
- CVE-2016-10228
- CVE-2019-25013
- CVE-2020-27618
- CVE-2017-12132
- CVE-2019-25013
- CVE-2016-10228
- CVE-2020-27618
- CVE-2017-12132
Title: USN-5771-1: Squid regression
URL: https://ubuntu.com/security/notices/USN-5771-1
Priorities: low
CVEs:
- CVE-2016-2569
- CVE-2016-2570
- CVE-2016-2571
- CVE-2016-3948
- CVE-2018-1000024
- CVE-2018-1000027
Title: USN-5770-1: GCC vulnerability
URL: https://ubuntu.com/security/notices/USN-5770-1
Priorities: low
CVEs:
- CVE-2017-11671
Title: USN-5772-1: QEMU vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5772-1
Priorities: medium,low
CVEs:
- CVE-2021-3682
- CVE-2021-3750
- CVE-2021-3930
- CVE-2022-0216
- CVE-2022-2962
- CVE-2022-3165
- CVE-2021-3682
- CVE-2022-3165
- CVE-2022-0216
- CVE-2021-3750
- CVE-2021-3930
- CVE-2022-2962
Title: USN-5775-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5775-1
Priorities: medium,low
CVEs:
- CVE-2022-2345
- CVE-2022-2581
- CVE-2022-3099
- CVE-2022-3256
- CVE-2022-3324
- CVE-2022-3591
- CVE-2022-3591
- CVE-2022-2581
- CVE-2022-2345
- CVE-2022-3256
- CVE-2022-3324
- CVE-2022-3099
Title: USN-5766-1: Heimdal vulnerability
URL: https://ubuntu.com/security/notices/USN-5766-1
Priorities: medium
CVEs:
- CVE-2022-41916
Title: USN-5767-2: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-5767-2
Priorities: medium
CVEs:
- CVE-2022-45061
- CVE-2022-45061
Title: USN-5781-1: Emacs vulnerability
URL: https://ubuntu.com/security/notices/USN-5781-1
Priorities: medium
CVEs:
- CVE-2022-45939
621.364
Release Date: December 08, 2022
Fixes:
- Preserve extended attributes when migrating disk data
Metadata:
BOSH Agent Version: 2.268.109
USNs:
Title: USN-5762-1: GNU binutils vulnerability
URL: https://ubuntu.com/security/notices/USN-5762-1
Priorities: medium
CVEs:
- CVE-2022-38533
Title: USN-5760-2: libxml2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5760-2
Priorities: medium
CVEs:
- CVE-2022-40303
- CVE-2022-40304
- CVE-2022-40304
- CVE-2022-40303
621.359
Release Date: December 05, 2022
Metadata:
BOSH Agent Version: 2.268.108
USNs:
Title: USN-5745-1: shadow vulnerability
URL: https://ubuntu.com/security/notices/USN-5745-1
Priorities: low
CVEs:
- CVE-2013-4235
Title: USN-5746-1: HarfBuzz vulnerability
URL: https://ubuntu.com/security/notices/USN-5746-1
Priorities: low
CVEs:
- CVE-2015-9274
Title: USN-5747-1: Bind vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5747-1
Priorities: medium,low
CVEs:
- CVE-2016-2775
- CVE-2016-6170
- CVE-2016-2775
- CVE-2016-6170
Title: USN-5737-1: APR-util vulnerability
URL: https://ubuntu.com/security/notices/USN-5737-1
Priorities: low
CVEs:
- CVE-2017-12618
Title: USN-5744-1: libICE vulnerability
URL: https://ubuntu.com/security/notices/USN-5744-1
Priorities: low
CVEs:
- CVE-2017-2626
Title: USN-5733-1: FLAC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5733-1
Priorities: low
CVEs:
- CVE-2017-6888
- CVE-2020-0499
- CVE-2021-0561
- CVE-2017-6888
- CVE-2020-0499
- CVE-2021-0561
Title: USN-5749-1: libsamplerate vulnerability
URL: https://ubuntu.com/security/notices/USN-5749-1
Priorities: low
CVEs:
- CVE-2017-7697
Title: USN-5736-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5736-1
Priorities: medium,low
CVEs:
- CVE-2021-20224
- CVE-2021-20241
- CVE-2021-20243
- CVE-2021-20244
- CVE-2021-20245
- CVE-2021-20246
- CVE-2021-20309
- CVE-2021-20312
- CVE-2021-20313
- CVE-2021-3574
- CVE-2021-39212
- CVE-2021-4219
- CVE-2022-1114
- CVE-2022-28463
- CVE-2022-32545
- CVE-2022-32546
- CVE-2022-32547
- CVE-2021-20313
- CVE-2021-20224
- CVE-2021-20246
- CVE-2021-4219
- CVE-2022-28463
- CVE-2021-20244
- CVE-2021-20243
- CVE-2021-3574
- CVE-2022-32545
- CVE-2022-32546
- CVE-2021-20312
- CVE-2021-20245
- CVE-2021-20241
- CVE-2021-20309
- CVE-2022-1114
- CVE-2022-32547
- CVE-2021-39212
Title: USN-5750-1: GnuTLS vulnerability
URL: https://ubuntu.com/security/notices/USN-5750-1
Priorities: low
CVEs:
- CVE-2021-4209
Title: USN-5723-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5723-1
Priorities: medium,low
CVEs:
- CVE-2022-1674
- CVE-2022-1725
- CVE-2022-2124
- CVE-2022-2125
- CVE-2022-2126
- CVE-2022-2175
- CVE-2022-2183
- CVE-2022-2206
- CVE-2022-2304
- CVE-2022-1674
- CVE-2022-2125
- CVE-2022-2304
- CVE-2022-1725
- CVE-2022-2124
- CVE-2022-2126
- CVE-2022-2183
- CVE-2022-2175
- CVE-2022-2206
Title: USN-5727-2: Linux kernel (GCP) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5727-2
Priorities: medium
CVEs:
- CVE-2022-20422
- CVE-2022-2153
- CVE-2022-2978
- CVE-2022-3028
- CVE-2022-3635
- CVE-2022-36879
- CVE-2022-40768
- CVE-2022-3028
- CVE-2022-20422
- CVE-2022-2978
- CVE-2022-2153
- CVE-2022-40768
- CVE-2022-3635
- CVE-2022-36879
Title: USN-5727-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5727-1
Priorities: medium
CVEs:
- CVE-2022-20422
- CVE-2022-2153
- CVE-2022-2978
- CVE-2022-3028
- CVE-2022-3635
- CVE-2022-36879
- CVE-2022-40768
- CVE-2022-3028
- CVE-2022-2153
- CVE-2022-36879
- CVE-2022-3635
- CVE-2022-20422
- CVE-2022-40768
- CVE-2022-2978
Title: USN-5753-1: snapd vulnerability
URL: https://ubuntu.com/security/notices/USN-5753-1
Priorities: high
CVEs:
- CVE-2022-3328
Title: USN-5740-1: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5740-1
Priorities: medium
CVEs:
- CVE-2022-3550
- CVE-2022-3551
Title: USN-5686-2: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-5686-2
Priorities: medium
CVEs:
- CVE-2022-39260
- CVE-2022-39260
Title: USN-5735-1: Sysstat vulnerability
URL: https://ubuntu.com/security/notices/USN-5735-1
Priorities: medium
CVEs:
- CVE-2022-39377
Title: USN-5722-1: nginx vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5722-1
Priorities: medium
CVEs:
- CVE-2022-41741
- CVE-2022-41742
- CVE-2022-41741
- CVE-2022-41742
Title: USN-5757-2: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5757-2
Priorities: high,medium,low
CVEs:
- CVE-2022-42703
- CVE-2022-3239
- CVE-2022-3524
- CVE-2022-3564
- CVE-2022-3565
- CVE-2022-3566
- CVE-2022-3567
- CVE-2022-3594
- CVE-2022-3621
- CVE-2022-3239
- CVE-2022-42703
- CVE-2022-3524
- CVE-2022-3594
- CVE-2022-3566
- CVE-2022-3621
- CVE-2022-3564
- CVE-2022-3565
- CVE-2022-3567
Title: USN-5758-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5758-1
Priorities: high,medium,low
CVEs:
- CVE-2022-42703
- CVE-2022-3239
- CVE-2022-3524
- CVE-2022-3564
- CVE-2022-3565
- CVE-2022-3566
- CVE-2022-3567
- CVE-2022-3594
- CVE-2022-3621
- CVE-2022-3635
- CVE-2022-3649
- CVE-2022-40768
- CVE-2022-43750
- CVE-2022-3621
- CVE-2022-3239
- CVE-2022-3566
- CVE-2022-40768
- CVE-2022-3594
- CVE-2022-3635
- CVE-2022-43750
- CVE-2022-3564
- CVE-2022-3567
- CVE-2022-42703
- CVE-2022-3524
- CVE-2022-3565
- CVE-2022-3649
Title: USN-5638-3: Expat vulnerability
URL: https://ubuntu.com/security/notices/USN-5638-3
Priorities: medium
CVEs:
- CVE-2022-43680
- CVE-2022-43680
Title: USN-5718-2: pixman vulnerability
URL: https://ubuntu.com/security/notices/USN-5718-2
Priorities: medium
CVEs:
- CVE-2022-44638
621.330
Release Date: November 16, 2022
Fixes:
The Linux kernel slab memory leak present in versions 621.241 through 621.305 is fixed in this version.
Not all workloads or configurations were affected by this issue. If you are using one of the affected versions and would like information about how to determine if you are affected by this issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
Metadata:
BOSH Agent Version: 2.268.102
USNs:
Title: USN-5701-1: Jinja2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5701-1
Priorities: low
CVEs:
- CVE-2020-28493
Title: USN-5699-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5699-1
Priorities: low
CVEs:
- CVE-2021-3326
- CVE-2021-35942
- CVE-2021-3326
- CVE-2021-35942
Title: USN-5707-1: Libtasn1 vulnerability
URL: https://ubuntu.com/security/notices/USN-5707-1
Priorities: low
CVEs:
- CVE-2021-46848
Title: USN-5696-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5696-2
Priorities: medium
CVEs:
- CVE-2022-21617
- CVE-2022-21589
- CVE-2022-21592
- CVE-2022-21608
Title: USN-5719-1: OpenJDK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5719-1
Priorities: medium
CVEs:
- CVE-2022-21619
- CVE-2022-21624
- CVE-2022-21628
- CVE-2022-21626
- CVE-2022-39399
- CVE-2022-21618
- CVE-2022-21618
- CVE-2022-21626
- CVE-2022-39399
- CVE-2022-21628
- CVE-2022-21619
- CVE-2022-21624
Title: USN-5714-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5714-1
Priorities: medium,low
CVEs:
- CVE-2022-2519
- CVE-2022-2520
- CVE-2022-2521
- CVE-2022-2953
- CVE-2022-2867
- CVE-2022-2868
- CVE-2022-2869
- CVE-2022-34526
- CVE-2022-3570
- CVE-2022-3598
- CVE-2022-3599
- CVE-2022-3626
- CVE-2022-3627
- CVE-2022-2869
- CVE-2022-3627
- CVE-2022-3599
- CVE-2022-2519
- CVE-2022-3598
- CVE-2022-34526
- CVE-2022-2867
- CVE-2022-2868
- CVE-2022-2520
- CVE-2022-2521
- CVE-2022-3570
- CVE-2022-2953
- CVE-2022-3626
Title: USN-5658-2: DHCP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5658-2
Priorities: medium
CVEs:
- CVE-2022-2928
- CVE-2022-2929
- CVE-2022-2928
- CVE-2022-2929
Title: USN-5698-2: Open vSwitch vulnerability
URL: https://ubuntu.com/security/notices/USN-5698-2
Priorities: medium
CVEs:
- CVE-2022-32166
Title: USN-5702-2: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-5702-2
Priorities: medium
CVEs:
- CVE-2022-32221
- CVE-2022-32221
Title: USN-5705-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5705-1
Priorities: medium
CVEs:
- CVE-2022-3570
- CVE-2022-3598
- CVE-2022-3570
- CVE-2022-3598
Title: USN-5712-1: SQLite vulnerability
URL: https://ubuntu.com/security/notices/USN-5712-1
Priorities: medium
CVEs:
- CVE-2022-35737
Title: USN-5711-2: NTFS-3G vulnerability
URL: https://ubuntu.com/security/notices/USN-5711-2
Priorities: medium
CVEs:
- CVE-2022-40284
Title: USN-5704-1: DBus vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5704-1
Priorities: medium
CVEs:
- CVE-2022-42010
- CVE-2022-42011
- CVE-2022-42012
- CVE-2022-42010
- CVE-2022-42012
- CVE-2022-42011
621.305
Release Date: October 25, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.98
USNs:
Title: USN-5695-1: Linux kernel (GCP) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5695-1
Priorities: medium
CVEs:
- CVE-2022-0812
- CVE-2022-1012
- CVE-2022-32296
- CVE-2022-2318
- CVE-2022-26365
- CVE-2022-33740
- CVE-2022-33741
- CVE-2022-33742
- CVE-2022-33744
- CVE-2022-33741
- CVE-2022-32296
- CVE-2022-1012
- CVE-2022-33740
- CVE-2022-33744
- CVE-2022-33742
- CVE-2022-0812
- CVE-2022-2318
- CVE-2022-26365
621.304
Release Date: October 25, 2022
Known Issues:
- This stemcell was removed from AWS regions and cannot be recovered making it unavailable to AWS light stemcell users. AWS light stemcell users should instead use the AWS heavy stemcell or v621.305.
- Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: The kernel slab memory leak issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.98
USNs:
Title: USN-5690-1: libXdmcp vulnerability
URL: https://ubuntu.com/security/notices/USN-5690-1
Priorities: low
CVEs:
- CVE-2017-2625
Title: USN-5665-1: PCRE vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5665-1
Priorities: low
CVEs:
- CVE-2017-6004
- CVE-2017-7186
- CVE-2017-7186
- CVE-2017-6004
Title: USN-5675-1: Heimdal vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5675-1
Priorities: medium,low
CVEs:
- CVE-2018-16860
- CVE-2019-12098
- CVE-2021-3671
- CVE-2022-3116
- CVE-2018-16860
- CVE-2022-3116
- CVE-2019-12098
- CVE-2021-3671
Title: USN-5657-1: Graphite2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5657-1
Priorities: low
CVEs:
- CVE-2018-7999
Title: USN-5656-1: JACK vulnerability
URL: https://ubuntu.com/security/notices/USN-5656-1
Priorities: low
CVEs:
- CVE-2019-13351
Title: USN-5671-1: AdvanceCOMP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5671-1
Priorities: low
CVEs:
- CVE-2019-8379
- CVE-2019-8383
- CVE-2019-8379
- CVE-2019-8383
Title: USN-5371-3: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-5371-3
Priorities: medium,low
CVEs:
- CVE-2020-11724
- CVE-2020-11724
- CVE-2020-36309
- CVE-2021-3618
- CVE-2020-11724
Title: USN-5689-1: Perl vulnerability
URL: https://ubuntu.com/security/notices/USN-5689-1
Priorities: medium
CVEs:
- CVE-2020-16156
Title: USN-5650-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5650-1
Priorities: medium,low
CVEs:
- CVE-2021-33655
- CVE-2021-33656
- CVE-2021-4037
- CVE-2022-0850
- CVE-2022-1199
- CVE-2022-1204
- CVE-2022-1729
- CVE-2022-20368
- CVE-2022-2639
- CVE-2022-2964
- CVE-2022-2978
- CVE-2022-3028
- CVE-2022-3202
- CVE-2022-36946
- CVE-2021-4037
- CVE-2022-36946
- CVE-2021-33655
- CVE-2022-0850
- CVE-2022-1204
- CVE-2022-1199
- CVE-2021-33656
- CVE-2022-20368
- CVE-2022-2964
- CVE-2022-3202
- CVE-2022-2978
- CVE-2022-3028
- CVE-2022-1729
- CVE-2022-2639
Title: USN-5652-1: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5652-1
Priorities: medium
CVEs:
- CVE-2021-33655
- CVE-2022-36946
- CVE-2022-36946
- CVE-2021-33655
Title: USN-5614-2: Wayland vulnerability
URL: https://ubuntu.com/security/notices/USN-5614-2
Priorities: medium
CVEs:
- CVE-2021-3782
Title: USN-5666-1: OpenSSH vulnerability
URL: https://ubuntu.com/security/notices/USN-5666-1
Priorities: low
CVEs:
- CVE-2021-41617
Title: USN-5673-1: unzip vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5673-1
Priorities: low,medium
CVEs:
- CVE-2021-4217
- CVE-2022-0529
- CVE-2022-0530
- CVE-2022-0529
- CVE-2021-4217
- CVE-2022-0530
Title: USN-5669-2: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5669-2
Priorities: medium
CVEs:
- CVE-2022-0812
- CVE-2022-1012
- CVE-2022-32296
- CVE-2022-2318
- CVE-2022-26365
- CVE-2022-33740
- CVE-2022-33741
- CVE-2022-33742
- CVE-2022-33744
- CVE-2022-26365
- CVE-2022-2318
- CVE-2022-32296
- CVE-2022-33742
- CVE-2022-1012
- CVE-2022-33744
- CVE-2022-33741
- CVE-2022-33740
- CVE-2022-0812
Title: USN-5679-1: Linux kernel (HWE) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5679-1
Priorities: medium
CVEs:
- CVE-2022-0812
- CVE-2022-1012
- CVE-2022-32296
- CVE-2022-2318
- CVE-2022-26365
- CVE-2022-33740
- CVE-2022-33741
- CVE-2022-33742
- CVE-2022-33744
- CVE-2022-26365
- CVE-2022-33741
- CVE-2022-2318
- CVE-2022-1012
- CVE-2022-33744
- CVE-2022-0812
- CVE-2022-33740
- CVE-2022-32296
- CVE-2022-33742
Title: USN-5684-1: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5684-1
Priorities: medium
CVEs:
- CVE-2022-0812
- CVE-2022-1012
- CVE-2022-32296
- CVE-2022-2318
- CVE-2022-26365
- CVE-2022-33740
- CVE-2022-33741
- CVE-2022-33742
- CVE-2022-33744
- CVE-2022-33741
- CVE-2022-32296
- CVE-2022-1012
- CVE-2022-33740
- CVE-2022-33744
- CVE-2022-33742
- CVE-2022-0812
- CVE-2022-2318
- CVE-2022-26365
Title: USN-5676-1: PostgreSQL vulnerability
URL: https://ubuntu.com/security/notices/USN-5676-1
Priorities: medium
CVEs:
- CVE-2022-1552
Title: USN-5688-1: Libksba vulnerability
URL: https://ubuntu.com/security/notices/USN-5688-1
Priorities: high
CVEs:
- CVE-2022-3515
Title: USN-5651-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5651-2
Priorities: medium
CVEs:
- CVE-2022-40617
Full Changelog: https://github.com/pivotal-cf/bosh-linux-stemcell-builder-lts/compare/ubuntu-trusty/v3586.153…ubuntu-xenial/v621.304
621.296
Release Date: October 04, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.95
USNs:
Title: USN-5593-1: Zstandard vulnerability
URL: https://ubuntu.com/security/notices/USN-5593-1
Priorities: medium
CVEs:
- CVE-2019-11922
Title: USN-5637-1: libvpx vulnerability
URL: https://ubuntu.com/security/notices/USN-5637-1
Priorities: low
CVEs:
- CVE-2020-0034
Title: USN-5619-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5619-1
Priorities: negligible,medium,low
CVEs:
- CVE-2020-19131
- CVE-2020-19144
- CVE-2022-1354
- CVE-2022-1355
- CVE-2022-2056
- CVE-2022-2057
- CVE-2022-2058
- CVE-2020-19144
- CVE-2022-1354
- CVE-2022-2056
- CVE-2022-2058
- CVE-2022-2057
- CVE-2020-19131
- CVE-2022-1355
Title: USN-5618-1: Ghostscript vulnerability
URL: https://ubuntu.com/security/notices/USN-5618-1
Priorities: medium
CVEs:
- CVE-2020-27792
Title: USN-5615-2: SQLite vulnerability
URL: https://ubuntu.com/security/notices/USN-5615-2
Priorities: medium
CVEs:
- CVE-2020-35525
- CVE-2020-35525
Title: USN-5645-1: PostgreSQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5645-1
Priorities: medium
CVEs:
- CVE-2021-23214
- CVE-2021-32027
- CVE-2021-23214
- CVE-2021-32027
Title: USN-5629-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-5629-1
Priorities: low
CVEs:
- CVE-2021-28861
Title: USN-5621-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5621-1
Priorities: medium
CVEs:
- CVE-2021-33655
- CVE-2022-36946
- CVE-2022-36946
- CVE-2021-33655
Title: USN-5597-1: Linux kernel (Oracle) vulnerability
URL: https://ubuntu.com/security/notices/USN-5597-1
Priorities: medium
CVEs:
- CVE-2021-33656
Title: USN-4976-2: Dnsmasq vulnerability
URL: https://ubuntu.com/security/notices/USN-4976-2
Priorities: low
CVEs:
- CVE-2021-3448
Title: USN-5626-2: Bind vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5626-2
Priorities: medium
CVEs:
- CVE-2022-2795
- CVE-2022-38177
- CVE-2022-38177
- CVE-2022-2795
Title: USN-5636-1: SoS vulnerability
URL: https://ubuntu.com/security/notices/USN-5636-1
Priorities: medium
CVEs:
- CVE-2022-2806
Title: USN-5604-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5604-1
Priorities: low
CVEs:
- CVE-2022-2867
- CVE-2022-2869
- CVE-2022-2868
- CVE-2022-2869
- CVE-2022-2868
- CVE-2022-2867
Title: USN-5606-1: poppler vulnerability
URL: https://ubuntu.com/security/notices/USN-5606-1
Priorities: medium
CVEs:
- CVE-2022-38784
Title: USN-5638-1: Expat vulnerability
URL: https://ubuntu.com/security/notices/USN-5638-1
Priorities: medium
CVEs:
- CVE-2022-40674
621.280
Release Date: September 06, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Fixes
- There is an existing kernel bug in Xenial that can prevent the Precision Hardware Clock used in Azure stemcells from correctly tracking the time. To work around this problem we’ve changed the Azure stemcells to once again use the NTP servers in the config provided by BOSH. If your Azure network does not allow output NTP traffic to your configured NTP servers you may need to update your firewall rules to allow this traffic now.
Metadata:
BOSH Agent Version: 2.268.91
USNs:
Title: USN-5575-2: Libxslt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5575-2
Priorities: medium
CVEs:
- CVE-2019-5815
- CVE-2021-30560
- CVE-2019-5815
- CVE-2021-30560
Title: USN-5580-1: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5580-1
Priorities: medium
CVEs:
- CVE-2021-33655
- CVE-2021-33656
- CVE-2022-20368
- CVE-2022-36946
- CVE-2022-36946
- CVE-2021-33656
- CVE-2021-33655
- CVE-2022-20368
Title: USN-5591-2: Linux kernel (HWE) vulnerability
URL: https://ubuntu.com/security/notices/USN-5591-2
Priorities: medium
CVEs:
- CVE-2021-33656
Title: USN-5591-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5591-1
Priorities: medium
CVEs:
- CVE-2021-33656
Title: USN-5572-1: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5572-1
Priorities: medium
CVEs:
- CVE-2022-26365
- CVE-2022-33740
- CVE-2022-33741
- CVE-2022-33741
- CVE-2022-26365
- CVE-2022-33740
Title: USN-5579-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5579-1
Priorities: medium
CVEs:
- CVE-2022-26365
- CVE-2022-33740
- CVE-2022-33741
- CVE-2022-33741
- CVE-2022-26365
- CVE-2022-33740
Title: USN-5584-1: Schroot vulnerability
URL: https://ubuntu.com/security/notices/USN-5584-1
Priorities: medium
CVEs:
- CVE-2022-2787
Title: USN-5578-2: Open VM Tools vulnerability
URL: https://ubuntu.com/security/notices/USN-5578-2
Priorities: medium
CVEs:
- CVE-2022-31676
Title: USN-5586-1: SDL vulnerability
URL: https://ubuntu.com/security/notices/USN-5586-1
Priorities: low
CVEs:
- CVE-2022-34568
Title: USN-5573-1: rsync vulnerability
URL: https://ubuntu.com/security/notices/USN-5573-1
Priorities: medium
CVEs:
- CVE-2022-37434
Title: USN-5570-1: zlib vulnerability
URL: https://ubuntu.com/security/notices/USN-5570-1
Priorities: medium
CVEs:
- CVE-2022-37434
Title: USN-5574-1: Exim vulnerability
URL: https://ubuntu.com/security/notices/USN-5574-1
Priorities: medium
CVEs:
- CVE-2022-37452
621.265
Release Date: August 11, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.88
USNs:
Title: USN-5548-1: libxml2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5548-1
Priorities: medium
CVEs:
- CVE-2016-3709
Title: USN-5553-1: libjpeg-turbo vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5553-1
Priorities: low
CVEs:
- CVE-2018-11813
- CVE-2018-14498
- CVE-2020-14152
- CVE-2020-17541
- CVE-2020-17541
- CVE-2020-14152
- CVE-2018-14498
- CVE-2018-11813
Title: USN-5555-1: GStreamer Good Plugins vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5555-1
Priorities: medium
CVEs:
- CVE-2022-1920
- CVE-2022-1921
- CVE-2022-1922
- CVE-2022-1923
- CVE-2022-1924
- CVE-2022-1925
- CVE-2022-2122
- CVE-2022-1921
- CVE-2022-1923
- CVE-2022-2122
- CVE-2022-1922
- CVE-2022-1924
- CVE-2022-1920
- CVE-2022-1925
Title: USN-5546-2: OpenJDK 8 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5546-2
Priorities: high,medium
CVEs:
- CVE-2022-21449
- CVE-2022-21426
- CVE-2022-21434
- CVE-2022-21443
- CVE-2022-21476
- CVE-2022-21496
- CVE-2022-21540
- CVE-2022-21541
- CVE-2022-21549
- CVE-2022-34169
- CVE-2022-21434
- CVE-2022-34169
- CVE-2022-21426
- CVE-2022-21541
- CVE-2022-21540
- CVE-2022-21443
- CVE-2022-21496
- CVE-2022-21476
Title: USN-5560-2: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5560-2
Priorities: high,medium,low
CVEs:
- CVE-2022-2588
- CVE-2022-2586
- CVE-2022-0494
- CVE-2022-1048
- CVE-2022-1195
- CVE-2022-1652
- CVE-2022-1679
- CVE-2022-1729
- CVE-2022-1734
- CVE-2022-1974
- CVE-2022-1975
- CVE-2022-33981
- CVE-2022-34918
- CVE-2022-1975
- CVE-2022-2586
- CVE-2022-1729
- CVE-2022-34918
- CVE-2022-2588
- CVE-2022-1652
- CVE-2022-0494
- CVE-2022-1679
- CVE-2022-1974
- CVE-2022-33981
- CVE-2022-1195
- CVE-2022-1048
- CVE-2022-1734
Title: USN-5557-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5557-1
Priorities: high
CVEs:
- CVE-2022-2588
- CVE-2022-2586
- CVE-2022-2588
- CVE-2022-2586
Title: USN-5463-2: NTFS-3G vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5463-2
Priorities: medium
CVEs:
- CVE-2022-30783
- CVE-2022-30784
- CVE-2022-30786
- CVE-2022-30788
- CVE-2022-30789
- CVE-2022-30785
- CVE-2022-30787
- CVE-2022-30783
- CVE-2022-30785
- CVE-2022-30784
- CVE-2022-30787
- CVE-2022-30786
- CVE-2022-30788
- CVE-2022-30789
621.261
Release Date: August 03, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.87
USNs:
Title: USN-5519-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-5519-1
Priorities: low
CVEs:
- CVE-2015-20107
Title: USN-5535-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5535-1
Priorities: medium
CVEs:
- CVE-2021-0145
- CVE-2021-0146
- CVE-2021-0127
- CVE-2022-21123
- CVE-2022-21127
- CVE-2022-21125
- CVE-2022-21151
- CVE-2022-21166
- CVE-2021-33117
- CVE-2021-33120
- CVE-2021-0145
- CVE-2022-21127
- CVE-2022-21125
- CVE-2021-33117
- CVE-2022-21123
- CVE-2022-21166
- CVE-2021-33120
- CVE-2021-0146
- CVE-2022-21151
- CVE-2021-0127
Title: USN-5505-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5505-1
Priorities: high,medium,low
CVEs:
- CVE-2021-3609
- CVE-2021-3752
- CVE-2021-3760
- CVE-2021-39685
- CVE-2021-39714
- CVE-2021-4197
- CVE-2021-4202
- CVE-2022-0330
- CVE-2022-1353
- CVE-2022-1419
- CVE-2022-1652
- CVE-2022-1679
- CVE-2022-1734
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21166
- CVE-2022-24958
- CVE-2022-28356
- CVE-2022-28388
- CVE-2021-3752
- CVE-2022-21123
- CVE-2021-39685
- CVE-2022-21166
- CVE-2021-3609
- CVE-2021-3760
- CVE-2022-24958
- CVE-2022-1734
- CVE-2022-28356
- CVE-2022-1353
- CVE-2022-1652
- CVE-2021-39714
- CVE-2022-1419
- CVE-2022-28388
- CVE-2021-4202
- CVE-2022-21125
- CVE-2021-4197
- CVE-2022-1679
- CVE-2022-0330
Title: USN-5515-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5515-1
Priorities: medium,low
CVEs:
- CVE-2021-4197
- CVE-2022-1011
- CVE-2022-1198
- CVE-2022-1199
- CVE-2022-1204
- CVE-2022-1205
- CVE-2022-1353
- CVE-2022-1516
- CVE-2022-2380
- CVE-2022-28389
- CVE-2022-1199
- CVE-2022-1205
- CVE-2021-4197
- CVE-2022-28389
- CVE-2022-2380
- CVE-2022-1198
- CVE-2022-1353
- CVE-2022-1204
- CVE-2022-1011
- CVE-2022-1516
Title: USN-5523-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5523-1
Priorities: medium,negligible
CVEs:
- CVE-2022-0907
- CVE-2022-0908
- CVE-2022-0909
- CVE-2022-0924
- CVE-2020-19131
- CVE-2020-19144
- CVE-2022-22844
- CVE-2020-19144
- CVE-2020-19131
- CVE-2022-0909
- CVE-2022-0924
- CVE-2022-22844
- CVE-2022-0907
- CVE-2022-0908
Title: USN-5533-1: Vim vulnerability
URL: https://ubuntu.com/security/notices/USN-5533-1
Priorities: low
CVEs:
- CVE-2022-2129
Title: USN-5537-2: MySQL vulnerability
URL: https://ubuntu.com/security/notices/USN-5537-2
Priorities: low
CVEs:
- CVE-2022-21515
Title: USN-5516-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5516-1
Priorities: low,medium
CVEs:
- CVE-2022-2210
- CVE-2022-2000
- CVE-2022-2207
Title: USN-5510-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5510-2
Priorities: medium
CVEs:
- CVE-2022-2319
- CVE-2022-2320
Title: USN-5520-2: HTTP-Daemon vulnerability
URL: https://ubuntu.com/security/notices/USN-5520-2
Priorities: medium
CVEs:
- CVE-2022-31081
Title: USN-5534-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5534-1
Priorities: medium
CVEs:
- CVE-2022-32545
- CVE-2022-32546
- CVE-2022-32547
- CVE-2022-32546
- CVE-2022-32547
- CVE-2022-32545
Title: USN-5503-2: GnuPG vulnerability
URL: https://ubuntu.com/security/notices/USN-5503-2
Priorities: medium
CVEs:
- CVE-2022-34903
621.256
Release Date: July 11, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.83
USNs:
Title: USN-5478-1: util-linux vulnerability
URL: https://ubuntu.com/security/notices/USN-5478-1
Priorities: low
CVEs:
- CVE-2016-5011
Title: USN-5490-1: Protocol Buffers vulnerability
URL: https://ubuntu.com/security/notices/USN-5490-1
Priorities: low
CVEs:
- CVE-2021-22570
Title: USN-5505-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5505-1
Priorities: high,medium,low
CVEs:
- CVE-2021-3609
- CVE-2021-3752
- CVE-2021-3760
- CVE-2021-39685
- CVE-2021-39714
- CVE-2021-4197
- CVE-2021-4202
- CVE-2022-0330
- CVE-2022-1353
- CVE-2022-1419
- CVE-2022-1652
- CVE-2022-1679
- CVE-2022-1734
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21166
- CVE-2022-24958
- CVE-2022-28356
- CVE-2022-28388
- CVE-2021-3752
- CVE-2022-21123
- CVE-2021-39685
- CVE-2022-21166
- CVE-2021-3609
- CVE-2021-3760
- CVE-2022-24958
- CVE-2022-1734
- CVE-2022-28356
- CVE-2022-1353
- CVE-2022-1652
- CVE-2021-39714
- CVE-2022-1419
- CVE-2022-28388
- CVE-2021-4202
- CVE-2022-21125
- CVE-2021-4197
- CVE-2022-1679
- CVE-2022-0330
Title: USN-5500-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5500-1
Priorities: medium,low
CVEs:
- CVE-2021-4197
- CVE-2021-4202
- CVE-2022-1353
- CVE-2022-1419
- CVE-2022-1652
- CVE-2022-1679
- CVE-2022-1734
- CVE-2022-28356
- CVE-2022-1652
- CVE-2022-1353
- CVE-2022-28356
- CVE-2022-1734
- CVE-2021-4202
- CVE-2022-1419
- CVE-2021-4197
- CVE-2022-1679
Title: USN-5498-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5498-1
Priorities: low,medium
CVEs:
- CVE-2022-1733
- CVE-2022-0413
- CVE-2022-1785
- CVE-2022-1851
- CVE-2022-1629
- CVE-2022-1796
- CVE-2022-1898
- CVE-2022-1735
Title: LSN-0087-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0087-1
Priorities: high,medium
CVEs:
- CVE-2022-1966
- CVE-2022-1972
- CVE-2022-1972
- CVE-2022-1966
Title: USN-5492-1: Vim vulnerability
URL: https://ubuntu.com/security/notices/USN-5492-1
Priorities: medium
CVEs:
- CVE-2022-2042
Title: USN-5485-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5485-1
Priorities: medium
CVEs:
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21166
- CVE-2022-21123
- CVE-2022-21166
- CVE-2022-21125
Title: USN-5487-3: Apache HTTP Server regression
URL: https://ubuntu.com/security/notices/USN-5487-3
Priorities: medium,low
CVEs:
- CVE-2022-26377
- CVE-2022-28614
- CVE-2022-28615
- CVE-2022-29404
- CVE-2022-30522
- CVE-2022-30556
- CVE-2022-31813
- CVE-2022-26377
- CVE-2022-31813
- CVE-2022-28614
- CVE-2022-29404
- CVE-2022-28615
- CVE-2022-30522
- CVE-2022-30556
Title: USN-5487-1: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5487-1
Priorities: medium,low
CVEs:
- CVE-2022-26377
- CVE-2022-28614
- CVE-2022-28615
- CVE-2022-29404
- CVE-2022-30522
- CVE-2022-30556
- CVE-2022-31813
- CVE-2022-29404
- CVE-2022-26377
- CVE-2022-31813
- CVE-2022-30556
- CVE-2022-30522
- CVE-2022-28614
- CVE-2022-28615
Title: USN-5499-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5499-1
Priorities: low,medium
CVEs:
- CVE-2022-27781
- CVE-2022-32208
- CVE-2022-32208
- CVE-2022-27781
Title: USN-5493-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5493-1
Priorities: medium
CVEs:
- CVE-2022-28388
621.252
Release Date: June 17, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.80
USNs:
Title: USN-5477-1: ncurses vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5477-1
Priorities: negligible,low
CVEs:
- CVE-2017-16879
- CVE-2018-19211
- CVE-2019-17594
- CVE-2019-17595
- CVE-2021-39537
- CVE-2022-29458
- CVE-2017-16879
- CVE-2018-19211
- CVE-2019-17595
- CVE-2019-17594
- CVE-2022-29458
- CVE-2021-39537
Title: LSN-0087-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0087-1
Priorities: high,medium
CVEs:
- CVE-2022-1966
- CVE-2022-1972
- CVE-2022-1972
- CVE-2022-1966
621.251
Release Date: June 14, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.80
USNs:
Title: LSN-0086-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0086-1
Priorities: high,medium
CVEs:
- CVE-2021-39713
- CVE-2022-0492
- CVE-2022-1055
- CVE-2022-1116
- CVE-2022-21499
- CVE-2022-29581
- CVE-2022-30594
- CVE-2022-1055
- CVE-2022-0492
- CVE-2022-30594
- CVE-2022-1116
- CVE-2022-21499
- CVE-2021-39713
- CVE-2022-29581
Title: USN-5458-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5458-1
Priorities: low,medium
CVEs:
- CVE-2021-4193
- CVE-2022-0213
- CVE-2022-0319
- CVE-2022-0351
- CVE-2022-0359
- CVE-2022-0361
- CVE-2022-0368
- CVE-2022-0408
- CVE-2022-0443
- CVE-2022-0361
- CVE-2021-4193
- CVE-2022-0359
- CVE-2022-0319
- CVE-2022-0443
- CVE-2022-0368
- CVE-2022-0213
- CVE-2022-0351
- CVE-2022-0408
Title: USN-5464-1: e2fsprogs vulnerability
URL: https://ubuntu.com/security/notices/USN-5464-1
Priorities: medium
CVEs:
- CVE-2022-1304
Title: USN-5466-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5466-1
Priorities: high,low,medium
CVEs:
- CVE-2022-21499
- CVE-2022-1966
- CVE-2021-3772
- CVE-2021-4149
- CVE-2022-1016
- CVE-2022-1419
- CVE-2022-28356
- CVE-2022-28390
- CVE-2022-1966
- CVE-2022-21499
- CVE-2022-1016
- CVE-2021-4149
- CVE-2022-28390
- CVE-2021-3772
- CVE-2022-28356
- CVE-2022-1419
Title: USN-5465-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5465-1
Priorities: high,medium
CVEs:
- CVE-2022-21499
- CVE-2022-1966
- CVE-2022-30594
- CVE-2022-1966
- CVE-2022-21499
- CVE-2022-30594
Title: USN-5454-2: CUPS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5454-2
Priorities: medium,low
CVEs:
- CVE-2022-26691
- CVE-2019-8842
- CVE-2020-10001
- CVE-2022-26691
- CVE-2020-10001
- CVE-2019-8842
Title: USN-5456-1: ImageMagick vulnerability
URL: https://ubuntu.com/security/notices/USN-5456-1
Priorities: medium
CVEs:
- CVE-2022-28463
Title: USN-5462-2: Ruby vulnerability
URL: https://ubuntu.com/security/notices/USN-5462-2
Priorities: low
CVEs:
- CVE-2022-28739
- CVE-2022-28739
621.245
Release Date: June 02, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.78
USNs:
Title: USN-5449-1: libXv vulnerability
URL: https://ubuntu.com/security/notices/USN-5449-1
Priorities: low
CVEs:
- CVE-2016-5407
Title: USN-5437-1: libXfixes vulnerability
URL: https://ubuntu.com/security/notices/USN-5437-1
Priorities: low
CVEs:
- CVE-2016-7944
Title: LSN-0086-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0086-1
Priorities: high,medium
CVEs:
- CVE-2021-39713
- CVE-2022-0492
- CVE-2022-1055
- CVE-2022-1116
- CVE-2022-21499
- CVE-2022-25636
- CVE-2022-29581
- CVE-2022-30594
- CVE-2022-1055
- CVE-2022-0492
- CVE-2022-25636
- CVE-2022-30594
- CVE-2022-1116
- CVE-2022-21499
- CVE-2021-39713
- CVE-2022-29581
Title: USN-5452-1: NTFS-3G vulnerability
URL: https://ubuntu.com/security/notices/USN-5452-1
Priorities: low
CVEs:
- CVE-2021-46790
Title: USN-5402-2: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5402-2
Priorities: medium,low
CVEs:
- CVE-2022-1292
- CVE-2022-1473
- CVE-2022-1473
- CVE-2022-1292
Title: USN-5446-2: dpkg vulnerability
URL: https://ubuntu.com/security/notices/USN-5446-2
Priorities: medium
CVEs:
- CVE-2022-1664
Title: USN-5404-2: Rsyslog vulnerability
URL: https://ubuntu.com/security/notices/USN-5404-2
Priorities: medium
CVEs:
- CVE-2022-24903
Title: USN-5453-1: FreeType vulnerability
URL: https://ubuntu.com/security/notices/USN-5453-1
Priorities: low
CVEs:
- CVE-2022-27406
Title: USN-5443-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5443-1
Priorities: high,medium
CVEs:
- CVE-2022-29581
- CVE-2022-30594
- CVE-2022-29581
- CVE-2022-30594
621.244
Release Date: May 25, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.77
USNs:
Title: USN-5428-1: libXrandr vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5428-1
Priorities: low
CVEs:
- CVE-2016-7947
- CVE-2016-7948
- CVE-2016-7947
- CVE-2016-7948
Title: USN-5436-1: libXrender vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5436-1
Priorities: low
CVEs:
- CVE-2016-7949
- CVE-2016-7950
- CVE-2016-7950
- CVE-2016-7949
Title: USN-5432-1: libpng vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5432-1
Priorities: low
CVEs:
- CVE-2017-12652
- CVE-2018-14048
- CVE-2017-12652
- CVE-2018-14048
Title: USN-5425-1: PCRE vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5425-1
Priorities: low,negligible
CVEs:
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-14155
- CVE-2019-20838
Title: USN-5421-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5421-1
Priorities: negligible,low,medium
CVEs:
- CVE-2020-35522
- CVE-2022-0561
- CVE-2022-0562
- CVE-2022-0891
- CVE-2022-0865
- CVE-2022-0891
- CVE-2022-0562
- CVE-2022-0561
- CVE-2020-35522
- CVE-2022-0865
Title: USN-5423-2: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5423-2
Priorities: low,medium
CVEs:
- CVE-2022-20770
- CVE-2022-20771
- CVE-2022-20785
- CVE-2022-20792
- CVE-2022-20796
- CVE-2022-20771
- CVE-2022-20796
- CVE-2022-20785
- CVE-2022-20792
- CVE-2022-20770
Title: USN-5424-2: OpenLDAP vulnerability
URL: https://ubuntu.com/security/notices/USN-5424-2
Priorities: medium
CVEs:
- CVE-2022-29155
Title: USN-5443-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5443-1
Priorities: high,medium
CVEs:
- CVE-2022-29581
- CVE-2022-30594
- CVE-2022-29581
- CVE-2022-30594
621.241
Release Date: May 17, 2022
Known issues
Xenial Stemcell Versions 621.241 through 621.305 contain a Linux kernel slab memory leak.
Not all workloads and configurations are affected, but anyone planning to upgrade to one of these stemcell versions are urged to not use the affected versions and to use stemcell version 621.330 or later.
For more information about how to detect the issue, please see this Knowledge Base article: https://community.pivotal.io/s/article/Slab-memory-leak-Ubuntu-Xenial
NOTE: This issue has been resolved in Stemcell version 621.330.
Metadata:
BOSH Agent Version: 2.268.76
USNs:
Title: USN-5407-1: Cairo vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5407-1
Priorities: low
CVEs:
- CVE-2016-9082
- CVE-2017-9814
- CVE-2019-6462
- CVE-2020-35492
- CVE-2017-9814
- CVE-2020-35492
- CVE-2019-6462
- CVE-2016-9082
Title: USN-5389-1: Libcroco vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5389-1
Priorities: low
CVEs:
- CVE-2017-7960
- CVE-2017-8834
- CVE-2017-8871
- CVE-2020-12825
- CVE-2020-12825
- CVE-2017-8834
- CVE-2017-8871
- CVE-2017-7960
Title: USN-5405-1: jbig2dec vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5405-1
Priorities: low
CVEs:
- CVE-2017-9216
- CVE-2020-12268
- CVE-2017-9216
- CVE-2020-12268
Title: USN-5259-3: Cron regression
URL: https://ubuntu.com/security/notices/USN-5259-3
Priorities: low
CVEs:
- CVE-2017-9525
- CVE-2019-9704
- CVE-2019-9705
- CVE-2019-9706
- CVE-2017-9525
Title: USN-5419-1: Rsyslog vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5419-1
Priorities: low
CVEs:
- CVE-2018-16881
- CVE-2019-17042
- CVE-2019-17041
Title: USN-5413-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5413-1
Priorities: low,medium
CVEs:
- CVE-2020-27820
- CVE-2021-39713
- CVE-2021-4157
- CVE-2022-26490
- CVE-2022-27223
- CVE-2022-28390
- CVE-2021-4157
- CVE-2022-26490
- CVE-2022-28390
- CVE-2021-39713
- CVE-2022-27223
- CVE-2020-27820
Title: USN-5418-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5418-1
Priorities: medium,low
CVEs:
- CVE-2021-26401
- CVE-2022-23036
- CVE-2022-23037
- CVE-2022-23038
- CVE-2022-23039
- CVE-2022-23040
- CVE-2022-23042
- CVE-2022-24958
- CVE-2022-25258
- CVE-2022-25375
- CVE-2022-26490
- CVE-2022-26966
- CVE-2022-27223
- CVE-2022-27223
- CVE-2022-23038
- CVE-2022-24958
- CVE-2021-26401
- CVE-2022-23042
- CVE-2022-25258
- CVE-2022-26490
- CVE-2022-26966
- CVE-2022-23039
- CVE-2022-23040
- CVE-2022-25375
- CVE-2022-23037
- CVE-2022-23036
Title: USN-5179-2: BusyBox vulnerability
URL: https://ubuntu.com/security/notices/USN-5179-2
Priorities: low
CVEs:
- CVE-2021-28831
- CVE-2021-28831
Title: USN-5392-1: Mutt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5392-1
Priorities: low,medium
CVEs:
- CVE-2021-32055
- CVE-2022-1328
- CVE-2022-1328
- CVE-2021-32055
Title: USN-5391-1: libsepol vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5391-1
Priorities: low
CVEs:
- CVE-2021-36084
- CVE-2021-36085
- CVE-2021-36086
- CVE-2021-36087
- CVE-2021-36086
- CVE-2021-36085
- CVE-2021-36084
- CVE-2021-36087
Title: USN-5409-1: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5409-1
Priorities: low
CVEs:
- CVE-2021-4156
Title: USN-5385-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5385-1
Priorities: medium,low,negligible
CVEs:
- CVE-2021-43975
- CVE-2022-0617
- CVE-2022-24448
- CVE-2022-24959
- CVE-2022-24448
- CVE-2022-24959
- CVE-2021-43975
- CVE-2022-0617
Title: USN-5400-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5400-2
Priorities: medium
CVEs:
- CVE-2022-21417
- CVE-2022-21451
- CVE-2022-21460
- CVE-2022-21444
- CVE-2022-21454
- CVE-2022-21427
Title: USN-5354-2: Twisted vulnerability
URL: https://ubuntu.com/security/notices/USN-5354-2
Priorities: medium
CVEs:
- CVE-2022-21716
- CVE-2022-21716
621.236
Release Date: April 21, 2022
Notice:
The kernel patches included in 621.224 are now in the main kernel repository and have been included in this release.
Metadata:
BOSH Agent Version: 2.268.72
USNs:
Title: USN-5371-1: nginx vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5371-1
Priorities: medium,low
CVEs:
- CVE-2020-11724
- CVE-2020-36309
- CVE-2021-3618
- CVE-2020-36309
- CVE-2021-3618
- CVE-2020-11724
Title: USN-5373-2: Django vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5373-2
Priorities: high,medium
CVEs:
- CVE-2022-28346
- CVE-2021-32052
- CVE-2021-32052
- CVE-2022-28346
621.224
Release Date: March 23, 2022
Notice:
This stemcell contains a patched version of the kernel to address the issues found in 621.216. We have tested this patched kernel against the problems seen in 621.216 and no longer see the problem. We will release another stemcell in mid-April when that kernel patch makes it into the main kernel repository.
Metadata:
BOSH Agent Version: 2.268.65
USNs:
Title: USN-5322-1: Subversion vulnerability
URL: https://ubuntu.com/security/notices/USN-5322-1
Priorities: medium
CVEs:
- CVE-2020-17525
Title: USN-5328-2: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-5328-2
Priorities: high
CVEs:
- CVE-2022-0778
Title: USN-5320-1: Expat vulnerabilities and regression
URL: https://ubuntu.com/security/notices/USN-5320-1
Priorities: high,medium
CVEs:
- CVE-2022-25236
- CVE-2022-25313
- CVE-2022-25314
- CVE-2022-25315
- CVE-2022-25236
- CVE-2022-25314
- CVE-2022-25315
- CVE-2022-25313
Title: USN-5334-1: man-db vulnerability
URL: https://ubuntu.com/security/notices/USN-5334-1
Priorities: low
CVEs:
- CVE-2015-1336
Title: USN-5331-1: tcpdump vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5331-1
Priorities: low
CVEs:
- CVE-2018-16301
- CVE-2020-8037
- CVE-2018-16301
- CVE-2020-8037
Title: USN-5325-1: Zsh vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5325-1
Priorities: low
CVEs:
- CVE-2019-20044
- CVE-2021-45444
- CVE-2021-45444
- CVE-2019-20044
Title: USN-5329-1: tar vulnerability
URL: https://ubuntu.com/security/notices/USN-5329-1
Priorities: low
CVEs:
- CVE-2021-20193
Title: USN-5332-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-5332-2
Priorities: medium
CVEs:
- CVE-2021-25220
- CVE-2021-25220
Title: USN-5343-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5343-1
Priorities: high,low,medium,negligible
CVEs:
- CVE-2022-0492
- CVE-2016-2853
- CVE-2016-2854
- CVE-2019-19449
- CVE-2020-12655
- CVE-2020-25670
- CVE-2020-25671
- CVE-2020-25672
- CVE-2020-25673
- CVE-2020-26139
- CVE-2020-26147
- CVE-2020-26555
- CVE-2020-26558
- CVE-2021-0129
- CVE-2020-36322
- CVE-2020-36385
- CVE-2021-20292
- CVE-2021-20317
- CVE-2021-23134
- CVE-2021-28688
- CVE-2021-28972
- CVE-2021-29650
- CVE-2021-32399
- CVE-2021-33033
- CVE-2021-33034
- CVE-2021-33098
- CVE-2021-34693
- CVE-2021-3483
- CVE-2021-3506
- CVE-2021-3564
- CVE-2021-3573
- CVE-2021-3612
- CVE-2021-3679
- CVE-2021-38160
- CVE-2021-38198
- CVE-2021-38204
- CVE-2021-38208
- CVE-2021-39648
- CVE-2021-40490
- CVE-2021-42008
- CVE-2021-43389
- CVE-2021-45095
- CVE-2021-45469
- CVE-2021-45485
- CVE-2018-5995
- CVE-2020-25673
- CVE-2021-3564
- CVE-2021-0129
- CVE-2021-20317
- CVE-2020-26558
- CVE-2020-36385
- CVE-2021-39648
- CVE-2022-0492
- CVE-2021-20292
- CVE-2020-25671
- CVE-2020-12655
- CVE-2021-34693
- CVE-2020-26147
- CVE-2018-5995
- CVE-2021-33034
- CVE-2020-25670
- CVE-2021-38198
- CVE-2021-40490
- CVE-2021-33033
- CVE-2021-43389
- CVE-2021-3612
- CVE-2021-38160
- CVE-2020-26139
- CVE-2016-2853
- CVE-2021-38204
- CVE-2021-33098
- CVE-2021-3573
- CVE-2021-45469
- CVE-2021-28688
- CVE-2021-38208
- CVE-2021-42008
- CVE-2020-25672
- CVE-2016-2854
- CVE-2021-45095
- CVE-2021-3679
- CVE-2020-36322
- CVE-2019-19449
- CVE-2021-45485
- CVE-2020-26555
- CVE-2021-28972
- CVE-2021-23134
- CVE-2021-32399
- CVE-2021-3506
- CVE-2021-3483
- CVE-2021-29650
Title: USN-5339-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5339-1
Priorities: high,medium,low
CVEs:
- CVE-2022-0492
- CVE-2021-3506
- CVE-2021-43976
- CVE-2021-44733
- CVE-2021-45095
- CVE-2022-0435
- CVE-2022-0435
- CVE-2022-0492
- CVE-2021-43976
- CVE-2021-3506
- CVE-2021-44733
- CVE-2021-45095
621.216
Release Date: March 09, 2022
Known Iissues
- There are currently reported issues with this stemcell and TAS Diego Cells. We have removed this stemcell until we can resolve the issue. If you need access, please contact support.
Metadata:
BOSH Agent Version: 2.268.63
USNs:
Title: USN-5300-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5300-1
Priorities: low,medium
CVEs:
- CVE-2015-9253
- CVE-2017-8923
- CVE-2017-9118
- CVE-2017-9120
- CVE-2017-9119
- CVE-2021-21707
- CVE-2017-8923
- CVE-2017-9118
- CVE-2017-9120
- CVE-2015-9253
- CVE-2017-9119
- CVE-2021-21707
Title: USN-5299-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5299-1
Priorities: medium,low
CVEs:
- CVE-2020-26147
- CVE-2020-26558
- CVE-2021-0129
- CVE-2021-28972
- CVE-2021-33034
- CVE-2021-34693
- CVE-2021-3483
- CVE-2021-3564
- CVE-2021-3612
- CVE-2021-3679
- CVE-2021-38204
- CVE-2021-42008
- CVE-2021-45485
- CVE-2020-26558
- CVE-2021-3564
- CVE-2021-34693
- CVE-2021-3483
- CVE-2020-26147
- CVE-2021-28972
- CVE-2021-33034
- CVE-2021-42008
- CVE-2021-45485
- CVE-2021-38204
- CVE-2021-0129
- CVE-2021-3679
- CVE-2021-3612
Title: USN-5298-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5298-1
Priorities: medium,low
CVEs:
- CVE-2021-22600
- CVE-2021-28711
- CVE-2021-28712
- CVE-2021-28713
- CVE-2021-28714
- CVE-2021-28715
- CVE-2021-39685
- CVE-2021-4083
- CVE-2021-4155
- CVE-2021-4202
- CVE-2022-0330
- CVE-2022-22942
- CVE-2021-39685
- CVE-2021-28715
- CVE-2021-28711
- CVE-2021-4083
- CVE-2021-28713
- CVE-2022-0330
- CVE-2021-28712
- CVE-2021-28714
- CVE-2021-22600
- CVE-2022-22942
- CVE-2021-4155
- CVE-2021-4202
Title: USN-5292-4: snapd regression
URL: https://ubuntu.com/security/notices/USN-5292-4
Priorities: medium,high
CVEs:
- CVE-2021-3155
- CVE-2021-4120
- CVE-2021-44730
- CVE-2021-44731
Title: USN-5310-2: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5310-2
Priorities: medium,low
CVEs:
- CVE-2021-3999
- CVE-2022-23218
- CVE-2022-23219
- CVE-2022-23218
- CVE-2021-3999
- CVE-2022-23219
Title: USN-5319-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5319-1
Priorities: high
CVEs:
- CVE-2022-0001
- CVE-2022-0002
Title: USN-5301-2: Cyrus SASL vulnerability
URL: https://ubuntu.com/security/notices/USN-5301-2
Priorities: high
CVEs:
- CVE-2022-24407
621.211
Release Date: February 21, 2022
Metadata:
BOSH Agent Version: 2.268.61
USNs:
Title: USN-5264-1: Graphviz vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5264-1
Priorities: low,medium
CVEs:
- CVE-2018-10196
- CVE-2019-11023
- CVE-2020-18032
- CVE-2018-10196
- CVE-2020-18032
- CVE-2019-11023
Title: USN-5262-1: GPT fdisk vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5262-1
Priorities: low
CVEs:
- CVE-2020-0256
- CVE-2021-0308
Title: USN-5280-1: Speex vulnerability
URL: https://ubuntu.com/security/notices/USN-5280-1
Priorities: medium
CVEs:
- CVE-2020-23903
Title: USN-5292-3: snapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5292-3
Priorities: medium,high
CVEs:
- CVE-2021-3155
- CVE-2021-4120
- CVE-2021-44730
- CVE-2021-44731
- CVE-2021-3155
- CVE-2021-4120
- CVE-2021-44730
- CVE-2021-44731
Title: USN-5275-1: BlueZ vulnerability
URL: https://ubuntu.com/security/notices/USN-5275-1
Priorities: medium
CVEs:
- CVE-2022-0204
- CVE-2022-0204
Title: USN-5269-2: Django vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5269-2
Priorities: medium
CVEs:
- CVE-2022-22818
- CVE-2022-23833
- CVE-2022-22818
- CVE-2022-23833
621.208
Release Date: February 10, 2022
Enhancements
/optis now mounted to the ephemeral disk rather than the root disk. This is not a recommended storage point for bosh workloads, but some agents deployed on stemcells write their logs to this folder and that could cause the root disk to fill up.
Metadata:
BOSH Agent Version: 2.268.59
USNs:
Title: USN-5254-1: shadow vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5254-1
Priorities: low
CVEs:
- CVE-2017-12424
- CVE-2018-7169
- CVE-2018-7169
- CVE-2017-12424
Title: USN-5259-1: Cron vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5259-1
Priorities: low
CVEs:
- CVE-2017-9525
- CVE-2019-9704
- CVE-2019-9705
- CVE-2019-9706
- CVE-2019-9704
- CVE-2019-9705
- CVE-2019-9706
- CVE-2017-9525
Title: USN-5234-1: Byobu vulnerability
URL: https://ubuntu.com/security/notices/USN-5234-1
Priorities: low
CVEs:
- CVE-2019-7306
Title: USN-5244-1: DBus vulnerability
URL: https://ubuntu.com/security/notices/USN-5244-1
Priorities: low
CVEs:
- CVE-2020-35512
Title: USN-5268-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5268-1
Priorities: medium
CVEs:
- CVE-2021-20322
- CVE-2021-3640
- CVE-2021-3752
- CVE-2021-42739
- CVE-2021-3752
- CVE-2021-20322
- CVE-2021-3640
- CVE-2021-42739
Title: USN-5021-2: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-5021-2
Priorities: low,medium
CVEs:
- CVE-2021-22898
- CVE-2021-22925
- CVE-2021-22898
- CVE-2021-22925
Title: USN-5064-2: GNU cpio vulnerability
URL: https://ubuntu.com/security/notices/USN-5064-2
Priorities: medium
CVEs:
- CVE-2021-38185
Title: USN-5193-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5193-2
Priorities: medium
CVEs:
- CVE-2021-4009
- CVE-2021-4008
- CVE-2021-4011
Title: USN-5252-2: PolicyKit vulnerability
URL: https://ubuntu.com/security/notices/USN-5252-2
Priorities: high
CVEs:
- CVE-2021-4034
Title: USN-5235-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5235-1
Priorities: medium
CVEs:
- CVE-2021-41816
- CVE-2021-41817
- CVE-2021-41819
- CVE-2021-41816
- CVE-2021-41819
- CVE-2021-41817
Title: USN-5260-3: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-5260-3
Priorities: high
CVEs:
- CVE-2021-44142
- CVE-2021-44142
Title: USN-5250-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5250-2
Priorities: medium
CVEs:
- CVE-2021-45079
Title: USN-5243-2: AIDE vulnerability
URL: https://ubuntu.com/security/notices/USN-5243-2
Priorities: medium
CVEs:
- CVE-2021-45417
Title: USN-5233-2: ClamAV vulnerability
URL: https://ubuntu.com/security/notices/USN-5233-2
Priorities: medium
CVEs:
- CVE-2022-20698
Title: USN-5270-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5270-2
Priorities: medium
CVEs:
- CVE-2022-21304
- CVE-2022-21344
- CVE-2022-21367
- CVE-2022-21303
- CVE-2022-21270
- CVE-2022-21245
621.198
Release Date: January 18, 2022
Fixes
Fixes an issue that caused the bosh-agent to continually fail to start when either the cgroup v1 memory controller or the cgroup v2 controller was mounted in more than one location on the file system.
Metadata:
BOSH Agent Version: 2.268.54
USNs:
Title: USN-5225-1: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-5225-1
Priorities: medium
CVEs:
- CVE-2021-43818
Title: USN-5212-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5212-2
Priorities: medium
CVEs:
- CVE-2021-44224
- CVE-2021-44790
- CVE-2021-44790
- CVE-2021-44224
621.196
Release Date: January 07, 2022
Metadata:
BOSH Agent Version: 2.268.51
USNs:
Title: LSN-0083-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0083-1
Priorities: medium,high
CVEs:
- CVE-2018-25020
- CVE-2021-3653
- CVE-2021-4002
- CVE-2021-22555
- CVE-2021-33909
- CVE-2021-33909
- CVE-2018-25020
- CVE-2021-4002
- CVE-2021-22555
- CVE-2021-3653
Title: USN-5211-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5211-1
Priorities: high
CVEs:
- CVE-2021-4002
Title: USN-5209-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5209-1
Priorities: high,low,medium
CVEs:
- CVE-2021-4002
- CVE-2021-20317
- CVE-2021-20321
- CVE-2021-3760
- CVE-2021-41864
- CVE-2021-43389
- CVE-2021-4002
- CVE-2021-43389
- CVE-2021-20321
- CVE-2021-3760
- CVE-2021-41864
- CVE-2021-20317
621.192
Release Date: December 17, 2021
Enhancements
/var/optis now mounted to the ephemeral disk rather than the root disk. This is not a recommended storage point for bosh workloads, but some agents deployed on stemcells write their logs to this folder and that could cause the root disk to fill up.
Fixes
- This release reverts the NATS firewall enhancement added in 621.183. Changes associated with this feature caused VMs to report a networking failed state and prevented monit firewall rules from being applied. The NATS firewall enhancement will be reintroduced in a future release.
Metadata:
BOSH Agent Version: 2.268.49
USNs:
Title: USN-5202-1: OpenJDK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5202-1
Priorities: medium
CVEs:
- CVE-2021-2341
- CVE-2021-2369
- CVE-2021-2388
- CVE-2021-35550
- CVE-2021-35556
- CVE-2021-35559
- CVE-2021-35561
- CVE-2021-35564
- CVE-2021-35565
- CVE-2021-35567
- CVE-2021-35578
- CVE-2021-35586
- CVE-2021-35588
- CVE-2021-35603
- CVE-2021-35556
- CVE-2021-35561
- CVE-2021-35588
- CVE-2021-35578
- CVE-2021-2341
- CVE-2021-35564
- CVE-2021-35603
- CVE-2021-35559
- CVE-2021-35586
- CVE-2021-35550
- CVE-2021-35567
- CVE-2021-2369
- CVE-2021-35565
- CVE-2021-2388
Title: USN-5189-1: GLib vulnerability
URL: https://ubuntu.com/security/notices/USN-5189-1
Priorities: medium
CVEs:
- CVE-2021-3800
Title: USN-5168-4: NSS regression
URL: https://ubuntu.com/security/notices/USN-5168-4
Priorities: high
CVEs:
- CVE-2021-43527
Title: USN-5192-2: Apache Log4j 2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5192-2
Priorities: high
CVEs:
- CVE-2021-44228
621.183
Release Date: December 06, 2021
Enhancements
- Added firewall rules to restrict access to the NATS message bus except by the bosh agent. This provides an additional layer of security so even if an attacker is able to gain access to the NATS credentials, they would be unable to use those from a workload on a Bosh deployed VM. If you are attempting to debug NATS connectivity problems by directly connecting to the Bosh NATS server, you will need additional access; instructions can be found here.
Known issues
Errors are present in the networking service post-start scripts for all BOSH-managed VMs which:
* Causes networking service to report a failed state
* Incorrectly allows external connections to the monit service
* Incorrectly allows external connections to the NATS service
Metadata:
BOSH Agent Version: 2.268.45
USNs:
Title: USN-5147-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5147-1
Priorities: low,medium
CVEs:
- CVE-2017-17087
- CVE-2019-20807
- CVE-2021-3872
- CVE-2021-3903
- CVE-2021-3927
- CVE-2021-3928
- CVE-2021-3928
- CVE-2021-3927
- CVE-2017-17087
- CVE-2019-20807
- CVE-2021-3903
- CVE-2021-3872
Title: USN-5158-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5158-1
Priorities: low
CVEs:
- CVE-2021-20244
- CVE-2021-20246
- CVE-2021-20309
- CVE-2021-20312
- CVE-2021-20313
- CVE-2021-20244
- CVE-2021-20246
- CVE-2021-20309
- CVE-2021-20312
- CVE-2021-20313
Title: USN-5144-1: OpenEXR vulnerability
URL: https://ubuntu.com/security/notices/USN-5144-1
Priorities: medium
CVEs:
- CVE-2021-3933
Title: USN-5150-1: OpenEXR vulnerability
URL: https://ubuntu.com/security/notices/USN-5150-1
Priorities: medium
CVEs:
- CVE-2021-3941
Title: USN-5168-3: NSS vulnerability
URL: https://ubuntu.com/security/notices/USN-5168-3
Priorities: high
CVEs:
- CVE-2021-43527
621.176
Release Date: November 11, 2021
Metadata:
BOSH Agent Version: 2.268.41
USNs:
Title: USN-5114-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5114-1
Priorities: medium,low
CVEs:
- CVE-2020-3702
- CVE-2021-40490
- CVE-2021-38198
- CVE-2021-42008
Title: USN-5119-1: libcaca vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5119-1
Priorities: medium
CVEs:
- CVE-2021-30498
- CVE-2021-30499
Title: USN-5136-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5136-1
Priorities: low,medium
CVEs:
- CVE-2019-19449
- CVE-2020-36322
- CVE-2020-36385
- CVE-2021-3655
- CVE-2021-3743
- CVE-2021-3753
- CVE-2021-3759
- CVE-2021-38199
- CVE-2021-42252
- CVE-2021-38199
- CVE-2020-36322
- CVE-2021-3759
- CVE-2021-3753
- CVE-2020-36385
- CVE-2019-19449
- CVE-2021-3743
- CVE-2021-42252
- CVE-2021-3655
Title: USN-5133-1: ICU vulnerability
URL: https://ubuntu.com/security/notices/USN-5133-1
Priorities: low
CVEs:
- CVE-2020-21913
Title: LSN-0082-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0082-1
Priorities: medium,high
CVEs:
- CVE-2020-29660
- CVE-2020-29661
- CVE-2021-3444
- CVE-2021-3715
- CVE-2020-29660
- CVE-2020-29661
- CVE-2021-3715
- CVE-2021-3444
Title: USN-5125-1: PHP vulnerability
URL: https://ubuntu.com/security/notices/USN-5125-1
Priorities: high
CVEs:
- CVE-2021-21703
Title: USN-5126-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-5126-2
Priorities: medium
CVEs:
- CVE-2021-25219
Title: USN-5123-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5123-2
Priorities: medium
CVEs:
- CVE-2021-35624
- CVE-2021-35604
621.171
Release Date: October 25, 2021
Metadata:
BOSH Agent Version: 2.268.36
Bosh-agent is now build with Go 1.17
Features:
Allow to receive nats and blobstore updates via update settings action
USNs:
Title: USN-5109-1: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-5109-1
Priorities: medium
CVEs:
- CVE-2017-20005
Title: USN-5022-3: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5022-3
Priorities: medium
CVEs:
- CVE-2021-2179
- CVE-2021-2162
- CVE-2021-2389
- CVE-2021-2390
- CVE-2021-2194
- CVE-2021-2146
- CVE-2021-2372
- CVE-2021-2342
- CVE-2021-2169
- CVE-2021-2171
- CVE-2021-2180
- CVE-2021-2154
- CVE-2021-2166
- CVE-2021-2226
- CVE-2021-2307
- CVE-2021-2385
Title: USN-5103-1: docker.io vulnerability
URL: https://ubuntu.com/security/notices/USN-5103-1
Priorities: medium
CVEs:
- CVE-2021-41089
Title: USN-5111-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5111-2
Priorities: medium
CVEs:
- CVE-2021-41991
Title: USN-5121-1: Mailman vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5121-1
Priorities: high
CVEs:
- CVE-2021-42096
- CVE-2021-42097
621.160
Release Date: October 01, 2021
Fixes
Fixes an issue introduced in v621.151 that caused frequent udev events and high CPU usage on Azure VMs.
Metadata:
BOSH Agent Version: 2.268.29
621.154
Release Date: September 16, 2021
Fixes
- Fixes an issue introduced in v621.151 that caused persistent disks to frequently fail to mount.
Metadata:
BOSH Agent Version: 2.268.27
USNs:
Title: USN-5077-2: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5077-2
Priorities: medium
CVEs:
- CVE-2021-3709
- CVE-2021-3710
Title: USN-5076-1: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-5076-1
Priorities: medium
CVEs:
- CVE-2021-40330
621.151
Release Date: September 14, 2021
Fixes
- Updates the
/var/vcap/bosh/bin/monitwrapper script to refer tomonit-actualby absolute path, rather than relative path. This allows folks who reset or clear thePATHenvironment variable to actually be able to use themonitCLI. Prior to this fix, folks who cleared theirPATHenvironment variable would see an error like:/var/vcap/bosh/bin/monit: line 9: exec: monit-actual: not found. - Fixes the “incorrect used memory reporting” issue introduced in stemcell version
621.141. The Bosh Agent will now report the correct amount of memory used by all processes in the VM that it manages, rather than just the processes in its cgroup.
Known issues
- We’ve seen failures with this version of the stemcell in vSphere when attempting to attach a persistent disk to a running VM. We are currently planning to address this issue with an update to the vSphere CPI. It should be fixed in vSphere CPI release >= v69. We have pulled the vSphere version of this stemcell for now.
Note: This issue is fixed in stemcell version 621.154
Metadata:
BOSH Agent Version: 2.268.27
USNs:
Title: USN-5066-2: PySAML2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5066-2
Priorities: medium
CVEs:
- CVE-2021-21239
Title: USN-5039-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5039-1
Priorities: high
CVEs:
- CVE-2021-22555
Title: LSN-0080-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0080-1
Priorities: high
CVEs:
- CVE-2021-22555
Title: USN-5028-1: Exiv2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5028-1
Priorities: medium
CVEs:
- CVE-2021-31291
Title: USN-5025-2: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5025-2
Priorities: medium
CVEs:
- CVE-2021-3246
Title: USN-5027-2: PEAR vulnerability
URL: https://ubuntu.com/security/notices/USN-5027-2
Priorities: medium
CVEs:
- CVE-2021-32610
Title: USN-5044-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5044-1
Priorities: medium
CVEs:
- CVE-2021-3573
- CVE-2021-3587
- CVE-2021-3564
Title: USN-5073-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5073-1
Priorities: medium,low,high
CVEs:
- CVE-2021-3612
- CVE-2021-34693
- CVE-2021-38160
- CVE-2021-3656
- CVE-2021-3653
Title: USN-5062-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5062-1
Priorities: high
CVEs:
- CVE-2021-3653
Title: LSN-0081-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0081-1
Priorities: high
CVEs:
- CVE-2021-3653
- CVE-2021-22555
- CVE-2021-3656
- CVE-2021-33909
Title: USN-5034-2: c-ares vulnerability
URL: https://ubuntu.com/security/notices/USN-5034-2
Priorities: medium
CVEs:
- CVE-2021-3672
Title: USN-5026-2: QPDF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5026-2
Priorities: medium,low
CVEs:
- CVE-2021-36978
- CVE-2018-18020
Title: USN-5051-2: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-5051-2
Priorities: medium
CVEs:
- CVE-2021-3712
Title: USN-5043-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5043-1
Priorities: medium
CVEs:
- CVE-2021-37622
- CVE-2021-32815
- CVE-2021-37623
- CVE-2021-37621
- CVE-2021-37620
- CVE-2021-37618
- CVE-2021-34335
- CVE-2021-37615
- CVE-2021-37619
- CVE-2021-37616
- CVE-2021-34334
Title: USN-5055-1: GNOME grilo vulnerability
URL: https://ubuntu.com/security/notices/USN-5055-1
Priorities: medium
CVEs:
- CVE-2021-39365
Title: USN-5068-1: GD library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5068-1
Priorities: medium,low
CVEs:
- CVE-2021-40145
- CVE-2021-38115
- CVE-2017-6363
621.141
Release Date: August 30, 2021
Enhancements
- Added firewall rules to restrict Monit API access to the Monit CLI and BOSH Agent. To see how to grant your program access to the Monit API, examine the new
monitwrapper script, found at/var/vcap/bosh/bin/monit.
Known issues
- The memory used by the VM that a Bosh Agent manages is incorrectly reported. The Agent will report very significantly smaller amounts of memory used by the VM than are actually used. This means that the “memory used” information in the output of
bosh vms --vitalsand related commands is incorrect. For now, avoid using this stemcell version, if you rely on the VM memory usage information reported by the Bosh Agent, Director, or theboshCLI.
NOTE: This issue has been resolved in Stemcell version 621.151.
Metadata:
BOSH Agent Version: 2.268.23
USNs:
Title: USN-5039-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5039-1
Priorities: high
CVEs:
- CVE-2021-22555
Title: LSN-0080-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0080-1
Priorities: high
CVEs:
- CVE-2021-22555
Title: USN-5028-1: Exiv2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5028-1
Priorities: medium
CVEs:
- CVE-2021-31291
Title: USN-5025-2: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5025-2
Priorities: medium
CVEs:
- CVE-2021-3246
Title: USN-5027-2: PEAR vulnerability
URL: https://ubuntu.com/security/notices/USN-5027-2
Priorities: medium
CVEs:
- CVE-2021-32610
Title: USN-5044-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5044-1
Priorities: medium
CVEs:
- CVE-2021-3573
- CVE-2021-3587
- CVE-2021-3564
Title: USN-5034-2: c-ares vulnerability
URL: https://ubuntu.com/security/notices/USN-5034-2
Priorities: medium
CVEs:
- CVE-2021-3672
Title: USN-5026-2: QPDF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5026-2
Priorities: medium,low
CVEs:
- CVE-2021-36978
- CVE-2018-18020
Title: USN-5043-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5043-1
Priorities: medium
CVEs:
- CVE-2021-37622
- CVE-2021-32815
- CVE-2021-37623
- CVE-2021-37621
- CVE-2021-37620
- CVE-2021-37618
- CVE-2021-34335
- CVE-2021-37615
- CVE-2021-37619
- CVE-2021-37616
- CVE-2021-34334
621.136
Release Date: July 26, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4336-2: GNU binutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4336-2
Priorities: low,medium
CVEs:
- CVE-2018-19932
- CVE-2019-9074
- CVE-2018-18309
- CVE-2017-12451
- CVE-2017-16828
- CVE-2017-7302
- CVE-2017-9751
- CVE-2017-17080
- CVE-2018-12700
- CVE-2017-14130
- CVE-2018-18483
- CVE-2018-7568
- CVE-2017-14128
- CVE-2017-9749
- CVE-2017-12458
- CVE-2019-9070
- CVE-2017-9755
- CVE-2018-10534
- CVE-2017-9746
- CVE-2019-12972
- CVE-2017-7300
- CVE-2018-9138
- CVE-2017-7299
- CVE-2016-4488
- CVE-2017-15020
- CVE-2017-9742
- CVE-2017-17125
- CVE-2017-14939
- CVE-2019-14250
- CVE-2017-14129
- CVE-2017-12967
- CVE-2017-17124
- CVE-2018-12934
- CVE-2017-7210
- CVE-2017-8395
- CVE-2017-7227
- CVE-2017-12459
- CVE-2017-9754
- CVE-2018-20002
- CVE-2016-4489
- CVE-2019-9073
- CVE-2018-8945
- CVE-2017-12448
- CVE-2016-4491
- CVE-2018-17794
- CVE-2017-13710
- CVE-2017-14333
- CVE-2017-15021
- CVE-2017-14940
- CVE-2017-14930
- CVE-2017-7225
- CVE-2017-7223
- CVE-2017-12452
- CVE-2017-6965
- CVE-2018-18701
- CVE-2017-15024
- CVE-2018-10372
- CVE-2018-18484
- CVE-2017-16832
- CVE-2017-9748
- CVE-2017-15225
- CVE-2018-7569
- CVE-2017-16831
- CVE-2018-17358
- CVE-2018-6543
- CVE-2017-7224
- CVE-2016-4493
- CVE-2017-17121
- CVE-2017-9041
- CVE-2019-9071
- CVE-2018-19931
- CVE-2017-9756
- CVE-2018-18700
- CVE-2018-10373
- CVE-2019-17451
- CVE-2018-12697
- CVE-2018-18606
- CVE-2018-12641
- CVE-2017-17123
- CVE-2016-4492
- CVE-2017-16826
- CVE-2017-9753
- CVE-2018-6323
- CVE-2017-8394
- CVE-2017-16827
- CVE-2017-12450
- CVE-2016-6131
- CVE-2017-14529
- CVE-2017-9038
- CVE-2016-2226
- CVE-2017-9747
- CVE-2016-4490
- CVE-2017-12456
- CVE-2018-20671
- CVE-2018-10535
- CVE-2016-4487
- CVE-2017-15939
- CVE-2018-7643
- CVE-2018-13033
- CVE-2017-9039
- CVE-2017-15022
- CVE-2017-8393
- CVE-2018-20623
- CVE-2017-9744
- CVE-2018-7642
- CVE-2017-9752
- CVE-2018-12698
- CVE-2018-12699
- CVE-2017-15996
- CVE-2017-9044
- CVE-2018-6759
- CVE-2017-9745
- CVE-2018-7208
- CVE-2017-6969
- CVE-2017-12449
- CVE-2017-14932
- CVE-2017-7614
- CVE-2017-12454
- CVE-2018-1000876
- CVE-2017-8396
- CVE-2017-8397
- CVE-2017-12455
- CVE-2017-9954
- CVE-2018-17360
- CVE-2019-14444
- CVE-2019-9075
- CVE-2018-17985
- CVE-2017-8398
- CVE-2018-18607
- CVE-2017-8421
- CVE-2019-17450
- CVE-2017-12799
- CVE-2017-15938
- CVE-2017-7301
- CVE-2017-9750
- CVE-2017-7226
- CVE-2017-15025
- CVE-2018-18605
- CVE-2017-9042
- CVE-2017-12457
- CVE-2017-12453
- CVE-2018-17359
- CVE-2017-9040
- CVE-2017-7209
- CVE-2019-9077
- CVE-2017-6966
- CVE-2017-14938
Title: USN-5020-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5020-1
Priorities: medium,low
CVEs:
- CVE-2021-31799
- CVE-2021-32066
- CVE-2021-31810
Title: LSN-0079-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0079-1
Priorities: high
CVEs:
- CVE-2021-3600
- CVE-2021-33909
621.135
Release Date: July 21, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-5013-2: systemd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5013-2
Priorities: low,high
CVEs:
- CVE-2020-13529
- CVE-2021-33910
Title: USN-5018-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5018-1
Priorities: medium,high
CVEs:
- CVE-2021-0129
- CVE-2020-24586
- CVE-2021-33909
- CVE-2021-23134
- CVE-2021-33200
- CVE-2021-33034
- CVE-2020-26139
- CVE-2020-26147
- CVE-2020-24587
- CVE-2021-31829
- CVE-2020-26558
- CVE-2021-32399
Title: USN-5014-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5014-1
Priorities: high
CVEs:
- CVE-2021-33909
621.134
Release Date: July 19, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: LSN-0078-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0078-1
Priorities: high
CVEs:
- CVE-2021-3609
621.133
Release Date: July 15, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-5006-2: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5006-2
Priorities: low,medium
CVEs:
- CVE-2021-21702
- CVE-2020-7071
- CVE-2021-21705
- CVE-2020-7068
- CVE-2021-21704
Title: USN-5004-1: RabbitMQ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5004-1
Priorities: medium,low
CVEs:
- CVE-2021-22116
- CVE-2019-11287
Title: USN-5008-2: Avahi vulnerability
URL: https://ubuntu.com/security/notices/USN-5008-2
Priorities: medium
CVEs:
- CVE-2021-3468
Title: USN-5005-1: DjVuLibre vulnerability
URL: https://ubuntu.com/security/notices/USN-5005-1
Priorities: medium
CVEs:
- CVE-2021-3630
621.131
Release Date: June 23, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4986-2: rpcbind vulnerability
URL: https://ubuntu.com/security/notices/USN-4986-2
Priorities: low
CVEs:
- CVE-2017-8779
Title: USN-4989-2: BlueZ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4989-2
Priorities: medium,low
CVEs:
- CVE-2020-26558
- CVE-2020-27153
Title: USN-4971-2: libwebp vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4971-2
Priorities: medium
CVEs:
- CVE-2020-36331
- CVE-2018-25014
- CVE-2020-36328
- CVE-2018-25012
- CVE-2018-25009
- CVE-2018-25013
- CVE-2018-25011
- CVE-2018-25010
- CVE-2020-36330
- CVE-2020-36329
Title: USN-5003-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5003-1
Priorities: medium,high
CVEs:
- CVE-2021-23133
- CVE-2021-3609
- CVE-2021-3600
Title: USN-4994-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4994-2
Priorities: medium,low
CVEs:
- CVE-2021-26691
- CVE-2020-35452
- CVE-2021-30641
- CVE-2021-26690
Title: USN-4991-1: libxml2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4991-1
Priorities: medium,low
CVEs:
- CVE-2021-3516
- CVE-2017-8872
- CVE-2020-24977
- CVE-2021-3541
- CVE-2021-3537
- CVE-2021-3517
- CVE-2021-3518
- CVE-2019-20388
Title: USN-4996-2: OpenEXR vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4996-2
Priorities: medium,low
CVEs:
- CVE-2021-3605
- CVE-2021-26260
- CVE-2021-20296
- CVE-2021-23215
- CVE-2021-3598
621.130
Release Date: June 09, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4985-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4985-1
Priorities: medium,high
CVEs:
- CVE-2020-24512
- CVE-2021-24489
- CVE-2020-24513
- CVE-2020-24511
Title: USN-4967-2: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-4967-2
Priorities: medium
CVEs:
- CVE-2021-23017
Title: USN-4969-2: DHCP vulnerability
URL: https://ubuntu.com/security/notices/USN-4969-2
Priorities: medium
CVEs:
- CVE-2021-25217
Title: USN-4966-2: libx11 vulnerability
URL: https://ubuntu.com/security/notices/USN-4966-2
Priorities: medium
CVEs:
- CVE-2021-31535
Title: USN-4979-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4979-1
Priorities: medium,low
CVEs:
- CVE-2021-31916
- CVE-2021-3428
- CVE-2020-25670
- CVE-2020-25673
- CVE-2020-25672
- CVE-2021-28660
- CVE-2021-28971
- CVE-2021-28964
- CVE-2021-29647
- CVE-2021-3483
- CVE-2021-33033
- CVE-2020-25671
- CVE-2021-28972
Title: USN-4975-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4975-2
Priorities: low
CVEs:
- CVE-2021-33203
621.129
Release Date: May 26, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4954-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4954-1
Priorities: negligible,low
CVEs:
- CVE-2009-5155
- CVE-2020-6096
Title: USN-4934-2: Exim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4934-2
Priorities: medium
CVEs:
- CVE-2020-28011
- CVE-2020-28009
- CVE-2021-27216
- CVE-2020-28022
- CVE-2020-28025
- CVE-2020-28026
- CVE-2020-28024
- CVE-2020-28014
- CVE-2020-28007
- CVE-2020-28016
- CVE-2020-28020
- CVE-2020-28013
- CVE-2020-28008
- CVE-2020-28015
- CVE-2020-28017
- CVE-2020-28012
Title: USN-4953-1: AWStats vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4953-1
Priorities: low,medium
CVEs:
- CVE-2020-35176
- CVE-2017-1000501
- CVE-2020-29600
Title: USN-4962-1: Babel vulnerability
URL: https://ubuntu.com/security/notices/USN-4962-1
Priorities: medium
CVEs:
- CVE-2021-20095
Title: USN-4930-1: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-4930-1
Priorities: medium
CVEs:
- CVE-2021-20254
Title: USN-4946-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4946-1
Priorities: low,medium
CVEs:
- CVE-2021-20292
- CVE-2021-26930
- CVE-2021-29264
- CVE-2021-29265
- CVE-2021-29650
- CVE-2021-28688
- CVE-2021-26931
- CVE-2021-28038
- CVE-2021-30002
Title: USN-4941-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4941-1
Priorities: medium
CVEs:
- CVE-2021-29458
- CVE-2021-3482
- CVE-2021-29470
- CVE-2021-29457
Title: USN-4964-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4964-1
Priorities: low,medium
CVEs:
- CVE-2021-29464
- CVE-2021-29463
- CVE-2021-32617
- CVE-2021-29623
- CVE-2021-29473
Title: USN-4932-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4932-2
Priorities: medium
CVEs:
- CVE-2021-31542
Title: USN-4957-2: DjVuLibre vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4957-2
Priorities: medium,low
CVEs:
- CVE-2021-32491
- CVE-2021-32492
- CVE-2021-32493
- CVE-2021-32490
- CVE-2021-3500
Title: USN-4965-2: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4965-2
Priorities: medium
CVEs:
- CVE-2021-32549
- CVE-2021-32555
- CVE-2021-32551
- CVE-2021-32548
- CVE-2021-32550
- CVE-2021-32554
- CVE-2021-32553
- CVE-2021-32557
- CVE-2021-32552
- CVE-2021-32547
- CVE-2021-32556
621.125
Release Date: April 30, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4924-1: Dnsmasq vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4924-1
Priorities: low
CVEs:
- CVE-2019-14513
- CVE-2017-15107
Title: USN-4919-1: OpenSLP vulnerability
URL: https://ubuntu.com/security/notices/USN-4919-1
Priorities: medium
CVEs:
- CVE-2019-5544
Title: USN-4927-1: File Roller vulnerability
URL: https://ubuntu.com/security/notices/USN-4927-1
Priorities: medium
CVEs:
- CVE-2020-36314
Title: USN-4918-1: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4918-1
Priorities: medium
CVEs:
- CVE-2021-1405
- CVE-2021-1404
- CVE-2021-1252
Title: USN-4892-1: OpenJDK vulnerability
URL: https://ubuntu.com/security/notices/USN-4892-1
Priorities: medium
CVEs:
- CVE-2021-2163
Title: USN-4913-1: Underscore vulnerability
URL: https://ubuntu.com/security/notices/USN-4913-1
Priorities: medium
CVEs:
- CVE-2021-23358
Title: USN-4926-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4926-1
Priorities: medium
CVEs:
- CVE-2021-24000
- CVE-2021-23996
- CVE-2021-23997
- CVE-2021-23995
- CVE-2021-29946
- CVE-2021-23999
- CVE-2021-23994
- CVE-2021-23998
- CVE-2021-29945
- CVE-2021-24001
- CVE-2021-24002
- CVE-2021-29947
Title: USN-4922-1: Ruby vulnerability
URL: https://ubuntu.com/security/notices/USN-4922-1
Priorities: medium
CVEs:
- CVE-2021-28965
Title: USN-4921-1: libcaca vulnerability
URL: https://ubuntu.com/security/notices/USN-4921-1
Priorities: medium
CVEs:
- CVE-2021-3410
Title: USN-4916-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4916-1
Priorities: high
CVEs:
- CVE-2021-3493
- CVE-2021-29154
Title: USN-4928-1: GStreamer Good Plugins vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4928-1
Priorities: medium
CVEs:
- CVE-2021-3498
- CVE-2021-3497
621.123
Release Date: April 19, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4899-1: SpamAssassin vulnerability
URL: https://ubuntu.com/security/notices/USN-4899-1
Priorities: medium
CVEs:
- CVE-2020-1946
Title: USN-4895-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4895-1
Priorities: medium,low
CVEs:
- CVE-2020-25097
- CVE-2020-15049
Title: USN-4561-2: Rack vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4561-2
Priorities: low,medium
CVEs:
- CVE-2020-8161
- CVE-2020-8184
Title: USN-4885-1: Pygments vulnerability
URL: https://ubuntu.com/security/notices/USN-4885-1
Priorities: medium
CVEs:
- CVE-2021-20270
Title: USN-4898-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4898-1
Priorities: medium
CVEs:
- CVE-2021-22890
- CVE-2021-22876
Title: USN-4893-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4893-1
Priorities: medium,low
CVEs:
- CVE-2021-23987
- CVE-2021-23986
- CVE-2021-23985
- CVE-2021-23988
- CVE-2021-23984
- CVE-2021-23981
- CVE-2021-23982
- CVE-2021-23983
Title: USN-4897-1: Pygments vulnerability
URL: https://ubuntu.com/security/notices/USN-4897-1
Priorities: medium
CVEs:
- CVE-2021-27291
Title: USN-4883-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4883-1
Priorities: high,medium
CVEs:
- CVE-2021-27365
- CVE-2021-27363
- CVE-2021-27364
Title: USN-4902-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4902-1
Priorities: low
CVEs:
- CVE-2021-28658
Title: USN-4896-1: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-4896-1
Priorities: medium
CVEs:
- CVE-2021-28957
Title: USN-4905-1: X.Org X Server vulnerability
URL: https://ubuntu.com/security/notices/USN-4905-1
Priorities: medium
CVEs:
- CVE-2021-3472
Title: USN-4900-1: OpenEXR vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4900-1
Priorities: medium,low
CVEs:
- CVE-2021-3476
- CVE-2021-3475
- CVE-2021-3474
- CVE-2021-3477
- CVE-2021-3478
- CVE-2021-3479
Title: USN-4916-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4916-1
Priorities: high
CVEs:
- CVE-2021-3493
- CVE-2021-29154
621.117
Release Date: March 25, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4888-1: ldb vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4888-1
Priorities: high
CVEs:
- CVE-2021-20277
- CVE-2020-27840
Title: USN-4890-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4890-1
Priorities: high
CVEs:
- CVE-2020-27170
- CVE-2020-27171
621.115
Release Date: March 22, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4758-1: Go vulnerability
URL: https://ubuntu.com/security/notices/USN-4758-1
Priorities: low
CVEs:
- CVE-2020-24553
Title: USN-4761-1: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-4761-1
Priorities: medium
CVEs:
- CVE-2021-21300
Title: USN-4759-1: GLib vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4759-1
Priorities: medium
CVEs:
- CVE-2021-27218
- CVE-2021-27219
Title: USN-4763-1: Pillow vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4763-1
Priorities: medium
CVEs:
- CVE-2021-27922
- CVE-2021-25291
- CVE-2021-27921
- CVE-2021-25293
- CVE-2021-27923
- CVE-2021-25290
- CVE-2021-25292
- CVE-2021-25289
621.113
Release Date: March 15, 2021
Metadata:
BOSH Agent Version: 2.268.20
USNs:
Title: USN-4755-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4755-1
Priorities: medium
CVEs:
- CVE-2020-35524
- CVE-2020-35523
Title: USN-4756-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4756-1
Priorities: medium,low
CVEs:
- CVE-2021-23971
- CVE-2021-23973
- CVE-2021-23970
- CVE-2021-23972
- CVE-2021-23969
- CVE-2021-23968
- CVE-2021-23974
- CVE-2021-23975
- CVE-2021-23978
- CVE-2021-23979
Title: USN-4757-1: wpa_supplicant and hostapd vulnerability
URL: https://ubuntu.com/security/notices/USN-4757-1
Priorities: medium
CVEs:
- CVE-2021-27803
Title: USN-4754-4: Python 2.7 vulnerability
URL: https://ubuntu.com/security/notices/USN-4754-4
Priorities: medium
CVEs:
- CVE-2021-3177
621.109
Release Date: March 05, 2021
Fixes Issues:
GCP rsyslog behavior is fixed - cf ssh and rsyslog should be working as expected
Important Notice:
As of this release, on all IAASs, rsyslog will not start until /var/log is mounted. When used with a Bosh Agent, /var/log will automatically be mounted, and no further action is required.
If you use this stemcell without a Bosh Agent and do not mount /var/log, then you need to do one of these two actions:
* Remove the ExecStartPre= line from /etc/systemd/system/rsyslog.service
* Blank out the contents of /usr/local/bin/wait_for_var_log_to_be_mounted
Either action will cause rsyslog to no longer wait for /var/log to be mounted before starting.
Metadata:
BOSH Agent Version: 2.268.19
USNs:
Title: USN-4754-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4754-1
Priorities: medium,low
CVEs:
- CVE-2021-3177
- CVE-2020-27619
621.108
Release Date: March 01, 2021
Known Issues:
This version of the stemcell has the following issues when used on GCP:
* Attempts to use cf ssh timeout.
* The iptables-logger job fails to deploy
This is because rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
This issue is fixed in stemcell version 621.109.
Metadata:
BOSH Agent Version: 2.268.19
USNs:
Title: USN-4741-1: Jackson vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4741-1
Priorities: medium
CVEs:
- CVE-2017-15095
- CVE-2017-7525
- CVE-2019-10172
Title: USN-4749-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4749-1
Priorities: medium,low
CVEs:
- CVE-2020-27815
- CVE-2020-29660
- CVE-2020-27830
- CVE-2020-29568
- CVE-2020-29374
- CVE-2020-29569
- CVE-2020-29661
- CVE-2020-25669
- CVE-2020-28941
Title: USN-4748-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4748-1
Priorities: medium,low
CVEs:
- CVE-2020-29660
- CVE-2020-29374
- CVE-2020-29661
- CVE-2020-29568
- CVE-2020-27815
Title: USN-4747-1: GNU Screen vulnerability
URL: https://ubuntu.com/security/notices/USN-4747-1
Priorities: medium
CVEs:
- CVE-2021-26937
Title: USN-4746-1: xterm vulnerability
URL: https://ubuntu.com/security/notices/USN-4746-1
Priorities: medium
CVEs:
- CVE-2021-27135 Known Issues: When used on GCP, rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
621.107
Release Date: February 24, 2021
Known Issues:
This version of the stemcell has the following issues when used on GCP:
* Attempts to use cf ssh timeout.
* The iptables-logger job fails to deploy
This is because rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
This issue is fixed in stemcell version 621.109.
Metadata:
BOSH Agent Version: 2.268.19
USNs:
Title: USN-4728-1: snapd vulnerability
URL: https://ubuntu.com/security/notices/USN-4728-1
Priorities: high
CVEs:
- CVE-2020-27352
Title: USN-4718-1: fastd vulnerability
URL: https://ubuntu.com/security/notices/USN-4718-1
Priorities: medium
CVEs:
- CVE-2020-27638
Title: USN-4729-1: Open vSwitch vulnerability
URL: https://ubuntu.com/security/notices/USN-4729-1
Priorities: medium
CVEs:
- CVE-2020-35498
Title: USN-4724-1: OpenLDAP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4724-1
Priorities: medium
CVEs:
- CVE-2020-36223
- CVE-2020-36226
- CVE-2020-36227
- CVE-2020-36230
- CVE-2020-36221
- CVE-2020-36229
- CVE-2020-36224
- CVE-2020-36225
- CVE-2020-36228
- CVE-2020-36222
Title: USN-4737-1: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-4737-1
Priorities: medium
CVEs:
- CVE-2020-8625
Title: USN-4734-1: wpa_supplicant and hostapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4734-1
Priorities: high,medium
CVEs:
- CVE-2021-0326
- CVE-2020-12695
Title: USN-4720-1: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4720-1
Priorities: medium
CVEs:
- CVE-2021-25683
- CVE-2021-25682
- CVE-2021-25684 Known Issues: When used on GCP, rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
621.101
Release Date: February 03, 2021
Metadata:
BOSH Agent Version: 2.268.17
USNs:
Title: USN-4702-1: Pound vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4702-1
Priorities: medium
CVEs:
- CVE-2018-21245
- CVE-2016-10711
Title: USN-4708-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4708-1
Priorities: medium,low
CVEs:
- CVE-2020-27777
- CVE-2018-13093
- CVE-2019-19816
- CVE-2020-25669
- CVE-2019-19813
Title: USN-4709-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4709-1
Priorities: high,low
CVEs:
- CVE-2020-28374
- CVE-2019-19816
- CVE-2020-25669
- CVE-2019-19813
- CVE-2018-13093
Title: USN-4711-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4711-1
Priorities: high,medium
CVEs:
- CVE-2020-28374
- CVE-2020-25704
Title: USN-4716-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4716-1
Priorities: medium
CVEs:
- CVE-2021-2088
- CVE-2021-2076
- CVE-2021-2022
- CVE-2021-2061
- CVE-2021-2081
- CVE-2021-2065
- CVE-2021-2070
- CVE-2021-2002
- CVE-2021-2072
- CVE-2021-2122
- CVE-2021-2046
- CVE-2021-2048
- CVE-2021-2038
- CVE-2021-2031
- CVE-2021-2056
- CVE-2021-2087
- CVE-2021-2010
- CVE-2021-2036
- CVE-2021-2060
- CVE-2021-2021
- CVE-2021-2024
- CVE-2021-2014
- CVE-2021-2032
- CVE-2021-2058
- CVE-2021-2011
Title: USN-4717-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4717-1
Priorities: medium
CVEs:
- CVE-2021-23954
- CVE-2021-23964
- CVE-2021-23958
- CVE-2021-23960
- CVE-2021-23963
- CVE-2021-23955
- CVE-2021-23961
- CVE-2021-23962
- CVE-2021-23953
- CVE-2021-23956
- CVE-2021-23965
Title: USN-4703-1: Mutt vulnerability
URL: https://ubuntu.com/security/notices/USN-4703-1
Priorities: medium
CVEs:
- CVE-2021-3181
Title: USN-4715-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4715-1
Priorities: medium
CVEs:
- CVE-2021-3281
621.99
Release Date: January 27, 2021
Metadata:
BOSH Agent Version: 2.268.16
USNs:
USN: 4705-1
URL: https://ubuntu.com/security/notices/USN-4705-1
USN: 4704-1
URL: https://ubuntu.com/security/notices/USN-4704-1
USN: 4703-1
URL: https://ubuntu.com/security/notices/USN-4703-1
USN: 4702-1
URL: https://ubuntu.com/security/notices/USN-4702-1
USN: 4700-1
URL: https://ubuntu.com/security/notices/USN-4700-1
USN: 4699-1
URL: https://ubuntu.com/security/notices/USN-4699-1
USN: 4698-1
URL: https://ubuntu.com/security/notices/USN-4698-1
USN: 4697-1
URL: https://ubuntu.com/security/notices/USN-4697-1
USN: 4696-1
URL: https://ubuntu.com/security/notices/USN-4696-1
USN: 4695-1
URL: https://ubuntu.com/security/notices/USN-4695-1
USN: 4694-1
URL: https://ubuntu.com/security/notices/USN-4694-1
621.97
Release Date: January 15, 2021
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4688-1: JasPer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4688-1
Priorities: negligible,low,medium
CVEs:
- CVE-2017-9782
- CVE-2018-18873
- CVE-2018-19542
- CVE-2020-27828
Title: USN-4672-1: unzip vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4672-1
Priorities: low,negligible
CVEs:
- CVE-2018-1000035
- CVE-2018-18384
- CVE-2014-9913
- CVE-2016-9844
- CVE-2019-13232
Title: USN-4684-1: EDK II vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4684-1
Priorities: low
CVEs:
- CVE-2019-14584
- CVE-2019-14562
Title: USN-4670-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4670-1
Priorities: low,negligible
CVEs:
- CVE-2019-19949
- CVE-2020-27560
- CVE-2019-19948
Title: USN-4680-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4680-1
Priorities: low,medium
CVEs:
- CVE-2020-0423
- CVE-2020-28974
- CVE-2020-25656
- CVE-2020-10135
- CVE-2020-27675
- CVE-2020-27777
- CVE-2020-25705
- CVE-2019-19770
- CVE-2020-25668
Title: USN-4687-1: Firefox vulnerability
URL: https://ubuntu.com/security/notices/USN-4687-1
Priorities: medium
CVEs:
- CVE-2020-16044
Title: USN-4674-1: Dovecot vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4674-1
Priorities: medium
CVEs:
- CVE-2020-24386
- CVE-2020-25275
Title: USN-4681-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4681-1
Priorities: medium,low
CVEs:
- CVE-2020-25668
- CVE-2020-4788
- CVE-2019-0148
- CVE-2020-28974
- CVE-2020-27675
- CVE-2020-25656
Title: USN-4671-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4671-1
Priorities: medium,low
CVEs:
- CVE-2020-26971
- CVE-2020-26973
- CVE-2020-26978
- CVE-2020-26979
- CVE-2020-35111
- CVE-2020-26972
- CVE-2020-26976
- CVE-2020-35113
- CVE-2020-35114
- CVE-2020-26974
- CVE-2020-16042
Title: USN-4666-2: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-4666-2
Priorities: medium
CVEs:
- CVE-2020-27783
Title: USN-4686-1: Ghostscript vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4686-1
Priorities: medium,low,negligible
CVEs:
- CVE-2020-27842
- CVE-2020-27845
- CVE-2020-27814
- CVE-2020-27841
- CVE-2020-6851
- CVE-2020-27824
- CVE-2020-27843
- CVE-2020-8112
- CVE-2018-5727
Title: USN-4694-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-4694-1
Priorities: high
CVEs:
- CVE-2020-28374
621.95
Release Date: December 21, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4669-1: SquirrelMail vulnerability
URL: https://ubuntu.com/security/notices/USN-4669-1
Priorities: medium
CVEs:
- CVE-2019-12970
Title: USN-4657-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4657-1
Priorities: low,medium
CVEs:
- CVE-2020-14351
- CVE-2020-25284
- CVE-2020-25211
- CVE-2020-25705
- CVE-2020-10135
- CVE-2020-0427
- CVE-2020-25645
- CVE-2020-28915
- CVE-2020-4788
- CVE-2020-12352
- CVE-2020-25643
- CVE-2020-14390
Title: USN-4660-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4660-1
Priorities: low,medium
CVEs:
- CVE-2020-14351
- CVE-2020-25643
- CVE-2020-25284
- CVE-2020-25285
- CVE-2020-25645
- CVE-2020-28915
- CVE-2020-4788
- CVE-2020-25211
- CVE-2020-14390
- CVE-2020-25641
Title: USN-4661-1: Snapcraft vulnerability
URL: https://ubuntu.com/security/notices/USN-4661-1
Priorities: medium
CVEs:
- CVE-2020-27348
Title: USN-4664-1: Aptdaemon vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4664-1
Priorities: medium
CVEs:
- CVE-2020-27349
- CVE-2020-16128
Title: USN-4667-1: APT vulnerability
URL: https://ubuntu.com/security/notices/USN-4667-1
Priorities: medium
CVEs:
- CVE-2020-27350
Title: USN-4668-1: python-apt vulnerability
URL: https://ubuntu.com/security/notices/USN-4668-1
Priorities: medium
CVEs:
- CVE-2020-27351
Title: USN-4665-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4665-1
Priorities: medium,low
CVEs:
- CVE-2020-8286
- CVE-2020-8285
- CVE-2020-8231
- CVE-2020-8284
621.94
Release Date: December 08, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4652-1: SniffIt vulnerability
URL: https://ubuntu.com/security/notices/USN-4652-1
Priorities: medium
CVEs:
- CVE-2014-5439
Title: USN-4662-1: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-4662-1
Priorities: high
CVEs:
- CVE-2020-1971
621.93
Release Date: December 01, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
- [USN-4611-1] Samba vulnerabilities
- [USN-4605-2] Blueman update
- [USN-4614-1] GDM vulnerability
- [USN-4616-1] AccountsService vulnerabilities
- [USN-4613-1] python-cryptography vulnerability
- [USN-4615-1] Yerase’s TNEF vulnerabilities
- [USN-4617-1] SPICE vdagent vulnerabilities
- [USN-4616-2] AccountsService vulnerabilities
- [USN-4618-1] tmux vulnerability
- [USN-4619-1] dom4j vulnerability
- [USN-4599-3] Firefox regressions
- [USN-4620-1] phpLDAPadmin vulnerability
- [USN-4621-1] netqmail vulnerabilities
- [USN-4622-1] OpenLDAP vulnerability
- [USN-4623-1] Pacemaker vulnerability
- [USN-4624-1] libexif vulnerability
- [USN-4625-1] Firefox vulnerability
- [USN-4626-1] Linux kernel vulnerabilities
- [USN-4627-1] Linux kernel vulnerability
- [USN-4628-1] Intel Microcode vulnerabilities
- [USN-4629-1] MoinMoin vulnerabilities
- [USN-4630-1] Raptor vulnerability
- [USN-4622-2] OpenLDAP vulnerability
- [USN-4628-2] Intel Microcode regression
- [USN-4171-6] Apport regression
- [USN-4631-1] libmaxminddb vulnerability
- [USN-4632-1] SLiRP vulnerabilities
- [USN-4607-2] OpenJDK regressions
- [USN-4633-1] PostgreSQL vulnerabilities
- [USN-4634-1] OpenLDAP vulnerabilities
- [USN-4635-1] Kerberos vulnerability
- [USN-4636-1] LibVNCServer, Vino vulnerability
- [USN-4637-1] Firefox vulnerabilities
- [USN-4638-1] c-ares vulnerability
- [USN-4639-1] phpMyAdmin vulnerabilities
- [USN-4637-2] Firefox vulnerabilities
- [USN-4634-2] OpenLDAP vulnerabilities
- [USN-4640-1] PulseAudio vulnerability
- [USN-4641-1] libextractor vulnerabilities
- [USN-4642-1] PDFResurrect vulnerability
- [USN-4643-1] atftp vulnerabilities
- [USN-4644-1] igraph vulnerability
- [USN-4645-1] Mutt vulnerability
- [USN-4646-1] poppler vulnerabilities
- [USN-4647-1] Thunderbird vulnerabilities
- [USN-4648-1] WebKitGTK vulnerabilities
- [USN-4649-1] xdg-utils vulnerability
- [USN-4646-2] poppler regression
- [USN-4382-2] FreeRDP vulnerabilities
- [USN-4650-1] QEMU vulnerabilities
621.92
Release Date: November 16, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4587-1: iTALC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4587-1
Priorities: medium,low
CVEs:
- CVE-2014-6051
- CVE-2014-6052
- CVE-2014-6053
- CVE-2014-6054
- CVE-2014-6055
- CVE-2016-9941
- CVE-2016-9942
- CVE-2018-15127
- CVE-2018-20019
- CVE-2018-20020
- CVE-2018-20021
- CVE-2018-20022
- CVE-2018-20023
- CVE-2018-20024
- CVE-2018-20748
- CVE-2018-20749
- CVE-2018-20750
- CVE-2018-7225
- CVE-2019-15681
Title: USN-4552-2: Pam-python vulnerability
URL: https://ubuntu.com/security/notices/USN-4552-2
Priorities: medium
CVEs:
- CVE-2019-16729
621.90
Release Date: October 23, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4593-1: FreeType vulnerability
URL: https://ubuntu.com/security/notices/USN-4593-1
Priorities: high
CVEs:
- CVE-2020-15999
621.89
Release Date: October 20, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4582-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4582-1
Priorities: low
CVEs:
- CVE-2017-17087
- CVE-2019-20807
Title: USN-4579-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4579-1
Priorities: low,medium,high
CVEs:
- CVE-2018-10322
- CVE-2020-14314
- CVE-2020-16119
- CVE-2020-25285
Title: USN-4591-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4591-1
Priorities: high,medium
CVEs:
- CVE-2020-12351
- CVE-2020-12352
Title: USN-4589-1: containerd vulnerability
URL: https://ubuntu.com/security/notices/USN-4589-1
Priorities: medium
CVEs:
- CVE-2020-15157
Title: USN-4589-2: Docker vulnerability
URL: https://ubuntu.com/security/notices/USN-4589-2
Priorities: medium
CVEs:
- CVE-2020-15157
Title: USN-4581-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-4581-1
Priorities: medium
CVEs:
- CVE-2020-26116
Title: USN-4584-1: HtmlUnit vulnerability
URL: https://ubuntu.com/security/notices/USN-4584-1
Priorities: medium
CVEs:
- CVE-2020-5529
Title: USN-4583-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4583-1
Priorities: medium
CVEs:
- CVE-2020-7069
- CVE-2020-7070
621.87
Release Date: October 14, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4573-1: Vino vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4573-1
Priorities: medium,low
CVEs:
- CVE-2014-6053
- CVE-2018-7225
- CVE-2019-15681
- CVE-2020-14397
- CVE-2020-14402
- CVE-2020-14403
- CVE-2020-14404
Title: USN-4554-1: libPGF vulnerability
URL: https://ubuntu.com/security/notices/USN-4554-1
Priorities: medium
CVEs:
- CVE-2015-6673
Title: USN-4557-1: Tomcat vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4557-1
Priorities: low,medium
CVEs:
- CVE-2016-0762
- CVE-2016-5018
- CVE-2016-6794
- CVE-2016-6796
- CVE-2016-6797
- CVE-2016-6816
- CVE-2016-8735
Title: USN-4578-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4578-1
Priorities: low,medium,high
CVEs:
- CVE-2018-10322
- CVE-2019-19448
- CVE-2020-14314
- CVE-2020-16119
- CVE-2020-16120
- CVE-2020-25212
- CVE-2020-26088
Title: USN-4547-2: SSVNC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4547-2
Priorities: medium
CVEs:
- CVE-2018-20020
- CVE-2018-20021
- CVE-2018-20022
- CVE-2018-20024
Title: USN-4571-1: rack-cors vulnerability
URL: https://ubuntu.com/security/notices/USN-4571-1
Priorities: medium
CVEs:
- CVE-2019-18978
Title: USN-4572-1: Spice vulnerability
URL: https://ubuntu.com/security/notices/USN-4572-1
Priorities: medium
CVEs:
- CVE-2020-14355
Title: USN-4559-1: Samba update
URL: https://ubuntu.com/security/notices/USN-4559-1
Priorities: medium
CVEs:
- CVE-2020-1472
Title: USN-4551-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4551-1
Priorities: low,medium
CVEs:
- CVE-2020-15049
- CVE-2020-15810
- CVE-2020-15811
- CVE-2020-24606
Title: USN-4564-1: Apache Tika vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4564-1
Priorities: medium,low
CVEs:
- CVE-2020-1950
- CVE-2020-1951
Title: USN-4570-1: urllib3 vulnerability
URL: https://ubuntu.com/security/notices/USN-4570-1
Priorities: medium
CVEs:
- CVE-2020-26137
Title: USN-4568-1: Brotli vulnerability
URL: https://ubuntu.com/security/notices/USN-4568-1
Priorities: medium
CVEs:
- CVE-2020-8927
621.85
Release Date: September 28, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4500-1: bsdiff vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4500-1
Priorities: medium
CVEs:
- CVE-2014-9862
Title: USN-4506-1: MCabber vulnerability
URL: https://ubuntu.com/security/notices/USN-4506-1
Priorities: medium
CVEs:
- CVE-2016-9928
Title: USN-4513-1: apng2gif vulnerability
URL: https://ubuntu.com/security/notices/USN-4513-1
Priorities: medium
CVEs:
- CVE-2017-6960
Title: USN-4517-1: Email-Address-List vulnerability
URL: https://ubuntu.com/security/notices/USN-4517-1
Priorities: medium
CVEs:
- CVE-2018-18898
Title: USN-4507-1: ncmpc vulnerability
URL: https://ubuntu.com/security/notices/USN-4507-1
Priorities: medium
CVEs:
- CVE-2018-9240
Title: USN-4499-1: MilkyTracker vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4499-1
Priorities: medium
CVEs:
- CVE-2019-14464
- CVE-2019-14496
- CVE-2019-14497
Title: USN-4504-1: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4504-1
Priorities: low
CVEs:
- CVE-2019-1547
- CVE-2019-1551
- CVE-2019-1563
- CVE-2020-1968
Title: USN-4498-1: Loofah vulnerability
URL: https://ubuntu.com/security/notices/USN-4498-1
Priorities: medium
CVEs:
- CVE-2019-15587
Title: USN-4496-1: Apache XML-RPC vulnerability
URL: https://ubuntu.com/security/notices/USN-4496-1
Priorities: medium
CVEs:
- CVE-2019-17570
Title: USN-4526-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4526-1
Priorities: low,medium
CVEs:
- CVE-2019-18808
- CVE-2019-19054
- CVE-2019-19061
- CVE-2019-19067
- CVE-2019-19073
- CVE-2019-19074
- CVE-2019-9445
- CVE-2020-12888
- CVE-2020-14356
- CVE-2020-16166
Title: USN-4527-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4527-1
Priorities: low,medium
CVEs:
- CVE-2019-19054
- CVE-2019-19073
- CVE-2019-19074
- CVE-2019-20811
- CVE-2019-9445
- CVE-2019-9453
- CVE-2020-0067
- CVE-2020-25212
Title: USN-4520-1: Exim SpamAssassin vulnerability
URL: https://ubuntu.com/security/notices/USN-4520-1
Priorities: medium
CVEs:
- CVE-2019-19920
Title: USN-4534-1: Perl DBI module vulnerability
URL: https://ubuntu.com/security/notices/USN-4534-1
Priorities: medium
CVEs:
- CVE-2019-20919
Title: USN-4535-1: RDFLib vulnerability
URL: https://ubuntu.com/security/notices/USN-4535-1
Priorities: medium
CVEs:
- CVE-2019-7653
Title: USN-4528-1: Ceph vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4528-1
Priorities: medium
CVEs:
- CVE-2020-10753
- CVE-2020-12059
- CVE-2020-1760
Title: USN-4518-1: xawtv vulnerability
URL: https://ubuntu.com/security/notices/USN-4518-1
Priorities: low
CVEs:
- CVE-2020-13696
Title: USN-4521-1: pam_tacplus vulnerability
URL: https://ubuntu.com/security/notices/USN-4521-1
Priorities: low
CVEs:
- CVE-2020-13881
Title: USN-4511-1: QEMU vulnerability
URL: https://ubuntu.com/security/notices/USN-4511-1
Priorities: medium
CVEs:
- CVE-2020-14364
Title: USN-4503-1: Perl DBI module vulnerability
URL: https://ubuntu.com/security/notices/USN-4503-1
Priorities: medium
CVEs:
- CVE-2020-14392
Title: USN-4537-1: Aptdaemon vulnerability
URL: https://ubuntu.com/security/notices/USN-4537-1
Priorities: medium
CVEs:
- CVE-2020-15703
Title: USN-4519-1: PulseAudio vulnerability
URL: https://ubuntu.com/security/notices/USN-4519-1
Priorities: medium
CVEs:
- CVE-2020-15710
Title: USN-4501-1: LuaJIT vulnerability
URL: https://ubuntu.com/security/notices/USN-4501-1
Priorities: low
CVEs:
- CVE-2020-15890
Title: USN-4538-1: PackageKit vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4538-1
Priorities: low,medium
CVEs:
- CVE-2020-16121
- CVE-2020-16122
Title: USN-4514-1: libproxy vulnerability
URL: https://ubuntu.com/security/notices/USN-4514-1
Priorities: medium
CVEs:
- CVE-2020-25219
Title: USN-4508-1: StoreBackup vulnerability
URL: https://ubuntu.com/security/notices/USN-4508-1
Priorities: medium
CVEs:
- CVE-2020-7040
Title: USN-4515-1: Pure-FTPd vulnerability
URL: https://ubuntu.com/security/notices/USN-4515-1
Priorities: low
CVEs:
- CVE-2020-9274
621.84
Release Date: September 09, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4470-1: sane-backends vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4470-1
Priorities: low,medium
CVEs:
- CVE-2017-6318
- CVE-2020-12861
- CVE-2020-12862
- CVE-2020-12863
- CVE-2020-12864
- CVE-2020-12865
- CVE-2020-12866
- CVE-2020-12867
Title: USN-4485-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4485-1
Priorities: low,medium,negligible
CVEs:
- CVE-2018-20669
- CVE-2019-19947
- CVE-2019-20810
- CVE-2020-10732
- CVE-2020-10766
- CVE-2020-10767
- CVE-2020-10768
- CVE-2020-10781
- CVE-2020-12655
- CVE-2020-12656
- CVE-2020-12771
- CVE-2020-13974
- CVE-2020-15393
- CVE-2020-24394
Title: USN-4476-1: NSS vulnerability
URL: https://ubuntu.com/security/notices/USN-4476-1
Priorities: medium
CVEs:
- CVE-2020-12403
Title: USN-4490-1: X.Org X Server vulnerability
URL: https://ubuntu.com/security/notices/USN-4490-1
Priorities: medium
CVEs:
- CVE-2020-14345
Title: USN-4489-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-4489-1
Priorities: high
CVEs:
- CVE-2020-14386
Title: USN-4471-1: Net-SNMP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4471-1
Priorities: medium
CVEs:
- CVE-2020-15861
- CVE-2020-15862
Title: USN-4482-1: Ark vulnerability
URL: https://ubuntu.com/security/notices/USN-4482-1
Priorities: medium
CVEs:
- CVE-2020-24654
621.82
Release Date: August 21, 2020
This release changes the way the Linux Google light stemcell works to reference a source image. It will lead to a decrease in the time it takes to upload the light stemcell. This change will also help mitigate the impact of the new GCP image creation rate limit which any user uploading more than 6 GCP stemcells an hour would hit.
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4459-1: Salt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4459-1
Priorities: medium
CVEs:
- CVE-2018-15750
- CVE-2018-15751
- CVE-2019-17361
- CVE-2020-11651
- CVE-2020-11652
Title: USN-4463-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4463-1
Priorities: low
CVEs:
- CVE-2020-12771
- CVE-2020-15393
621.81
Release Date: August 19, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4427-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4427-1
Priorities: negligible,low,medium
CVEs:
- CVE-2019-12380
- CVE-2019-19947
- CVE-2019-20810
- CVE-2019-20908
- CVE-2020-10732
- CVE-2020-10766
- CVE-2020-10767
- CVE-2020-10768
- CVE-2020-11935
- CVE-2020-13974
Title: USN-4446-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4446-1
Priorities: medium
CVEs:
- CVE-2019-12520
- CVE-2019-12523
- CVE-2019-12524
- CVE-2019-18676
Title: USN-4426-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4426-1
Priorities: medium
CVEs:
- CVE-2019-20908
- CVE-2020-10757
- CVE-2020-11935
- CVE-2020-15780
Title: USN-4432-1: GRUB 2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4432-1
Priorities: high,medium
CVEs:
- CVE-2020-10713
- CVE-2020-14308
- CVE-2020-14309
- CVE-2020-14310
- CVE-2020-14311
- CVE-2020-15705
- CVE-2020-15706
- CVE-2020-15707
Title: USN-4449-1: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4449-1
Priorities: medium
CVEs:
- CVE-2020-11936
- CVE-2020-15701
- CVE-2020-15702
Title: USN-4456-1: Dovecot vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4456-1
Priorities: medium
CVEs:
- CVE-2020-12100
- CVE-2020-12673
- CVE-2020-12674
Title: USN-4455-1: NSS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4455-1
Priorities: medium
CVEs:
- CVE-2020-12400
- CVE-2020-12401
- CVE-2020-6829
Title: USN-4448-1: Tomcat vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4448-1
Priorities: medium,low
CVEs:
- CVE-2020-13935
- CVE-2020-1935
- CVE-2020-9484
Title: USN-4454-1: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-4454-1
Priorities: medium
CVEs:
- CVE-2020-14303
Title: USN-4441-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4441-1
Priorities: medium
CVEs:
- CVE-2020-14539
- CVE-2020-14540
- CVE-2020-14547
- CVE-2020-14550
- CVE-2020-14553
- CVE-2020-14559
- CVE-2020-14568
- CVE-2020-14575
- CVE-2020-14576
- CVE-2020-14586
- CVE-2020-14591
- CVE-2020-14597
- CVE-2020-14619
- CVE-2020-14620
- CVE-2020-14623
- CVE-2020-14624
- CVE-2020-14631
- CVE-2020-14632
- CVE-2020-14633
- CVE-2020-14634
- CVE-2020-14641
- CVE-2020-14643
- CVE-2020-14651
- CVE-2020-14654
- CVE-2020-14656
- CVE-2020-14663
- CVE-2020-14678
- CVE-2020-14680
- CVE-2020-14697
- CVE-2020-14702
Title: USN-4453-1: OpenJDK 8 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4453-1
Priorities: medium
CVEs:
- CVE-2020-14556
- CVE-2020-14577
- CVE-2020-14578
- CVE-2020-14579
- CVE-2020-14581
- CVE-2020-14583
- CVE-2020-14593
- CVE-2020-14621
Title: USN-4443-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4443-1
Priorities: medium,low
CVEs:
- CVE-2020-15652
- CVE-2020-15653
- CVE-2020-15654
- CVE-2020-15655
- CVE-2020-15656
- CVE-2020-15658
- CVE-2020-15659
- CVE-2020-6463
- CVE-2020-6514
Title: USN-4451-1: ppp vulnerability
URL: https://ubuntu.com/security/notices/USN-4451-1
Priorities: medium
CVEs:
- CVE-2020-15704
Title: USN-4447-1: libssh vulnerability
URL: https://ubuntu.com/security/notices/USN-4447-1
Priorities: medium
CVEs:
- CVE-2020-16135
621.78
Release Date: July 30, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4427-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4427-1
Priorities: low,medium,negligible
CVEs:
- CVE-2019-12380
- CVE-2019-19947
- CVE-2019-20810
- CVE-2019-20908
- CVE-2020-10732
- CVE-2020-10766
- CVE-2020-10767
- CVE-2020-10768
- CVE-2020-11935
- CVE-2020-13974
Title: USN-4426-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4426-1
Priorities: medium
CVEs:
- CVE-2019-20908
- CVE-2020-10757
- CVE-2020-11935
- CVE-2020-15780
Title: USN-4436-1: librsvg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4436-1
Priorities: low
CVEs:
- CVE-2017-11464
- CVE-2019-20446
Title: USN-4435-1: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4435-1
Priorities: medium
CVEs:
- CVE-2020-3327
- CVE-2020-3350
- CVE-2020-3481
Title: USN-4434-1: LibVNCServer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4434-1
Priorities: medium
CVEs:
- CVE-2019-20839
- CVE-2019-20840
- CVE-2020-14396
- CVE-2020-14397
- CVE-2020-14398
- CVE-2020-14399
- CVE-2020-14400
- CVE-2020-14401
- CVE-2020-14402
- CVE-2020-14403
- CVE-2020-14404
- CVE-2020-14405
Title: USN-4431-1: FFmpeg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4431-1
Priorities: low,medium
CVEs:
- CVE-2018-15822
- CVE-2019-11338
- CVE-2019-12730
- CVE-2019-13312
- CVE-2019-13390
- CVE-2019-17539
- CVE-2019-17542
- CVE-2020-12284
- CVE-2020-13904
Title: USN-4428-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4428-1
Priorities: low,medium
CVEs:
- CVE-2019-17514
- CVE-2019-20907
- CVE-2019-9674
- CVE-2020-14422
Title: USN-4424-1: snapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4424-1
Priorities: medium
CVEs:
- CVE-2020-11933
- CVE-2020-11934
Title: USN-4421-1: Thunderbird vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4421-1
Priorities: medium
CVEs:
- CVE-2020-12398
- CVE-2020-12399
- CVE-2020-12405
- CVE-2020-12406
- CVE-2020-12410
- CVE-2020-12417
- CVE-2020-12418
- CVE-2020-12419
- CVE-2020-12420
- CVE-2020-12421
Title: USN-4419-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4419-1
Priorities: low,medium
CVEs:
- CVE-2020-10690
- CVE-2020-10711
- CVE-2020-12770
- CVE-2020-13143
- CVE-2020-8992
Title: USN-4414-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4414-1
Priorities: low,medium,negligible
CVEs:
- CVE-2019-12380
- CVE-2019-16089
- CVE-2019-19036
- CVE-2019-19039
- CVE-2019-19318
- CVE-2019-19377
- CVE-2019-19462
- CVE-2019-19813
- CVE-2019-19816
- CVE-2020-10711
- CVE-2020-12770
- CVE-2020-13143
Title: USN-4416-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4416-1
Priorities: low,medium
CVEs:
- CVE-2017-12133
- CVE-2017-18269
- CVE-2018-11236
- CVE-2018-11237
- CVE-2018-19591
- CVE-2018-6485
- CVE-2019-19126
- CVE-2019-9169
- CVE-2020-10029
- CVE-2020-1751
- CVE-2020-1752
Title: USN-4415-1: coTURN vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4415-1
Priorities: medium
CVEs:
- CVE-2020-4067
- CVE-2020-6061
- CVE-2020-6062
Title: USN-4408-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4408-1
Priorities: medium
CVEs:
- CVE-2020-12415
- CVE-2020-12416
- CVE-2020-12417
- CVE-2020-12418
- CVE-2020-12419
- CVE-2020-12420
- CVE-2020-12421
- CVE-2020-12422
- CVE-2020-12424
- CVE-2020-12425
- CVE-2020-12426
Title: USN-4409-1: Samba vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4409-1
Priorities: medium
CVEs:
- CVE-2020-10730
- CVE-2020-10745
- CVE-2020-10760
Title: USN-4407-1: LibVNCServer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4407-1
Priorities: low,medium
CVEs:
- CVE-2017-18922
- CVE-2019-15680
- CVE-2019-15681
- CVE-2019-15690
- CVE-2019-20788
Title: USN-4403-1: Mutt vulnerability and regression
URL: https://ubuntu.com/security/notices/USN-4403-1
Priorities: medium
CVEs:
- CVE-2020-14954
Title: USN-4402-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4402-1
Priorities: medium
CVEs:
- CVE-2020-8169
- CVE-2020-8177
621.77
Release Date: July 20, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4397-1: NSS vulnerabilities
URL: https://usn.ubuntu.com/4397-1/
Priorities: low,medium
CVEs:
- CVE-2019-17023
- CVE-2020-12399
Title: USN-4400-1: nfs-utils vulnerability
URL: https://usn.ubuntu.com/4400-1/
Priorities: low
CVEs:
- CVE-2019-3689
Title: USN-4396-1: libexif vulnerabilities
URL: https://usn.ubuntu.com/4396-1/
Priorities: low,medium
CVEs:
- CVE-2020-0093
- CVE-2020-0182
- CVE-2020-0198
- CVE-2020-13112
- CVE-2020-13113
- CVE-2020-13114
Title: USN-4395-1: fwupd vulnerability
URL: https://usn.ubuntu.com/4395-1/
Priorities: medium
CVEs:
- CVE-2020-10759
Title: USN-4398-1: DBus vulnerability
URL: https://usn.ubuntu.com/4398-1/
Priorities: medium
CVEs:
- CVE-2020-12049
Title: USN-4401-1: Mutt vulnerabilities
URL: https://usn.ubuntu.com/4401-1/
Priorities: medium,low
CVEs:
- CVE-2020-14093
- CVE-2020-14154
621.76
Release Date: June 17, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4385-1: Intel Microcode vulnerabilities
URL: https://usn.ubuntu.com/4385-1/
Priorities: medium
CVEs:
- CVE-2020-0543
- CVE-2020-0548
- CVE-2020-0549
Title: LSN-0068-1: Kernel Live Patch Security Notice
URL: https://usn.ubuntu.com/lsn/0068-1/
Priorities: medium
CVEs:
- CVE-2020-0543
- CVE-2020-8647
- CVE-2020-8648
- CVE-2020-8649
- CVE-2020-11494
- CVE-2020-12114
Title: USN-4386-1: libjpeg-turbo vulnerability
URL: https://usn.ubuntu.com/4386-1/
Priorities: medium
CVEs:
- CVE-2020-13790
Known Issue:
If you use the NSX-T Container Plugin (NCP) tile v3.0.1 or earlier, do not upgrade to stemcell 621.76. 621.76 is not compatible with the NCP tile v3.0.1 and causes the openvswitch job to fail when you deploy. Please upgrade the NCP tile to 3.0.2 before updating to stemcell 621.76 or newer.
621.75
Release Date: June 09, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4358-1: libexif vulnerabilities
URL: https://usn.ubuntu.com/4358-1/
Priorities: low,medium
CVEs:
- CVE-2018-20030
- CVE-2020-12767
Title: USN-4351-1: Linux firmware vulnerability
URL: https://usn.ubuntu.com/4351-1/
Priorities: medium
CVEs:
- CVE-2018-5383
Title: USN-4364-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4364-1/
Priorities: low,medium
CVEs:
- CVE-2019-19060
- CVE-2020-10942
- CVE-2020-11494
- CVE-2020-11565
- CVE-2020-11608
- CVE-2020-11609
- CVE-2020-11668
Title: USN-4354-1: Mailman vulnerability
URL: https://usn.ubuntu.com/4354-1/
Priorities: medium
CVEs:
- CVE-2020-12108
Title: USN-4352-1: OpenLDAP vulnerability
URL: https://usn.ubuntu.com/4352-1/
Priorities: medium
CVEs:
- CVE-2020-12243
Title: USN-4353-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4353-1/
Priorities: medium
CVEs:
- CVE-2020-12387
- CVE-2020-12390
- CVE-2020-12391
- CVE-2020-12392
- CVE-2020-12394
- CVE-2020-12395
- CVE-2020-12396
- CVE-2020-6831
Title: USN-4360-1: json-c vulnerability
URL: https://usn.ubuntu.com/4360-1/
Priorities: medium
CVEs:
- CVE-2020-12762
Title: USN-4350-1: MySQL vulnerabilities
URL: https://usn.ubuntu.com/4350-1/
Priorities: medium
CVEs:
- CVE-2020-2759
- CVE-2020-2760
- CVE-2020-2762
- CVE-2020-2763
- CVE-2020-2765
- CVE-2020-2780
- CVE-2020-2804
- CVE-2020-2812
- CVE-2020-2892
- CVE-2020-2893
- CVE-2020-2895
- CVE-2020-2896
- CVE-2020-2897
- CVE-2020-2898
- CVE-2020-2901
- CVE-2020-2903
- CVE-2020-2904
- CVE-2020-2921
- CVE-2020-2922
- CVE-2020-2923
- CVE-2020-2924
- CVE-2020-2925
- CVE-2020-2926
- CVE-2020-2928
- CVE-2020-2930
Title: USN-4359-1: APT vulnerability
URL: https://usn.ubuntu.com/4359-1/
Priorities: medium
CVEs:
- CVE-2020-3810
Title: USN-4365-1: Bind vulnerabilities
URL: https://usn.ubuntu.com/4365-1/
Priorities: medium
CVEs:
- CVE-2020-8616
- CVE-2020-8617
Title: LSN-0066-1: Kernel Live Patch Security Notice
URL: https://usn.ubuntu.com/lsn/0066-1/
Priorities: medium
CVEs:
- CVE-2020-8647
- CVE-2020-8648
- CVE-2020-8649
621.74
Release Date: May 12, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4339-1: OpenEXR vulnerabilities
URL: https://usn.ubuntu.com/4339-1/
Priorities: low,medium
CVEs:
- CVE-2017-9111
- CVE-2017-9113
- CVE-2017-9115
- CVE-2018-18444
- CVE-2020-11758
- CVE-2020-11759
- CVE-2020-11760
- CVE-2020-11761
- CVE-2020-11762
- CVE-2020-11763
- CVE-2020-11764
- CVE-2020-11765
Title: USN-4348-1: Mailman vulnerabilities
URL: https://usn.ubuntu.com/4348-1/
Priorities: low,medium
CVEs:
- CVE-2018-0618
- CVE-2018-13796
- CVE-2020-12137
Title: USN-4349-1: EDK II vulnerabilities
URL: https://usn.ubuntu.com/4349-1/
Priorities: medium,low
CVEs:
- CVE-2018-12178
- CVE-2018-12180
- CVE-2018-12181
- CVE-2019-14558
- CVE-2019-14559
- CVE-2019-14563
- CVE-2019-14575
- CVE-2019-14586
- CVE-2019-14587
Title: USN-4346-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4346-1/
Priorities: low,medium
CVEs:
- CVE-2019-16233
- CVE-2019-16234
- CVE-2019-19768
- CVE-2020-8648
- CVE-2020-9383
Title: USN-4345-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4345-1/
Priorities: low,medium,high
CVEs:
- CVE-2019-16234
- CVE-2019-19768
- CVE-2020-10942
- CVE-2020-11608
- CVE-2020-11609
- CVE-2020-11668
- CVE-2020-11884
- CVE-2020-8648
- CVE-2020-9383
Title: USN-4340-1: CUPS vulnerabilities
URL: https://usn.ubuntu.com/4340-1/
Priorities: low,medium
CVEs:
- CVE-2019-2228
- CVE-2020-3898
Title: USN-4341-1: Samba vulnerabilities
URL: https://usn.ubuntu.com/4341-1/
Priorities: medium
CVEs:
- CVE-2020-10700
- CVE-2020-10704
621.71
Release Date: April 23, 2020
Metadata:
BOSH Agent Version: 2.268.15
USNs:
Title: USN-4333-1: Python vulnerabilities
URL: https://usn.ubuntu.com/4333-1/
Priorities: medium,low
CVEs:
- CVE-2019-18348
- CVE-2020-8492
Title: USN-4334-1: Git vulnerability
URL: https://usn.ubuntu.com/4334-1/
Priorities: medium
CVEs:
- CVE-2020-11008
Title: USN-4332-1: File Roller vulnerability
URL: https://usn.ubuntu.com/4332-1/
Priorities: medium
CVEs:
- CVE-2020-11736
621.69
Release Date: April 21, 2020
Metadata:
BOSH Agent Version: 2.268.15
USNs:
Title: USN-4326-1: libiberty vulnerabilities
URL: https://usn.ubuntu.com/4326-1/
Priorities: low,medium
CVEs:
- CVE-2018-12641
- CVE-2018-12697
- CVE-2018-12698
- CVE-2018-12934
- CVE-2018-17794
- CVE-2018-17985
- CVE-2018-18483
- CVE-2018-18484
- CVE-2018-18700
- CVE-2018-18701
- CVE-2018-9138
- CVE-2019-14250
- CVE-2019-9070
- CVE-2019-9071
Title: USN-4323-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4323-1/
Priorities: medium
CVEs:
- CVE-2020-6821
- CVE-2020-6822
- CVE-2020-6823
- CVE-2020-6824
- CVE-2020-6825
- CVE-2020-6826
Title: USN-4320-1: Linux kernel vulnerability
URL: https://usn.ubuntu.com/4320-1/
Priorities: medium
CVEs:
- CVE-2020-8428
Title: USN-4318-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4318-1/
Priorities: medium,low
CVEs:
- CVE-2020-8428
- CVE-2020-8834
- CVE-2020-8992
Title: USN-4324-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4324-1/
Priorities: medium,low
CVEs:
- CVE-2020-8428
- CVE-2020-8992
621.64
Release Date: April 06, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4311-1: BlueZ vulnerabilities
URL: https://usn.ubuntu.com/4311-1/
Priorities: low,medium
CVEs:
- CVE-2016-7837
- CVE-2020-0556
Title: USN-4316-1: GD Graphics Library vulnerabilities
URL: https://usn.ubuntu.com/4316-1/
Priorities: low
CVEs:
- CVE-2018-14553
- CVE-2019-11038
Title: USN-4134-3: IBus vulnerability
URL: https://usn.ubuntu.com/4134-3/
Priorities: medium
CVEs:
- CVE-2019-14822
Title: USN-4314-1: pam-krb5 vulnerability
URL: https://usn.ubuntu.com/4314-1/
Priorities: medium
CVEs:
- CVE-2020-10595
Title: USN-4317-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4317-1/
Priorities: high
CVEs:
- CVE-2020-6819
- CVE-2020-6820
Title: USN-4315-1: Apport vulnerabilities
URL: https://usn.ubuntu.com/4315-1/
Priorities: high,medium
CVEs:
- CVE-2020-8831
- CVE-2020-8833
621.61
Release Date: March 24, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4298-1: SQLite vulnerabilities
URL: https://usn.ubuntu.com/4298-1/
Priorities: medium,low
CVEs:
- CVE-2019-13734
- CVE-2019-13750
- CVE-2019-13751
- CVE-2019-13752
- CVE-2019-13753
- CVE-2019-19880
- CVE-2019-19923
- CVE-2019-19924
- CVE-2019-19925
- CVE-2019-19926
- CVE-2019-19959
- CVE-2019-20218
- CVE-2020-9327
Title: USN-4299-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4299-1/
Priorities: medium,low
CVEs:
- CVE-2019-20503
- CVE-2020-6805
- CVE-2020-6806
- CVE-2020-6807
- CVE-2020-6808
- CVE-2020-6809
- CVE-2020-6810
- CVE-2020-6811
- CVE-2020-6812
- CVE-2020-6813
- CVE-2020-6814
- CVE-2020-6815
Title: USN-4296-1: Django vulnerability
URL: https://usn.ubuntu.com/4296-1/
Priorities: medium
CVEs:
- CVE-2020-9402
621.59
Release Date: March 03, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4279-2: PHP regression
URL: https://usn.ubuntu.com/4279-2/
Priorities: low
CVEs:
- CVE-2015-9253
Title: USN-4290-1: libpam-radius-auth vulnerability
URL: https://usn.ubuntu.com/4290-1/
Priorities: medium
CVEs:
- CVE-2015-9542
Title: USN-4292-1: rsync vulnerabilities
URL: https://usn.ubuntu.com/4292-1/
Priorities: low
CVEs:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
Title: USN-4289-1: Squid vulnerabilities
URL: https://usn.ubuntu.com/4289-1/
Priorities: medium
CVEs:
- CVE-2019-12528
- CVE-2020-8449
- CVE-2020-8450
- CVE-2020-8517
Title: USN-4293-1: libarchive vulnerabilities
URL: https://usn.ubuntu.com/4293-1/
Priorities: low,medium
CVEs:
- CVE-2019-19221
- CVE-2020-9308
Title: USN-4278-2: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4278-2/
Priorities: medium
CVEs:
- CVE-2020-6796
- CVE-2020-6798
- CVE-2020-6800
- CVE-2020-6801
Title: USN-4288-1: ppp vulnerability
URL: https://usn.ubuntu.com/4288-1/
Priorities: medium
CVEs:
- CVE-2020-8597
621.57
Release Date: February 19, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4277-1: libexif vulnerabilities
URL: https://usn.ubuntu.com/4277-1/
Priorities: low,medium
CVEs:
- CVE-2016-6328
- CVE-2017-7544
- CVE-2019-9278
Title: USN-4275-1: Qt vulnerabilities
URL: https://usn.ubuntu.com/4275-1/
Priorities: low,medium
CVEs:
- CVE-2018-19872
- CVE-2019-18281
- CVE-2020-0569
- CVE-2020-0570
Title: USN-4272-1: Pillow vulnerabilities
URL: https://usn.ubuntu.com/4272-1/
Priorities: low,medium
CVEs:
- CVE-2019-16865
- CVE-2019-19911
- CVE-2020-5310
- CVE-2020-5311
- CVE-2020-5312
- CVE-2020-5313
Title: USN-4273-1: ReportLab vulnerability
URL: https://usn.ubuntu.com/4273-1/
Priorities: medium
CVEs:
- CVE-2019-17626
Title: USN-4274-1: libxml2 vulnerabilities
URL: https://usn.ubuntu.com/4274-1/
Priorities: low,medium
CVEs:
- CVE-2019-19956
- CVE-2020-7595
621.55
Release Date: February 06, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4259-1: Apache Solr vulnerability
URL: https://usn.ubuntu.com/4259-1/
Priorities: high
CVEs:
- CVE-2017-12629
Title: USN-4252-1: tcpdump vulnerabilities
URL: https://usn.ubuntu.com/4252-1/
Priorities: low,medium
CVEs:
- CVE-2017-16808
- CVE-2018-10103
- CVE-2018-10105
- CVE-2018-14461
- CVE-2018-14462
- CVE-2018-14463
- CVE-2018-14464
- CVE-2018-14465
- CVE-2018-14466
- CVE-2018-14467
- CVE-2018-14468
- CVE-2018-14469
- CVE-2018-14470
- CVE-2018-14879
- CVE-2018-14880
- CVE-2018-14881
- CVE-2018-14882
- CVE-2018-16227
- CVE-2018-16228
- CVE-2018-16229
- CVE-2018-16230
- CVE-2018-16300
- CVE-2018-16451
- CVE-2018-16452
- CVE-2018-19519
- CVE-2019-1010220
- CVE-2019-15166
- CVE-2019-15167
Title: USN-4254-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4254-1/
Priorities: medium,negligible,low
CVEs:
- CVE-2019-14615
- CVE-2019-15291
- CVE-2019-18683
- CVE-2019-18885
- CVE-2019-19057
- CVE-2019-19062
- CVE-2019-19063
- CVE-2019-19227
- CVE-2019-19332
Title: USN-4255-2: Linux kernel (HWE) vulnerabilities
URL: https://usn.ubuntu.com/4255-2/
Priorities: medium
CVEs:
- CVE-2019-14615
- CVE-2020-7053
Title: USN-4263-1: Sudo vulnerability
URL: https://usn.ubuntu.com/4263-1/
Priorities: low
CVEs:
- CVE-2019-18634
Title: USN-4256-1: Cyrus SASL vulnerability
URL: https://usn.ubuntu.com/4256-1/
Priorities: medium
CVEs:
- CVE-2019-19906
Title: USN-4265-1: SpamAssassin vulnerabilities
URL: https://usn.ubuntu.com/4265-1/
Priorities: medium
CVEs:
- CVE-2020-1930
- CVE-2020-1931
Title: USN-4250-1: MySQL vulnerabilities
URL: https://usn.ubuntu.com/4250-1/
Priorities: medium
CVEs:
- CVE-2020-2570
- CVE-2020-2572
- CVE-2020-2573
- CVE-2020-2574
- CVE-2020-2577
- CVE-2020-2579
- CVE-2020-2584
- CVE-2020-2588
- CVE-2020-2589
- CVE-2020-2627
- CVE-2020-2660
- CVE-2020-2679
- CVE-2020-2686
- CVE-2020-2694
Title: USN-4257-1: OpenJDK vulnerabilities
URL: https://usn.ubuntu.com/4257-1/
Priorities: low,medium
CVEs:
- CVE-2020-2583
- CVE-2020-2590
- CVE-2020-2593
- CVE-2020-2601
- CVE-2020-2604
- CVE-2020-2654
- CVE-2020-2655
- CVE-2020-2659
621.51
Release Date: January 24, 2020
Bug Fixes
* Addresses https://github.com/cloudfoundry/bosh/issues/2223 - prevent AWS from overriding search domains
Metadata:
BOSH Agent Version: 2.268.11
USNs:
Title: USN-4246-1: zlib vulnerabilities
URL: https://usn.ubuntu.com/4246-1/
Priorities: low
CVEs:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
Title: USN-4248-1: GraphicsMagick vulnerabilities
URL: https://usn.ubuntu.com/4248-1/
Priorities: medium
CVEs:
- CVE-2017-16545
- CVE-2017-16547
- CVE-2017-16669
- CVE-2017-17498
- CVE-2017-17500
- CVE-2017-17501
- CVE-2017-17502
- CVE-2017-17503
- CVE-2017-17782
- CVE-2017-17783
Title: USN-4244-1: Samba vulnerabilities
URL: https://usn.ubuntu.com/4244-1/
Priorities: low,medium
CVEs:
- CVE-2019-14902
- CVE-2019-14907
- CVE-2019-19344
Title: USN-4247-1: python-apt vulnerabilities
URL: https://usn.ubuntu.com/4247-1/
Priorities: medium
CVEs:
- CVE-2019-15795
- CVE-2019-15796
Title: USN-4249-1: e2fsprogs vulnerability
URL: https://usn.ubuntu.com/4249-1/
Priorities: medium
CVEs:
- CVE-2019-5188
Title: USN-4245-1: PySAML2 vulnerability
URL: https://usn.ubuntu.com/4245-1/
Priorities: medium
CVEs:
- CVE-2020-5390
621.50
Release Date: January 21, 2020
Metadata:
BOSH Agent Version: 2.268.10
USNs:
Title: USN-4232-1: GraphicsMagick vulnerabilities
URL: https://usn.ubuntu.com/4232-1/
Priorities: medium,low
CVEs:
- CVE-2017-14165
- CVE-2017-14314
- CVE-2017-14504
- CVE-2017-14649
- CVE-2017-14733
- CVE-2017-14994
- CVE-2017-14997
- CVE-2017-15277
- CVE-2017-15930
- CVE-2017-16352
- CVE-2017-16353
Title: USN-4237-1: SpamAssassin vulnerabilities
URL: https://usn.ubuntu.com/4237-1/
Priorities: medium
CVEs:
- CVE-2018-11805
- CVE-2019-12420
Title: USN-4238-1: SDL_image vulnerabilities
URL: https://usn.ubuntu.com/4238-1/
Priorities: medium,low
CVEs:
- CVE-2018-3977
- CVE-2019-12216
- CVE-2019-12217
- CVE-2019-12218
- CVE-2019-12219
- CVE-2019-12220
- CVE-2019-12221
- CVE-2019-12222
- CVE-2019-13616
- CVE-2019-5051
- CVE-2019-5052
- CVE-2019-7635
Title: USN-4240-1: Kamailio vulnerability
URL: https://usn.ubuntu.com/4240-1/
Priorities: high
CVEs:
- CVE-2018-8828
Title: USN-4239-1: PHP vulnerabilities
URL: https://usn.ubuntu.com/4239-1/
Priorities: low
CVEs:
- CVE-2019-11045
- CVE-2019-11046
- CVE-2019-11047
- CVE-2019-11050
Title: USN-4236-2: Libgcrypt vulnerability
URL: https://usn.ubuntu.com/4236-2/
Priorities: medium
CVEs:
- CVE-2019-13627
Title: USN-4227-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4227-1/
Priorities: medium,low
CVEs:
- CVE-2019-14895
- CVE-2019-14896
- CVE-2019-14897
- CVE-2019-14901
- CVE-2019-16231
- CVE-2019-16233
- CVE-2019-18660
- CVE-2019-19045
- CVE-2019-19052
- CVE-2019-19083
- CVE-2019-19524
- CVE-2019-19529
- CVE-2019-19534
- CVE-2019-19807
Title: USN-4228-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4228-1/
Priorities: medium,low
CVEs:
- CVE-2019-14895
- CVE-2019-14896
- CVE-2019-14897
- CVE-2019-14901
- CVE-2019-18660
- CVE-2019-19052
- CVE-2019-19524
- CVE-2019-19534
Title: USN-4230-1: ClamAV vulnerability
URL: https://usn.ubuntu.com/4230-1/
Priorities: medium
CVEs:
- CVE-2019-15961
Title: USN-4231-1: NSS vulnerability
URL: https://usn.ubuntu.com/4231-1/
Priorities: medium
CVEs:
- CVE-2019-17006
Title: USN-4234-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4234-1/
Priorities: medium,low
CVEs:
- CVE-2019-17016
- CVE-2019-17017
- CVE-2019-17020
- CVE-2019-17022
- CVE-2019-17023
- CVE-2019-17024
- CVE-2019-17025
- CVE-2019-17026
Title: USN-4235-1: nginx vulnerability
URL: https://usn.ubuntu.com/4235-1/
Priorities: medium
CVEs:
- CVE-2019-20372
621.41
Release Date: February 04, 2020
BOSH Agent version: 2.268.9
USNs:
Title: USN-4222-1: GraphicsMagick vulnerabilities
URL: https://usn.ubuntu.com/4222-1/
Priorities: medium,low
CVEs:
- CVE-2017-11638
- CVE-2017-11641
- CVE-2017-11642
- CVE-2017-11643
- CVE-2017-12935
- CVE-2017-12936
- CVE-2017-12937
- CVE-2017-13063
- CVE-2017-13064
- CVE-2017-13065
- CVE-2017-13134
- CVE-2017-13737
- CVE-2017-13775
- CVE-2017-13776
- CVE-2017-13777
Title: USN-4216-2: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4216-2/
Priorities: medium
CVEs:
- CVE-2019-11745
- CVE-2019-11756
- CVE-2019-17005
- CVE-2019-17008
- CVE-2019-17010
- CVE-2019-17011
- CVE-2019-17012
- CVE-2019-17013
- CVE-2019-17014
Title: USN-4220-1: Git vulnerabilities
URL: https://usn.ubuntu.com/4220-1/
Priorities: medium,low
CVEs:
- CVE-2019-1348
- CVE-2019-1349
- CVE-2019-1350
- CVE-2019-1351
- CVE-2019-1352
- CVE-2019-1353
- CVE-2019-1354
- CVE-2019-1387
- CVE-2019-19604
Title: USN-4217-1: Samba vulnerabilities
URL: https://usn.ubuntu.com/4217-1/
Priorities: medium
CVEs:
- CVE-2019-14861
- CVE-2019-14870
Title: USN-4219-1: libssh vulnerability
URL: https://usn.ubuntu.com/4219-1/
Priorities: medium
CVEs:
- CVE-2019-14889
Title: USN-4221-1: libpcap vulnerability
URL: https://usn.ubuntu.com/4221-1/
Priorities: medium
CVEs:
- CVE-2019-15165
Title: USN-4214-2: RabbitMQ vulnerability
URL: https://usn.ubuntu.com/4214-2/
Priorities: medium
CVEs:
- CVE-2019-18609
Title: USN-4224-1: Django vulnerability
URL: https://usn.ubuntu.com/4224-1/
Priorities: high
CVEs:
- CVE-2019-19844
Title: USN-4223-1: OpenJDK vulnerabilities
URL: https://usn.ubuntu.com/4223-1/
Priorities: medium
CVEs:
- CVE-2019-2894
- CVE-2019-2945
- CVE-2019-2949
- CVE-2019-2962
- CVE-2019-2964
- CVE-2019-2973
- CVE-2019-2975
- CVE-2019-2977
- CVE-2019-2978
- CVE-2019-2981
- CVE-2019-2983
- CVE-2019-2987
- CVE-2019-2988
- CVE-2019-2989
- CVE-2019-2992
- CVE-2019-2999
621.29
Release Date: December 10, 2019
BOSH Agent version: 2.268.7
USNs:
Title: USN-4211-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4211-1/
Priorities: medium,negligible
CVEs:
- CVE-2018-20784
- CVE-2019-17075
- CVE-2019-17133
Title: USN-4205-1: SQLite vulnerabilities
URL: https://usn.ubuntu.com/4205-1/
Priorities: low,medium
CVEs:
- CVE-2018-8740
- CVE-2019-16168
- CVE-2019-19242
- CVE-2019-19244
- CVE-2019-5018
- CVE-2019-5827
Title: USN-4203-1: NSS vulnerability
URL: https://usn.ubuntu.com/4203-1/
Priorities: medium
CVEs:
- CVE-2019-11745
Title: USN-4213-1: Squid vulnerabilities
URL: https://usn.ubuntu.com/4213-1/
Priorities: medium,low
CVEs:
- CVE-2019-12523
- CVE-2019-12526
- CVE-2019-12854
- CVE-2019-18676
- CVE-2019-18677
- CVE-2019-18678
- CVE-2019-18679
Title: USN-4210-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4210-1/
Priorities: medium,negligible,low
CVEs:
- CVE-2019-16746
- CVE-2019-17075
- CVE-2019-17133
- CVE-2019-19060
- CVE-2019-19065
- CVE-2019-19075
Title: USN-4204-1: psutil vulnerability
URL: https://usn.ubuntu.com/4204-1/
Priorities: medium
CVEs:
- CVE-2019-18874
621.26
Release Date: November 26, 2019
BOSH Agent version: 2.268.7
USNs:
Title: USN-4198-1: DjVuLibre vulnerabilities
URL: https://usn.ubuntu.com/4198-1/
Priorities: low
CVEs:
- CVE-2019-15142
- CVE-2019-15143
- CVE-2019-15144
- CVE-2019-15145
- CVE-2019-18804
621.23
Release Date: November 18, 2019
BOSH Agent version: 2.268.6
USNs:
Title: USN-4186-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4186-1/
Priorities: high,medium
CVEs:
- CVE-2018-12207
- CVE-2019-0154
- CVE-2019-0155
- CVE-2019-11135
- CVE-2019-15098
- CVE-2019-16746
- CVE-2019-17052
- CVE-2019-17053
- CVE-2019-17054
- CVE-2019-17055
- CVE-2019-17056
- CVE-2019-17666
- CVE-2019-2215
Title: USN-4185-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4185-1/
Priorities: high,medium
CVEs:
- CVE-2018-12207
- CVE-2019-0154
- CVE-2019-0155
- CVE-2019-11135
- CVE-2019-15098
- CVE-2019-17052
- CVE-2019-17053
- CVE-2019-17054
- CVE-2019-17055
- CVE-2019-17056
- CVE-2019-17666
Title: USN-4190-1: libjpeg-turbo vulnerabilities
URL: https://usn.ubuntu.com/4190-1/
Priorities: low,medium
CVEs:
- CVE-2018-14498
- CVE-2018-19664
- CVE-2018-20330
- CVE-2019-2201
Title: USN-4185-3: Linux kernel vulnerability and regression
URL: https://usn.ubuntu.com/4185-3/
Priorities: high
CVEs:
- CVE-2019-0155
Title: USN-4186-3: Linux kernel vulnerability
URL: https://usn.ubuntu.com/4186-3/
Priorities: high
CVEs:
- CVE-2019-0155
Title: USN-4182-1: Intel Microcode update
URL: https://usn.ubuntu.com/4182-1/
Priorities: high,medium
CVEs:
- CVE-2019-11135
- CVE-2019-11139
Title: USN-4191-1: QEMU vulnerabilities
URL: https://usn.ubuntu.com/4191-1/
Priorities: low
CVEs:
- CVE-2019-12068
- CVE-2019-12155
- CVE-2019-13164
- CVE-2019-14378
- CVE-2019-15890
Title: USN-4192-1: ImageMagick vulnerabilities
URL: https://usn.ubuntu.com/4192-1/
Priorities: low,negligible,medium
CVEs:
- CVE-2019-12974
- CVE-2019-12975
- CVE-2019-12976
- CVE-2019-12977
- CVE-2019-12978
- CVE-2019-12979
- CVE-2019-13135
- CVE-2019-13137
- CVE-2019-13295
- CVE-2019-13297
- CVE-2019-13300
- CVE-2019-13301
- CVE-2019-13304
- CVE-2019-13305
- CVE-2019-13306
- CVE-2019-13307
- CVE-2019-13308
- CVE-2019-13309
- CVE-2019-13310
- CVE-2019-13311
- CVE-2019-13391
- CVE-2019-13454
- CVE-2019-14981
- CVE-2019-15139
- CVE-2019-15140
- CVE-2019-16708
- CVE-2019-16709
- CVE-2019-16710
- CVE-2019-16711
- CVE-2019-16713
621.12
Release Date: November 12, 2019
BOSH Agent version: 2.268.5
USNs:
Title: USN-4176-1: GNU cpio vulnerability
URL: https://usn.ubuntu.com/4176-1/
Priorities: medium
CVEs:
- CVE-2019-14866
Title: USN-4174-1: HAproxy vulnerability
URL: https://usn.ubuntu.com/4174-1/
Priorities: medium
CVEs:
- CVE-2019-18277
Title: USN-4175-1: Nokogiri vulnerability
URL: https://usn.ubuntu.com/4175-1/
Priorities: medium
CVEs:
- CVE-2019-5477
621.5
Release Date: October 31, 2019
New stemcell line!
* rev the stemcell_api_version to 3 for upcoming signed url feature - https://www.pivotaltracker.com/epic/show/4392899
* blacklist nouveau kernel module (#96)
—
BOSH Agent version: 2.268.3
