Tuxcare Errata System 0.0.1 5.10 2026-04-16T17:49:38 Ubuntu 16.04 LTS * SECURITY UPDATE: Unsafe exiting internalEntityParser - debian/patches/CVE-2022-40674.patch: Ensure raw tagnames are safe exiting internalEntityParser - CVE-2022-40674 * tests were activated * some leaks fixed: - debian/patches/fix-leak-xmlparse.patch: tidy up attribute prefix bindings on error (fixes #17) - debian/patches/fix-tests-leak.patch: free the external entity parser in external_entity_loader_set_encoding() - debian/patches/fix-tests-leak2.patch: free the content model in dummy_element_decl_handler() - debian/patches/dispose-test-stuff.patch: removes some of the memory leaks discovered by AddressSanitizer in the test suite (Issue #23) Critical TuxCare License Agreement CVE-2022-40674 Ubuntu 16.04 LTS * SECURITY UPDATE: degrade resolver performance - debian/patches/CVE-2022-2795.patch: adds limits in fctx_getaddresses to avoid spending excessive amounts of time on processing large delegations in resolver code in lib/dns/resolver.c. - CVE-2022-2795 * SECURITY UPDATE: memory leak - debian/patches/CVE-2022-38177.patch: avoid return DST_RET when there is a signature length mismatch in lib/dns/opensslecdsa_link.c. - CVE-2022-38177 Important TuxCare License Agreement CVE-2022-38177 CVE-2022-2795 Ubuntu 16.04 LTS * SECURITY_UPDATE: Using freed memory when autocmd changes mark - debian/patches/CVE-2022-3256.patch: Copy the mark before editing another buffer - CVE-2022-3256 Important TuxCare License Agreement CVE-2022-3134 CVE-2022-2946 CVE-2022-3234 CVE-2022-3256 CVE-2022-3099 CVE-2022-3037 Ubuntu 16.04 LTS * SECURITY UPDATE: Buffer overrun from integer overflow - debian/patches/CVE-2021-32027.patch: Prevent integer overflows in array subscripting calculations - CVE-2021-32027 Important TuxCare License Agreement CVE-2021-32027 Ubuntu 16.04 LTS * SECURITY UPDATE: segfault in sqlite3ExprCodeTarget - debian/patches/CVE-2020-13435.patch: tries to prevent a recurrence of problems. - CVE-2020-13425 Important TuxCare License Agreement CVE-2020-13435 CVE-2020-35525 Ubuntu 16.04 LTS * SECURITY UPDATE: buffer-over-read in SSPI and SMB authentication - debian/patches/CVE-2022-41318.patch: improve debugs and checks sequence to clarify cases and ensure that all are handled correctly in lib/ntlmauth/ntlmauth.cc - CVE-2022-41318 Important TuxCare License Agreement CVE-2022-41318 Ubuntu 16.04 LTS * SECURITY UPDATE: Buffer underflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: Check CSF_TRY can be found - CVE-2022-3296 * SECURITY UPDATE: Using negative array index with negative width window - debian/patches/CVE-2022-3324.patch: Make sure the window width does not become negative - CVE-2022-3324 * Fix Makefile: - debian/patches/fix-tests.patch: add some tests Important TuxCare License Agreement CVE-2022-3296 CVE-2022-3324 Ubuntu 16.04 LTS * SECURITY UPDATE: Exposed sensitive information - debian/patches/CVE-2022-2806.patch: filter out all password keys in sos/report/plugins/ovirt.py - CVE-2022-2806 Moderate TuxCare License Agreement CVE-2022-2806 Ubuntu 16.04 LTS * SECURITY UPDATE: integer overflow - debian/patches/CVE-2017-17122-pre1.patch: change bfd_get_size/bfd_get_file_size to ufile_ptr. - debian/patches/CVE-2017-17122.patch: stop objdump from attempting to allocate a huge chunk of memory when parsing relocs in a corrupt file. - CVE-2017-17122 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2019-1010204.patch: check start parameter before computing number of bytes to read. - CVE-2019-1010204 Important TuxCare License Agreement CVE-2019-1010204 CVE-2017-17122 Ubuntu 16.04 LTS * SECURITY UPDATE: Privileged arbitrary SQL function execution - debian/patches/CVE-2022-1552-1.patch: Make relation-enumerating operations be security-restricted operations - debian/patches/CVE-2022-1552-2.patch: In REFRESH MATERIALIZED VIEW, set user ID before running user code - CVE-2022-1552 Important TuxCare License Agreement CVE-2022-1552 Ubuntu 16.04 LTS * SECURITY UPDATE: Fix overeager DTD destruction - debian/patches/CVE-2022-43680: Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations - CVE-2022-43680 Important TuxCare License Agreement CVE-2022-43680 Ubuntu 16.04 LTS * SECURITY UPDATE: Possible cross-site scripting vulnerability in libxml2 - debian/patches/CVE-2016-3709.patch: Revert commit 960f0e27 that has some problems - CVE-2016-3709 * Fix parser termination from "Double hyphen within comment" error Moderate TuxCare License Agreement CVE-2016-3709 Ubuntu 16.04 LTS * SECURITY UPDATE: POST following PUT confusion - debian/patches/CVE-2022-32221.patch: when POST is set, reset the 'upload' field - CVE-2022-32221 Moderate TuxCare License Agreement CVE-2022-32221 Ubuntu 16.04 LTS * SECURITY UPDATE: After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones - debian/patches/CVE-2019-2386.patch: Validate unique User ID on UserCache hit - CVE-2019-2386 Important TuxCare License Agreement CVE-2019-2386 Ubuntu 16.04 LTS * SECURITY UPDATE: Signature verification bypass - debian/patches/fixes/CVE-2020-16156.patch: recognize CANNOT_VERIFY signature verification type, add two new failure modes based on 'cpan_path' and improve interaction with external 'gpg' executable. - CVE-2020-16156 Important TuxCare License Agreement CVE-2020-16156 Ubuntu 16.04 LTS * SECURITY UPDATE: array-bounds overflow if billions of bytes are used in a string argument to a C API - debian/patches/CVE-2022-35737.patch: increase the size of loop variables in the printf() implementation to avoid overflow. - CVE-2022-35737 Important TuxCare License Agreement CVE-2022-35737 Ubuntu 16.04 LTS * SECURITY UPDATE: memory corruption and disclosure in MP4 streaming module - debian/patches/CVE-2022-41741-CVE-2022-41742.patch: disable duplicated atoms and ensure that (the most of them) appeared once in a container. - CVE-2022-41741 - CVE-2022-41742 Important TuxCare License Agreement CVE-2022-41741 CVE-2022-41742 Ubuntu 16.04 LTS * SECURITY UPDATE: Update to 5.7.40 to fix security issues - CVE-2022-21589, CVE-2022-21592, CVE-2022-21608, CVE-2022-21617 Moderate TuxCare License Agreement CVE-2022-21592 CVE-2022-21617 CVE-2022-21589 CVE-2022-21608 Ubuntu 16.04 LTS * SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061-v2.7.patch: Fix quadratic time idna decoding - CVE-2022-45061 * Make tests to be compatible with expat 2.1.0 from tuxcare.els: - debian/patches/expat-regression-v2.7.patch: Make test suite support Expat >=2.4.5 Important TuxCare License Agreement CVE-2022-45061 Ubuntu 16.04 LTS * SECURITY UPDATE: Use-after-free in access control-related hash tables - debian/patches/CVE-2020-35512.patch: use reference counting for DBusUserInfo and DBusGroupInfo structures. - CVE-2020-35512 * SECURITY UPDATE: Crash or incorrect parsing a signature with wrongly nested '()' and '{}' - debian/patches/CVE-2022-42010.patch: add extra checking for brackets. - CVE-2022-42010 * SECURITY UPDATE: Out-of-bounds accesses during processing of arrays made up of an integer number of items - debian/patches/CVE-2022-42011.patch: validate length of arrays of fixed-length items. - CVE-2022-42011 * SECURITY UPDATE: Crash when message type and the pointer into its contents goes out of sync - debian/patches/CVE-2022-42012.patch: byte-swap Unix fd indexes if needed. - CVE-2022-42012 Important TuxCare License Agreement CVE-2020-35512 CVE-2022-42011 CVE-2022-42010 CVE-2022-42012 Ubuntu 16.04 LTS * SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061.patch: Fix quadratic time idna decoding - CVE-2022-45061 * Fix the tests: Certificates were expired - debian/patches/update-test-certs-and-keys.patch: Update test certs and keys Important TuxCare License Agreement CVE-2022-45061 Ubuntu 16.04 LTS * SECURITY UPDATE: option refcount overflow - debian/patches/CVE-2022-2928.patch: fix work with reference counter 'refcount' - CVE-2022-2928 * SECURITY UPDATE: DHCP memory leak - debian/patches/CVE-2022-2929.patch: free memory when incorrect 'fqdn' labels are used - CVE-2022-2929 Important TuxCare License Agreement CVE-2022-2928 CVE-2022-2929 Ubuntu 16.04 LTS * SECURITY UPDATE: possible RCE when using OSC 50 sequence - debian/patches/CVE-2022-45063.patch: Improve error recovery when setting a bitmap font for the VT100 window, e.g., in case OSC 50 failed, restoring the most recent valid font so that a subsequent OSC 50 reports this correctly. - CVE-2022-45063 - debian/patches/extra_safety_to_string_comparison_functions.patch: Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error recovery for a missing font. Critical TuxCare License Agreement CVE-2022-45063 Ubuntu 16.04 LTS * Backport upstream releases 8u352 to 16.04 LTS * Security fixes in 8u352: - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526, CVE-2022-21619: Improve NTLM support - JDK-8286533, CVE-2022-21626: Key X509 usages - JDK-8286910, CVE-2022-21624: Improve JNDI lookups - JDK-8286918, CVE-2022-21628: Better HttpServer service - JDK-8288508: Enhance ECDSA usage * Drop applied patch pr88.diff Moderate TuxCare License Agreement CVE-2022-21624 CVE-2022-21626 CVE-2022-21619 CVE-2022-21628 Ubuntu 16.04 LTS * SECURITY UPDATE: Use After Free in vim - debian/patches/CVE-2022-3352.patch: Disallow deleting the current buffer to avoid using freed memory - CVE-2022-3352 * SECURITY UPDATE: Crash when matching buffer with invalid pattern - debian/patches/CVE-2022-1674.patch: Check for NULL regprog - CVE-2022-1674 * SECURITY UPDATE: Using NULL regexp program - debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL in more places - CVE-2022-1725 * Fix: CI crashes when running out of memory, NULL pointer dereference - debian/patches/fix-addstate.patch: Apply 'maxmempattern' also to new regexp engine, check NULL pointers inside addstate() function Important TuxCare License Agreement CVE-2022-1674 CVE-2022-3352 CVE-2022-1725 Ubuntu 16.04 LTS * SECURITY UPDATE: Race condition when copying and removing directory trees - debian/patches/CVE-2013-4235.patch: fix races in chown_tree(), remove_tree() and copy_tree() - CVE-2013-4235 Moderate TuxCare License Agreement CVE-2013-4235 Ubuntu 16.04 LTS * CVE-2022-42703 - mm/rmap.c: don't reuse anon_vma if we just want a copy - mm: rmap: explicitly reset vma->anon_vma in unlink_anon_vmas() - mm, rmap: handle anon_vma_prepare() common case inline - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * CVE-2022-3565 - mISDN: fix use-after-free bugs in l1oip timer handlers * CVE-2022-43750 - usb: mon: make mmapped memory read only * CVE-2022-3566 - tcp: Fix data races around icsk->icsk_af_ops. * CVE-2022-3567 - ipv6: annotate some data-races around sk->sk_prot - ipv6: Fix data races around sk->sk_prot. * CVE-2022-3621 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() * CVE-2022-3564 - Bluetooth: remove unneeded variable in l2cap_stream_rx - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu * CVE-2022-3524 - tcp/udp: Fix memory leak in ipv6_renew_options(). * CVE-2022-3635 - atm: idt77252: fix use-after-free bugs caused by tst_timer * CVE-2022-40768 - scsi: stex: Properly zero out the passthrough command structure * CVE-2022-3239 - media: em28xx: initialize refcount before kref_get * CVE-2022-3649 - nilfs2: fix use-after-free bug of struct nilfs_root * CVE-2022-3594 - r8152: Rate limit overflow messages Critical TuxCare License Agreement CVE-2022-3635 CVE-2022-3566 CVE-2022-3567 CVE-2022-3565 CVE-2022-3564 CVE-2022-3649 CVE-2022-3239 CVE-2022-3621 CVE-2022-3524 CVE-2022-40768 CVE-2022-42703 CVE-2022-3594 CVE-2022-43750 Ubuntu 16.04 LTS * SECURITY UPDATE: Integer overflows with XML_PARSE_HUGE - debian/patches/CVE-2022-40303.patch: Impose size limits when XML_PARSE_HUGE is set and add length checks to core parser functions - CVE-2022-40303 * SECURITY UPDATE: Dict corruption caused by entity reference cycles - debian/patches/CVE-2022-40304.patch: Stop storing entity content, orig, ExternalID and SystemID in a dict since these values are unlikely to occur multiple times in a document, so they shouldn't have been stored in a dict in the first place - CVE-2022-40304 Important TuxCare License Agreement CVE-2022-40304 CVE-2022-40303 Ubuntu 16.04 LTS * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-20224.patch: fix outside the range of representable values of type 'unsigned char' - CVE-2021-20224 * Fix internal test system: - debian/patches/fix-validation-suite.patch: fix validate suite - debian/patches/fix-improper-image-header-xbm.patch: fix 'improper image header' for XBM tests * debian/rules: - fix several install issues - script termination when a subcommand fails Moderate TuxCare License Agreement CVE-2021-20224 Ubuntu 16.04 LTS * SECURITY UPDATE: degrade resolver performance and possibly DoS - debian/patches/CVE-2016-2775.patch: fix possible infinite loop in lwresd due to a long query name - CVE-2016-2775 * SECURITY UPDATE: improper restriction of zone size limit - debian/patches/CVE-2016-6170.patch: allow the maximum number of records in a zone to be specified - CVE-2016-6170 Moderate TuxCare License Agreement CVE-2016-6170 CVE-2016-2775 Ubuntu 16.04 LTS * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2022-38533.patch: fix possibly heap-based buffer overflow in bfd/coffcode.h. - CVE-2022-38533 Moderate TuxCare License Agreement CVE-2022-38533 Ubuntu 16.04 LTS * SECURITY UPDATE: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. - debian/patches/CVE-2019-0221.patch: Escape debug output to aid readability - CVE-2019-0221 Moderate TuxCare License Agreement CVE-2019-0221 Ubuntu 16.04 LTS * SECURITY UPDATE: With a Visual block a put command column may go negative - debian/patches/CVE-2022-3520.patch: Check that the column does not become negative - CVE-2022-3520 * SECURITY UPDATE: Invalid memory access in substitute with function that goes to another file - debian/patches/CVE-2022-4141.patch: Check for text locked in CTRL-W gf - CVE-2022-4141 Critical TuxCare License Agreement CVE-2022-3520 CVE-2022-4141 Ubuntu 16.04 LTS * SECURITY UPDATE: A man-in-the-middle attacker can inject false responses - debian/patches/CVE-2021-23222.patch: libpq: reject extraneous data after SSL or GSS encryption handshake - CVE-2021-23222 Moderate TuxCare License Agreement CVE-2021-23222 Ubuntu 16.04 LTS * SECURITY UPDATE: Using freed memory after SpellFileMissing autocmd uses bwipe - debian/patches/CVE-2022-4292.patch: Bail out if the window no longer exists - CVE-2022-4292 Important TuxCare License Agreement CVE-2022-4292 Ubuntu 16.04 LTS * SECURITY UPDATE: Dummy buffer ends up in a window - debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy buffer - CVE-2022-3591 Important TuxCare License Agreement CVE-2022-3591 Ubuntu 16.04 LTS * SECURITY UPDATE: buffer overrun in EUC-KR conversion module - debian/patches/any/CVE-2019-25013: skip two bytes when told to skip over the unknown designation, potentially running over the buffer end - CVE-2019-25013 * SECURITY UPDATE: hang in the iconv program - debian/patches/any/CVE-2020-27618: adjust the converter to accept redundant shift sequences in IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets - CVE-2020-27618 Moderate TuxCare License Agreement CVE-2020-27618 CVE-2019-25013 Ubuntu 16.04 LTS * SECURITY UPDATE: Extended partition loop in MBR partition table leads to DoS - debian/patches/CVE-2016-5011-1.patch: ignore MBR extended partition at zero offset - debian/patches/CVE-2016-5011-2.patch: avoid non-empty recursion in EBR - CVE-2016-5011 Moderate TuxCare License Agreement CVE-2016-5011 Ubuntu 16.04 LTS * SECURITY UPDATE: integer overflows that may lead to remote code execution - debian/patches/CVE-2022-42898.patch: add several tests to prevent integer overflow in pac parsing - CVE-2022-42898 Important TuxCare License Agreement CVE-2022-42898 Ubuntu 16.04 LTS * SECURITY UPDATE: Integer overflows - debian/patches/CVE-2022-42898.patch: fix integer overflows in PAC parsing - CVE-2022-42898 Important TuxCare License Agreement CVE-2022-42898 Ubuntu 16.04 LTS * SECURITY UPDATE: Out-of-bounds read in function build_stl_str_hl - debian/patches/CVE-2023-0049: Stop reading from buffer at "%0" - CVE-2023-0049 Important TuxCare License Agreement CVE-2023-0049 Ubuntu 16.04 LTS * SECURITY UPDATE: access denial bypass in pam_access.so - debian/patches-applied/CVE-2022-28321.patch: properly use getnameinfo() and getaddrinfo() to handle hostnames in access.conf, add freeaddrinfo() to avoid memory leaks on return from network_netmask_match() as well - CVE-2022-28321 Critical TuxCare License Agreement CVE-2022-28321 Ubuntu 16.04 LTS * SECURITY UPDATE: possible HTTP request smuggling in the mod_proxy_ajp - debian/patches/CVE-2022-36760.patch: ensure connection closure for an invalid Transfer-Encoding header, to prevent HTTP request smuggling attack with an AJP proxy - CVE-2022-36760 Critical TuxCare License Agreement CVE-2022-36760 Ubuntu 16.04 LTS * SECURITY UPDATE: Reading past the end of a line when formatting text - debian/patches/CVE-2023-0433: Check for not going over the end of the line - CVE-2023-0433 Important TuxCare License Agreement CVE-2023-0433 Ubuntu 16.04 LTS * SECURITY UPDATE: heap-based buffer overflows in Heimdal ARC4 and DES3 - debian/patches/CVE-2022-3437.patch: add extra NULL pointer and buffer boundaries checks, fix undefined behaviour and input data length calculations, remove accidentally duplicated code in arcfour.c - CVE-2022-3437 Moderate TuxCare License Agreement CVE-2022-3437 Ubuntu 16.04 LTS * SECURITY UPDATE: Update to 5.7.41 to fix security issues - CVE-2023-21840 Moderate TuxCare License Agreement CVE-2023-21840 Ubuntu 16.04 LTS * SECURITY UPDATE: Possible KDC crash processing malformed S4U2Self request - debian/patches/CVE-2018-20217.patch: ignore password attributes for S4U2Self requests - CVE-2018-20217 Moderate TuxCare License Agreement CVE-2018-20217 Ubuntu 16.04 LTS * SECURITY UPDATE: mod_proxy may trigger HTTP response splitting - debian/patches/CVE-2022-37436.patch: fail on bad header - CVE-2022-37436 Moderate TuxCare License Agreement CVE-2022-37436 Ubuntu 16.04 LTS * SECURITY UPDATE: edit a file not permitted by the security policy - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include "--" - CVE-2023-22809 Important TuxCare License Agreement CVE-2023-22809 Ubuntu 16.04 LTS * SECURITY UPDATE: Use-after-free following BIO_new_NDEF - debian/patches/CVE-2023-0215.patch: fix a UAF resulting from a bug in BIO_new_NDEF in crypto/asn1/bio_ndef.c - CVE-2023-0215 * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for x400Address in crypto/x509/v3_genn.c - CVE-2023-0286 Important TuxCare License Agreement CVE-2023-0215 CVE-2023-0286 Ubuntu 16.04 LTS * SECURITY UPDATE: Under certain circumstances the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. - debian/patches/0010-cve-2017-11671.diff: moves expansion out of the link. - CVE-2017-11671 Moderate TuxCare License Agreement CVE-2017-11671 Ubuntu 16.04 LTS * SECURITY UPDATE: out-of-bounds write caused by integer overflow - debian/patches/CVE-2022-41903.patch: use 'size_t' instead of 'int' to track the string lengths and so allow >2GB input sizes. - CVE-2022-41903 - t-mark-submodule-clean-test-as-known-failure.patch: mark submodule clean test as known failure and so pass 'make test'. * SECURITY UPDATE: possible cross-protocol requests - debian/patches/CVE-2021-40330.patch: forbid newlines in host and path. - CVE-2021-40330 * SECURITY UPDATE: out-of-bounds write and possible RCE caused by integer overflow - debian/patches/CVE-2022-39260.patch: reject too long command line strings in split_cmdline(). - CVE-2022-39260 * SECURITY UPDATE: out-of-bounds write when reading an unreasonably large .gitattributes file - debian/patches/CVE-2021-23521.patch: implement line and overall size checks for .gitattributes files. - CVE-2021-23521 * SECURITY UPDATE: possible write outside of the repository's working directory - debian/patches/CVE-2023-23946.patch: prevent git-apply from writing behind newly created symbolic links. - CVE-2023-23946 Critical TuxCare License Agreement CVE-2022-23521 CVE-2022-41903 CVE-2021-40330 CVE-2023-23946 CVE-2022-39260 Ubuntu 16.04 LTS * SECURITY UPDATE: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. - debian/patches/CVE-2022-34480.patch: avoid using uninitialized pointer - CVE-2022-34480 Important TuxCare License Agreement CVE-2022-34480 Ubuntu 16.04 LTS * SECURITY UPDATE: Invalid validation of BCrypt hashes - debian/patches/CVE-2023-0567.patch: Remove "PHP Hack" to fix validation of malformed BCrypt hashes - CVE-2023-0567 * SECURITY UPDATE: Unauthorized data access or modification - debian/patches/CVE-2023-0568.patch: Fix array overrun when appending slash to paths - CVE-2023-0568 * SECURITY UPDATE: DoS vulnerability when parsing multipart request body - debian/patches/CVE-2023-0662.patch: Introduce max_multipart_body_parts INI and fix repeated warning for file uploads limit exciding - CVE-2023-0662 Critical TuxCare License Agreement CVE-2023-0568 CVE-2023-0662 CVE-2023-0567 Ubuntu 16.04 LTS * SECURITY UPDATE: memory leak in read_header - debian/patches/CVE-2021-20193.patch: Don't return directly from the loop. Instead set the status and break. Return the status. - CVE-2021-20193.patch * SECURITY UPDATE: a heap buffer overflow - debian/patches/CVE-2022-48303.patch: Check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value. - CVE-2022-48303.patch * improve debian/rules to build the project by root Important TuxCare License Agreement CVE-2022-48303 Ubuntu 16.04 LTS * SECURITY UPDATE: Improper input validation - debian/patches/CVE-2023-24329-v2.7.patch: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character - CVE-2023-24329 Important TuxCare License Agreement CVE-2023-24329 Ubuntu 16.04 LTS * SECURITY UPDATE: urllib.parse.urlparse does not enforce that a scheme must begin with an ASCII-character - debian/patches/CVE-2023-24329.patch: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character - CVE-2023-24329 Important TuxCare License Agreement CVE-2023-24329 Ubuntu 16.04 LTS * SECURITY UPDATE: Illegal memory access when using virtual editing - debian/patches/CVE-2023-1175: Make sure "startspaces" is not negative - CVE-2023-1175 Important TuxCare License Agreement CVE-2023-1175 Ubuntu 16.04 LTS * SECURITY UPDATE: HTTP Proxy deny use-after-free - debian/patches/CVE-2022-43552.patch: + smb/telnet: do not free the protocol struct in *_done(). + conn: don't free easy handle data in handler->disconnect. - CVE-2022-43552 Moderate TuxCare License Agreement CVE-2022-43552 Ubuntu 16.04 LTS * SECURITY UPDATE: New microcode data file 2023-02-14 - New microcodes: sig 0x000606c1, pf_mask 0x10, 2022-09-23, rev 0x1000211, size 289792 sig 0x000806f4, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f4, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f5, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f5, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f6, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f6, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f7, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f8, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f8, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000b0671, pf_mask 0x32, 2022-12-19, rev 0x0112, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-08-30, rev 0x1000161, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-08-26, rev 0x4003303, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-08-26, rev 0x5003303, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-08-26, rev 0x7002503, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-10-09, rev 0xd000389, size 296960 sig 0x000706a1, pf_mask 0x01, 2022-09-16, rev 0x003e, size 75776 sig 0x000706a8, pf_mask 0x01, 2022-09-20, rev 0x0022, size 76800 sig 0x000706e5, pf_mask 0x80, 2022-08-31, rev 0x00b8, size 113664 sig 0x000806a1, pf_mask 0x10, 2022-09-07, rev 0x0032, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-06-28, rev 0x00a6, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-06-28, rev 0x0042, size 102400 sig 0x000806ec, pf_mask 0x94, 2022-07-31, rev 0x00f4, size 105472 sig 0x00090661, pf_mask 0x01, 2022-07-15, rev 0x0017, size 20480 sig 0x00090672, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x00090675, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x000906a3, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112 sig 0x000906c0, pf_mask 0x01, 2022-09-02, rev 0x24000024, size 20480 sig 0x000906ed, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0653, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-08-31, rev 0x0057, size 103424 sig 0x000b06f2, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 - CVE-2022-38090, INTEL-SA-00767 - CVE-2022-33196, INTEL-SA-00738 - CVE-2022-21216, INTEL-SA-00700 - CVE-2022-21233, INTEL-SA-00657 - CVE-2022-0005, INTEL-SA-00614 - CVE-2022-33972, INTEL-SA-00730 * source: update symlinks to reflect id of the latest release, 20230214 Moderate TuxCare License Agreement CVE-2022-21216 CVE-2022-38090 CVE-2022-33196 CVE-2022-33972 Ubuntu 16.04 LTS * SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141 Critical TuxCare License Agreement CVE-2022-45141 Ubuntu 16.04 LTS * SECURITY UPDATE: buffer overrun vulnerability in format_timespan() - debian/patches/CVE-2022-3821.patch: fix buffer-over-run - CVE-2022-3821 * SECURITY UPDATE: a local privelege escalation for some sudo configs was not blocked adequately - debian/patches/CVE-2023-26604.patch: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined - CVE-2023-26604 Important TuxCare License Agreement CVE-2022-3821 CVE-2023-26604 Ubuntu 16.04 LTS * SECURITY UPDATE: Accessing invalid memory with put in Visual block mode - debian/patches/CVE-2023-1170: Adjust the cursor column if needed - CVE-2023-1170 Moderate TuxCare License Agreement CVE-2023-1170 Ubuntu 16.04 LTS * SECURITY UPDATE: proxy configuration may trigger HTTP request smuggling attack - debian/patches/CVE-2023-25690.patch: don't forward invalid query strings - CVE-2023-25690 Critical TuxCare License Agreement CVE-2023-25690 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of service - debian/patches/CVE-2022-31628.patch: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31628 * SECURITY UPDATE: Cookie injection - debian/patches/CVE-2022-31629.patch: Add cookie integrity validation - CVE-2022-31629 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-31631.patch: Fix integer overflow that could cause PDO::quote() to return an improperly quoted string - CVE-2022-31631 Moderate TuxCare License Agreement CVE-2022-31631 CVE-2022-31629 CVE-2022-31628 Ubuntu 16.04 LTS * SECURITY UPDATE: No check if the return value of XCreateGC() is NULL - debian/patches/CVE-2022-47024: Only use the return value when it is not NULL. - CVE-2022-47024 Important TuxCare License Agreement CVE-2022-47024 Ubuntu 16.04 LTS * SECURITY UPDATE: When cloning a repository with `--local`, Git relies on either making a hardlink or copy to every file in the "objects" directory of the source repository. As a result, malformed repository containing symbolic links pointing at the sensitive information on the victim's machine could be copied - debian/patches/CVE-2022-39253.patch: prevent copying symbolic links - debian/patches/tests-for-CVE-2022-39253.patch: tests - CVE-2022-39253 Moderate TuxCare License Agreement CVE-2022-39253 Ubuntu 16.04 LTS * SECURITY UPDATE: stack-based buffer overread in FUSE xlator - debian/patches/CVE-2022-26253.patch: access the graph->id only while event is associated specific to FUSE xlator. - CVE-2022-26253 Important TuxCare License Agreement CVE-2023-26253 Ubuntu 16.04 LTS * SECURITY UPDATE: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled - debian/patches/CVE-2023-0767.patch: improve handling of unknown PKCS#12 safe bag types - CVE-2023-0767 Important TuxCare License Agreement CVE-2023-0767 Ubuntu 16.04 LTS * SECURITY UPDATE: Telnet option IAC injection - debian/patches/CVE-2023-27533.patch: only accept option arguments in ascii to avoid embedded telnet negotiation commands - CVE-2023-27533 * SECURITY UPDATE: FTP too eager connection reuse - debian/patches/CVE-2023-27535.patch: add more conditions for connection reuse - CVE-2023-27535 * SECURITY UPDATE: GSS delegation too eager connection re-use - debian/patches/CVE-2023-27536.patch: only reuse connections with same GSS delegation - CVE-2023-27536 Critical TuxCare License Agreement CVE-2023-27535 CVE-2023-27536 CVE-2023-27533 Ubuntu 16.04 LTS * SECURITY UPDATE: possible DoS and information disclosure - debian/patches/CVE-2022-44267-44268.patch: fix parsing of some keys - CVE-2022-44267 - CVE-2022-44268 * Fix some leaks: - debian/patches/fix-leaks.patch: fix memory leaks - debian/patches/fix-leaks2.patch: fix memory leaks * Fix reading out of the bound: - debian/patches/fix-reading-out-of-bound.patch Moderate TuxCare License Agreement CVE-2022-44268 CVE-2022-44267 Ubuntu 16.04 LTS * SECURITY UPDATE: Null dereference - debian/patches/CVE-2023-28484.patch: Fix null-pointer-deref in xmlSchemaFixupComplexType - CVE-2023-28484 * SECURITY UPDATE: Fix a null pointer dereference - debian/patches/fix-null-ptr-deref.patch: use XML_SCHEMAS_ANYTYPE instead of a null pointer - CVE-2023-28484 * SECURITY UPDATE: Logic or memory errors - debian/patches/CVE-2023-29469.patch: check whether namelen is less than or equal to zero - CVE-2023-29469 * Add test suite - debian/patches/enable-building-tests.patch: enable building tests - debian/patches/fix-testapi.patch: fix buffer overflow in tests Moderate TuxCare License Agreement CVE-2023-28484 CVE-2023-29469 Ubuntu 16.04 LTS * CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets * CVE-2022-36879 - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero * CVE-2022-1516 - net/x25: Fix null-ptr-deref caused by x25_disconnect * CVE-2022-1205 - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers * CVE-2022-2318 - net: rose: fix UAF bugs caused by timer handler * CVE-2022-1195 - hamradio: defer 6pack kfree after unregister_netdev - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD * CVE-2022-0494 - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-39188 - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) // CVE-2022-39188 - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-2991 - lightnvm: disable the subsystem * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE-2021-4203 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-3772 - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE-2021-3772 - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb * CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) // CVE-2022-1462 - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() * CVE-2022-1462 - tty: fix deadlock caused by calling printk() under tty_port->lock * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-2022-1462 - pty: do tty_flip_buffer_push without port->lock in pty_write * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234) // CVE-2022-1462 - tty: Fix data race in tty_insert_flip_string_fixed_flag * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-4662 - USB: core: Prevent nested device-reset calls * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2022-0617 - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-2380 - video: fbdev: sm712fb: Fix crash in smtcfb_read() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-3111 - power: supply: wm8350-power: Add missing free in free_charger_irq * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) // CVE-2021-3732 - ovl: prevent private clone if bind mount is not allowed * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE-2021-45868 - quota: check block number when reading the block in quota file * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE-2021-3659 - net: mac802154: Fix general protection fault * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE-2023-1074 - sctp: fail if no bound addresses can be used for a given scope * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE-2023-1095 - netfilter: nf_tables: fix null deref due to zeroed list head * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-2023-26607 - ntfs: fix out-of-bounds read in ntfs_attr_find() * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ntfs: fix use-after-free in ntfs_ucsncmp() * CVE-2022-20572 - dm verity: set DM_TARGET_IMMUTABLE feature flag * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - media: mceusb: fix control-message timeouts * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-4149 - btrfs: unlock newly allocated extent buffer after error * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE-2022-20132 - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-2021-28713 - xen/console: harden hvc_xen against event channel storms * CVE-2021-28712 - xen/netfront: harden netfront against event channel storms * CVE-2021-28711 - xen/blkfront: harden blkfront against event channel storms * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-1975 - NFC: netlink: fix sleep in atomic bug when firmware download timeout * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE-2022-1974 - NFC: NULL out the dev->rfkill to prevent UAF * CVE-2022-1974 - nfc: replace improper check device_is_registered() in netlink related functions * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-1011 - fuse: fix pipe buffer lifetime for direct_io * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-2022-0487 - moxart: fix potential use-after-free on remove path * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. // CVE-2023-1118 - media: dvb-core: Fix UAF due to refcount races at releasing * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE-2023-28772 - seq_buf: Fix overflow in seq_buf_putmem_hex() * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328) // CVE-2023-1390 - tipc: fix NULL deref in tipc_link_xmit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41850 - HID: roccat: Fix use-after-free in roccat_read() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-23455 - net: sched: atm: dont intepret cls results when asked to drop * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-47929 - net: sched: disallow noqueue for qdisc classes * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-3424 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0394 - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-36280 - drm/vmwgfx: Validate the box size for the snooped cursor * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41849 - fbdev: smscufx: Fix use-after-free in ufx_ops_open() * Miscellaneous Ubuntu changes - Config update * Miscellaneous upstream changes - media: dvb: dmx: fixed coding style issues of spacing - NFC: reorder the logic in nfc_{un,}register_device - xen/blkfront: separate per ring information out of device info - xen/blkfront: pseudo support for multi hardware queues/rings - xen/blkfront: split per device io_lock - xen/io: use virt_xxx barriers - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - HID: introduce hid_is_using_ll_driver - clone_private_mount() doesn't need to touch namespace_sem - lightnvm: NVM should depend on HAS_DMA Important TuxCare License Agreement CVE-2022-3061 CVE-2022-45934 CVE-2021-45868 CVE-2022-1198 CVE-2022-36879 CVE-2022-1974 CVE-2021-26401 CVE-2022-1016 CVE-2022-1011 CVE-2021-4203 CVE-2022-1205 CVE-2023-28772 CVE-2021-3669 CVE-2020-36516 CVE-2022-4662 CVE-2021-3659 CVE-2022-2380 CVE-2021-3732 CVE-2023-23455 CVE-2022-2318 CVE-2022-36280 CVE-2022-41850 CVE-2022-3424 CVE-2022-41849 CVE-2021-28711 CVE-2022-39188 CVE-2021-4149 CVE-2021-28712 CVE-2023-0394 CVE-2022-1195 CVE-2022-0617 CVE-2022-0487 CVE-2023-1074 CVE-2022-47929 CVE-2022-3628 CVE-2023-1390 CVE-2023-26607 CVE-2022-3903 CVE-2022-3111 CVE-2022-3303 CVE-2022-41218 CVE-2022-20572 CVE-2022-2991 CVE-2022-1516 CVE-2022-20132 CVE-2022-1975 CVE-2022-0494 CVE-2021-3772 CVE-2021-28713 CVE-2022-1462 CVE-2023-26545 CVE-2023-1095 CVE-2023-1118 Ubuntu 16.04 LTS * SECURITY UPDATE: Excessive resource use verifying X.509 policy constraints - debian/patches/CVE-2023-0464.patch: Limit X.509 certificate tree size to avoid exponential use of computational resources - CVE-2023-0464 * SECURITY UPDATE: Incorrecly documented X509_VERIFY_PARAM_add0_policy() - debian/patches/CVE-2023-0466.patch: Align documentation with actual implementation - CVE-2023-0466 * SECURITY UPDATE: Double locking in X.509 policy cache handling - debian/patches/CVE-2022-3996.patch: Revert previously introduced redundant flag setting and so avoid locking at all - CVE-2022-3996 Important TuxCare License Agreement CVE-2022-3996 CVE-2023-0466 CVE-2023-0464 Ubuntu 16.04 LTS * SECURITY UPDATE: By feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch) - debian/patches/CVE-2023-25652.patch: removing a link instead of writing into - CVE-2023-25652 * SECURITY UPDATE: A specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_rename_section_in_file()` that can lead to a remote code execution - debian/patches/CVE-2023-29007.patch: restrict the config file line length to parse it whole either as a section or as a parameter - CVE-2023-29007 Important TuxCare License Agreement CVE-2023-29007 CVE-2023-25652 Ubuntu 16.04 LTS * SECURITY UPDATE: Update to 5.7.42 to fix security issues - CVE-2023-21912, CVE-2023-21980 Important TuxCare License Agreement CVE-2023-21912 CVE-2023-21980 Ubuntu 16.04 LTS * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) // CVE-2022-1012 - tcp: use different parts of the port_offset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port perturb table to 2^16 - tcp: drop the hash_32() part from the index calculation * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - tcp: add some entropy in __inet_hash_connect() * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE-2022-1012 - tcp: resalt the secret every 10 seconds - secure_seq: use the 64 bits of the siphash for port offset calculation * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) - tcp: change source port randomizarion at connect() time * Miscellaneous upstream changes - Revert "tcp: drop the hash_32() part from the index calculation" - Revert "tcp: increase source port perturb table to 2^16" - Revert "tcp: dynamically allocate the perturb table used by source ports" - Revert "tcp: add small random increments to the source port" - Revert "tcp: resalt the secret every 10 seconds" - Revert "tcp: use different parts of the port_offset for index and offset" - Revert "secure_seq: use the 64 bits of the siphash for port offset calculation" - Revert "tcp: change source port randomizarion at connect() time" - Revert "secure_seq: use SipHash in place of MD5" - Revert "tcp: allow to turn tcp timestamp randomization off" - Revert "tcp/dccp: better use of ephemeral ports in connect()" - tcp/dccp: better use of ephemeral ports in connect() - tcp: randomize tcp timestamp offsets for each connection - tcp: allow to turn tcp timestamp randomization off - secure_seq: use SipHash in place of MD5 Important TuxCare License Agreement CVE-2023-1513 CVE-2022-3586 CVE-2022-24448 CVE-2021-4028 CVE-2022-1048 CVE-2022-1012 CVE-2023-30456 CVE-2022-20369 CVE-2023-1073 CVE-2023-1989 CVE-2022-26966 CVE-2023-28328 CVE-2023-1670 CVE-2023-2007 CVE-2023-1829 CVE-2023-31436 CVE-2023-2248 CVE-2022-43945 Ubuntu 16.04 LTS * SECURITY UPDATE: an overflow of 64-bit value used to a memory allocation - debian/patches/CVE-2022-39377.patch: check an overflow and exit if it be - CVE-2022-39377 Important TuxCare License Agreement CVE-2022-39377 Ubuntu 16.04 LTS * SECURITY UPDATE: a possible overflow because of an incomplete fix of CVE-2022-39377 - debian/patches/CVE-2023-33204.patch: check an overflow and exit if it be - CVE-2023-33204 Important TuxCare License Agreement CVE-2023-33204 Ubuntu 16.04 LTS * SECURITY UPDATE: Crash when expanding "~" in substitute causes very long text - debian/patches/CVE-2023-2610.patch: Limit the text length to MAXCOL - CVE-2023-2610 Important TuxCare License Agreement CVE-2023-2610 Ubuntu 16.04 LTS * SECURITY UPDATE: NULL pointer dereference in get_register() - debian/patches/CVE-2023-2609.patch: Check "y_array" is not NULL - CVE-2023-2609 Important TuxCare License Agreement CVE-2023-2609 Ubuntu 16.04 LTS * SECURITY UPDATE: possible MITM attack - debian/patches/fixes/CVE-2023-31484.patch: fix missing SSL verification - CVE-2023-31484 Important TuxCare License Agreement CVE-2023-31484 Ubuntu 16.04 LTS * SECURITY UPDATE: Potential denial of service in OBJ_obj2txt translation - debian/patches/CVE-2023-2650.patch: Restrict size that OBJ_obj2txt() will translate to canonical numeric text form is added, based on RFC 2578 - CVE-2023-2650 Important TuxCare License Agreement CVE-2023-2650 Ubuntu 16.04 LTS * SECURITY UPDATE: buffer overflow allows for signature spoofing - debian/patches/CVE-2022-34903.patch: always use a break to terminate the escape detection loop. - CVE-2022-34903 Moderate TuxCare License Agreement CVE-2022-34903 Ubuntu 16.04 LTS * SECURITY UPDATE: fixing the existing CVE-2017-12450 patches that were incorrectly ported from upstream - debian/patches/CVE-2017-12450-1.patch: fix address violation errors - debian/patches/CVE-2017-12450-2.patch: import patches from mainline to fix minor binutils bugs - CVE-2017-12450 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-25584.patch: lack of bounds checking in vms-alpha.c - CVE-2023-25584 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25585.patch: field file_table of struct module is uninitialized - CVE-2023-25585 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25588.patch: field `the_bfd` of `asymbol` is uninitialised - CVE-2023-25588 * Fix memory leaks and buffer overflow in vms-alpha.c - debian/patches/vms-alpha-buffer-overflow-fix.patch: fix heap-based buffer overflow in build_module_list in vms-alpha.c - debian/patches/vms-alpha-memory-leaks-fix.patch: fix memory leaks and buffer overflow in vms-alpha.c Moderate TuxCare License Agreement CVE-2023-25588 CVE-2023-25585 CVE-2023-25584 Ubuntu 16.04 LTS * SECURITY UPDATE: More POST-after-PUT confusion - debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling - CVE-2023-28322 Low TuxCare License Agreement CVE-2023-28322 Ubuntu 16.04 LTS * SECURITY UPDATE: Response injection (buffering) during MTA SMTP sending - debian/patches/CVE-2021-38371.patch: Enforce STARTTLS sync point, client side in src/transports/smtp.c - CVE-2021-38371 Important TuxCare License Agreement CVE-2021-38371 Ubuntu 16.04 LTS * CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: bogus EBUSY in chain deletions * CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: release objects on netns destruction - netfilter: nf_tables: destroy basechain and rules on netdevice removal - netfilter: nft_hash: support deletion of inactive elements - netfilter: nf_tables: remove check against removal of inactive objects - netfilter: nfnetlink: pass down netns pointer to call() and call_rcu() - netfilter: nf_tables: introduce nft_setelem_parse_flags() helper - netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper - netfilter: nft_rbtree: allow adjacent intervals with dynamic updates - netfilter: nf_tables: parse element flags from nft_del_setelem() - netfilter: nf_tables: reject loops from set element jump to chain - netfilter: nf_tables: fix wrong destroy anonymous sets if binding fails - netfilter: nf_tables: add generic macros to check for generation mask - netfilter: nf_tables: add generation mask to tables - netfilter: nf_tables: add generation mask to chains - netfilter: nf_tables: add generation mask to sets - netfilter: nf_tables: get rid of NFT_BASECHAIN_DISABLED - netlink: add NLM_F_NONREC flag for deletion requests - netfilter: nf_tables: add support for inverted logic in nft_lookup - netfilter: nf_tables: get rid of possible_net_t from set and basechain - netfilter: nf_tables: simplify the basic expressions' init routine - netfilter: nf_tables: fix *leak* when expr clone fail - netfilter: nf_tables: missing sanitization in data from userspace - netfilter: nf_tables: revisit chain/object refcounting from elements * CVE-2023-1380 // CVE-url: https://ubuntu.com/security/CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-32269 - netrom: Fix use-after-free caused by accept on already connected socket * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-2162 - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress Important TuxCare License Agreement CVE-2023-1380 CVE-2023-2162 CVE-2023-32233 CVE-2023-2124 CVE-2023-32269 Ubuntu 16.04 LTS * SECURITY UPDATE: Integer overflow in _libcap_strdup() - debian/patches/CVE-2023-2603.patch: enhance libcap's internal strdup code to limit the processing of long strings - CVE-2023-2603 Important TuxCare License Agreement CVE-2023-2603 Ubuntu 16.04 LTS * SECURITY UPDATE: mod_lua may denial of service in r:parsebody(0) - debian/patches/CVE-2022-29404.patch: use a liberal default limit for LimitRequestBody of 1GB to prevent a denial of service caused by a malicious lua script request - CVE-2022-29404 Important TuxCare License Agreement CVE-2022-29404 Ubuntu 16.04 LTS * SECURITY UPDATE: a heap buffer overflow vulnerability - debian/patches/CVE-2023-32324.patch: fix _cups_strlcpy() to exit immideately if a length of the source string is zero - CVE-2023-32324 Moderate TuxCare License Agreement CVE-2023-32324 Ubuntu 16.04 LTS * Backport upstream releases 8u372 to 16.04 LTS * CVEs fixed in 8u372: - CVE-2023-21930: Improper connection handling during TLS handshake - CVE-2023-21937: Missing string checks for NULL characters - CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder - CVE-2023-21939: Swing HTML parsing issue - CVE-2023-21954: Incorrect enqueue of references in garbage collector - CVE-2023-21967: Certificate validation issue in TLS session negotiation - CVE-2023-21968: Missing check for slash characters in URI-to-path conversion * CVEs fixed in 8u362: - CVE-2023-21830: Improper restrictions in CORBA deserialization - CVE-2023-21843: Soundbank URL remote loading * debian/rules: remove IcedTeaPlugin.so reference (LP: #2016396) * debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre is set up * Drop applied jdk8u-get-datetime-string.patch Important TuxCare License Agreement CVE-2023-21968 CVE-2023-21937 CVE-2023-21967 CVE-2023-21938 CVE-2023-21954 CVE-2023-21843 CVE-2023-21930 CVE-2023-21830 CVE-2023-21939 Ubuntu 16.04 LTS * SECURITY UPDATE: undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546) - debian/patches/CVE-2023-34151.patch: properly cast double to size_t - CVE-2023-34151 Moderate TuxCare License Agreement CVE-2023-34151 Ubuntu 16.04 LTS * SECURITY UPDATE: control characters are not escaped - debian/patches/CVE-2023-2848x.patch: escape control chars - CVE-2023-28486 - CVE-2023-28487 Moderate TuxCare License Agreement CVE-2023-28487 CVE-2023-28486 Ubuntu 16.04 LTS * SECURITY UPDATE: null pointer dereference in ber_memalloc_x() - debian/patches/CVE-2023-2953.patch: added check for strdup failure in ldif_open_url, ldap_url_parsehosts. - CVE-2023-2953 Important TuxCare License Agreement CVE-2023-2953 Ubuntu 16.04 LTS * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verify_SSL=>1 to HTTP::Tiny default configuration - CVE-2023-31486 Important TuxCare License Agreement CVE-2023-31486 Ubuntu 16.04 LTS * SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2-v2.7.patch: Start stripping C0 control and space chars in `urlsplit` - debian/patches/CVE-2023-24329-v2.7.patch: Fix test_attributes_bad_scheme to check for non-ascii symbol as first character of url - CVE-2023-24329 Important TuxCare License Agreement CVE-2023-24329 Ubuntu 16.04 LTS * SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: Start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329 Important TuxCare License Agreement CVE-2023-24329 Ubuntu 16.04 LTS * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovl_rename() * CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 * Jammy update: v5.15.93 upstream stable release (LP: #2012665) // CVE-url: https://ubuntu.com/security/CVE-2023-3161 - fbcon: Check font dimension limits * CVE-url: https://ubuntu.com/security/CVE-2021-3753 - vt_kdsetmode: extend console locking * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - Btrfs: fill relocation block rsv after allocation - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition Important TuxCare License Agreement CVE-2021-20321 CVE-2023-1990 CVE-2023-3141 CVE-2023-3161 CVE-2023-35824 CVE-2023-3268 CVE-2023-3111 CVE-2023-3390 CVE-2023-3090 CVE-2023-3212 CVE-2021-3753 CVE-2022-1184 Ubuntu 16.04 LTS * SECURITY UPDATE: use-after-free bug - debian/patches/CVE-2023-34241.patch: Log result of httpGetHostname BEFORE closing the connection - CVE-2023-34241 Important TuxCare License Agreement CVE-2023-34241 Ubuntu 16.04 LTS * SECURITY UPDATE: cache size limit exceeding may cause Denial of Service - debian/patches/CVE-2023-2828.patch: prevents the cache going over the configured memory limit (`max-cache-size`) - CVE-2023-2828 Important TuxCare License Agreement CVE-2023-2828 Ubuntu 16.04 LTS * SECURITY UPDATE: infinite loop vulnerability in mdssvc RPC service for Spotlight - debian/patches/CVE-2023-34966.patch: prevents an infinite loop by preventing subcount less than 1. Add test for addressed CVE. - CVE-2023-34966 Important TuxCare License Agreement CVE-2023-34966 Ubuntu 16.04 LTS * SECURITY UPDATE: helper programs can dlopen()/dlclose() any libraries from /usr/lib - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch: checks libraries before dlopen - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch: separate ssh-pkcs11-helpers for each p11 module - CVE-2023-38408 Critical TuxCare License Agreement CVE-2023-38408 Ubuntu 16.04 LTS * New microcode update packages from AMD upstream up to 2023-07-19: + New Microcodes for 17h family: sig 0x00800f82, sig 0x00830f10, sig 0x008a0f00; + New Microcodes for 19h family: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; + Updated microcodes of 17h family: sig 0x00800f12; * SECURITY UPDATE: ZenBleed issue for some CPUs: - CPUs firmware updated up to 2023-07-19 - CVE-2023-20593 Moderate TuxCare License Agreement CVE-2023-20593 Ubuntu 16.04 LTS * SECURITY UPDATE: Fix buffer overflow - debian/patch/CVE-2018-7409: fix unicode_to_ansi_copy(), don't include NUL-terminator in length in unicode_to_ansi_alloc(), make sure that the error handling doesn't overrun the buffer - CVE-2018-7409 Critical TuxCare License Agreement CVE-2018-7409 Ubuntu 16.04 LTS * SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2022-37705.patch: filter tar options - CVE-2022-37705 * SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2023-30577.patch: introduce tar option allow list - CVE-2023-30577 Important TuxCare License Agreement CVE-2023-30577 CVE-2022-37705 Ubuntu 16.04 LTS * SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/php-7.1-CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 * SECURITY UPDATE: buffer mismanagement in phar_dir_read() - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read() - CVE-2023-3824 Critical TuxCare License Agreement CVE-2023-3824 CVE-2023-3823 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4387 - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-35001 // CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-3567 - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF * CVE-url: https://ubuntu.com/security/CVE-2023-0458 - prlimit: do_prlimit needs to have a speculation check * CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: fix use-after-free in ext4_xattr_set_entry * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h * CVE-url: https://ubuntu.com/security/CVE-2023-3159 - firewire: fix potential uaf in outbound_phy_packet_callback() * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free Important TuxCare License Agreement CVE-2023-0458 CVE-2023-3159 CVE-2023-1611 CVE-2023-2513 CVE-2023-35001 CVE-2023-3611 CVE-2023-3567 CVE-2023-4128 CVE-2023-40283 CVE-2023-4387 CVE-2023-3776 CVE-2023-20593 Ubuntu 16.04 LTS * SECURITY UPDATE: New microcode data file 2023-08-08 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912 sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720 sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984 sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424 sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496 sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496 sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496 sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448 sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496 sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472 sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 - CVE-2022-40982, INTEL-SA-00828 - CVE-2023-23908, INTEL-SA-00836 - CVE-2022-41804, INTEL-SA-00837 * source: update symlinks to reflect id of the latest release, 20230808 Moderate TuxCare License Agreement CVE-2022-40982 CVE-2022-41804 CVE-2023-23908 Ubuntu 16.04 LTS * SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correct DH keys - CVE-2023-3817 Moderate TuxCare License Agreement CVE-2023-3817 Ubuntu 16.04 LTS * Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern Moderate TuxCare License Agreement CVE-2023-0590 CVE-2023-23454 CVE-2023-30772 CVE-2023-2194 CVE-2023-2985 CVE-2022-3606 CVE-2023-2269 CVE-2023-31084 CVE-2022-4129 Ubuntu 16.04 LTS * SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174 Critical TuxCare License Agreement CVE-2022-48174 Ubuntu 16.04 LTS * New microcode update packages from AMD upstream up to 2023-08-08: + New Microcodes for 19h family: sig 0x00a10f11, sig 0x00a10f12, sig 0x00aa0f01, sig 0x00aa0f02; * SECURITY UPDATE: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result to potential information disclosure. - CPUs firmware updated up to 2023-08-08 - CVE-2023-20569 - CVE-2023-20593 Important TuxCare License Agreement CVE-2023-20593 CVE-2023-20569 Ubuntu 16.04 LTS * SECURITY UPDATE: segmentation fault in objdump.c compare_symbols - debian/patches/CVE-2022-47695.patch: test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47695 Important TuxCare License Agreement CVE-2021-46174 CVE-2022-44840 CVE-2022-47695 Ubuntu 16.04 LTS * CVE-2022-40433: Segmentation fault in ciMethodBlocks::make_block_at(int) Important TuxCare License Agreement CVE-2022-40433 Ubuntu 16.04 LTS * SECURITY UPDATE: XML vulnerabilities in plist files - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565 Critical TuxCare License Agreement CVE-2022-48565 Ubuntu 16.04 LTS * SECURITY UPDATE: DoS in case of malicious entity directives - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565 Critical TuxCare License Agreement CVE-2022-48565 Ubuntu 16.04 LTS * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - x86/cpufeature: Add facility to check for min microcode revisions - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header - x86/devicetable: Move x86 specific macro out of generic code - x86/cpu: Add consistent CPU match macros - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/bugs: Report AMD retbleed vulnerability - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/entry: Add kernel IBRS implementation - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/speculation: Add LFENCE to RSB fill sequence - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - x86/speculation: Fill RSB on vmexit for IBRS - x86/cpu/amd: Enumerate BTC_NO - x86/speculation: Disable RRSBA behavior - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29901 - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/bugs: Report Intel retbleed vulnerability - entel_idle: Disable IBRS during long idle - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Remove x86_spec_ctrl_mask - x86/common: Stamp out the stepping madness - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29900 - x86/bugs: Add AMD retbleed= boot parameter * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) - x86/bugs: Add "unknown" reporting for MMIO Stale Data * CVE-2021-26401 - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting * Bionic update: upstream stable patchset 2019-10-07 (LP: #1847155) - x86/cpu: Add Tiger Lake to Intel family * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 * Miscellaneous upstream changes - Revert "x86/enter: Use IBRS on syscall and interrupts" Important TuxCare License Agreement CVE-2022-0001 CVE-2022-45919 CVE-2022-26373 CVE-2022-29900 CVE-2023-4622 CVE-2022-29901 Ubuntu 16.04 LTS * SECURITY UPDATE: Use-after-free in do_ecmd() - debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after reset_VIsual() - CVE-2023-4733 * SECURITY UPDATE: Potential OOB write in do_addsub() - debian/patches/CVE-2023-4735.patch: Don't overflow buf2, check size in for loop() - CVE-2023-4735 Important TuxCare License Agreement CVE-2023-4735 CVE-2023-4733 Ubuntu 16.04 LTS * SECURITY UPDATE: Extension script @substitutions@ within quoting allow SQL injection - debian/patches/CVE-2023-39417.patch: filter each substitution through quote_identifier() - CVE-2023-39417 Important TuxCare License Agreement CVE-2023-39417 Ubuntu 16.04 LTS * SECURITY UPDATE: An executable file with some well-known name like zip, gzip, and so on can be started from a current directory during some plugin is opening apropriate file that has a one of the extensions .zip, .gzip, .rb, and etc. This issue is effective only if the PATH environment variable has a ./ (dot) as one element in the path list - debian/patches/CVE-2023-4736.patch: avoid starting executable from a current directory for some plugins - CVE-2023-4736 Important TuxCare License Agreement CVE-2023-4781 CVE-2023-4751 CVE-2023-4736 CVE-2023-4752 Ubuntu 16.04 LTS * SECURITY UPDATE: a heap buffer overflow triggered in display_debug_section() at binutils/readelf.c - debian/patches/CVE-2022-45703.patch: combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-45703 Important TuxCare License Agreement CVE-2022-45703 Ubuntu 16.04 LTS * SECURITY UPDATE: An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. - debian/patches/CVE-2020-22218.patch: doing total_num zero length check. - CVE-2020-22218 Important TuxCare License Agreement CVE-2020-22218 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/cpu: Move arch_smt_update() to a neutral place * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2022-40982 - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/speculation: Identify processors vulnerable to SMT RSB predictions * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * Jammy update: v5.15.46 upstream stable release (LP: #1981864) // CVE-url: https://ubuntu.com/security/CVE-2023-4385 - fs: jfs: fix possible NULL pointer dereference in dbFree() * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4459 - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n Important TuxCare License Agreement CVE-2023-42753 CVE-2022-40982 CVE-2023-20588 CVE-2023-4921 CVE-2023-4459 CVE-2023-3863 CVE-2023-4385 Ubuntu 16.04 LTS * SECURITY UPDATE: uninitialized-heap vulnerability in function tic4x_print_cond in file opcodes/tic4x-dis.c - debian/patches/CVE-2020-35342.patch: Init all of condtable - CVE-2020-35342 * SECURITY UPDATE: a memory consumption issue in get_data function in binutils/nm.c - debian/patches/CVE-2020-19724.patch: Free dyn_syms - CVE-2020-19724 * SECURITY UPDATE: a memory leak when process microblaze-dis.c - debian/patches/CVE-2020-21490.patch: Use strbuf rather than strdup of local temp - CVE-2020-21490 * SECURITY UPDATE: an issue relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service - debian/patches/CVE-2020-19726.patch: Fix parsing a corrupt PE format file - CVE-2020-19726 Important TuxCare License Agreement CVE-2020-35342 CVE-2020-19724 CVE-2020-19726 CVE-2020-21490 Ubuntu 16.04 LTS * SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541 Important TuxCare License Agreement CVE-2022-48541 Ubuntu 16.04 LTS * SECURITY UPDATE: denial of service - debian/patches/CVE-2022-48571.patch: fix the crash when receiving multi-packet uploads in UDP - CVE-2022-48571 Important TuxCare License Agreement CVE-2022-48571 Ubuntu 16.04 LTS * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25009.patch: add additional check to avoid read over the header - CVE-2018-25009 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25010.patch: limit the filter size to not exceed the image dimensions - CVE-2018-25010 * SECURITY UPDATE: fail on multiple image chunks - debian/patches/CVE-2018-25011.patch: only 1 image chunk allowed - CVE-2018-25011 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25013_4.patch: wait for all threads to be done in DecodeRemaining. - CVE-2018-25013 - CVE-2018-25014 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2020-36328.patch: fix invalid check for buffer size - CVE-2020-36328 * SECURITY UPDATE: a use-after-free was found due to a thread being killed too early - debian/patches/CVE-2020-36329.patch: fix for thread race heap-use-after-free - CVE-2020-36329 * SECURITY UPDATE: an out-of-bounds read - debian/patches/CVE-2020-36330.patch: fix riff size checks - CVE-2020-36330 * SECURITY UPDATE: an out-of-bounds read - debian/patches/CVE-2020-36331.patch: validate chunk_size - CVE-2020-36331 * SECURITY UPDATE: a use after free/double free - debian/patches/CVE-2023-1999.patch: clear result->bw on error - CVE-2023-1999 Critical TuxCare License Agreement CVE-2018-25009 CVE-2020-36330 CVE-2018-25011 CVE-2020-36331 CVE-2023-1999 CVE-2018-25010 CVE-2020-36328 CVE-2020-36329 CVE-2018-25014 CVE-2018-25013 Ubuntu 16.04 LTS * SECURITY UPDATE: use-after-free in heapq - debian/patches/CVE-2022-48560.patch: Fix posible crash in heapq with custom comparison operators - CVE-2022-48560 Important TuxCare License Agreement CVE-2022-48560 Ubuntu 16.04 LTS * SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341 Important TuxCare License Agreement CVE-2023-3341 Ubuntu 16.04 LTS * SECURITY UPDATE: сookie injection with none file - debian/patches/CVE-2023-38546.patch: remove unnecessary struct fields in lib/cookie.c - CVE-2023-38546 Moderate TuxCare License Agreement CVE-2023-38546 Ubuntu 16.04 LTS * SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2023-42114.patch: fix possible OOB read in SPA authenticator - CVE-2023-42114 - debian/patches/CVE-2023-42116.patch: fix possible OOB write in SPA authenticator - CVE-2023-42116 Important TuxCare License Agreement CVE-2023-42116 CVE-2023-42114 Ubuntu 16.04 LTS * SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566 Moderate TuxCare License Agreement CVE-2022-48566 Ubuntu 16.04 LTS * SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566 Moderate TuxCare License Agreement CVE-2022-48566 Ubuntu 16.04 LTS * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504 Important TuxCare License Agreement CVE-2023-4504 Ubuntu 16.04 LTS * SECURITY UPDATE: GVariant security issues - debian/patches/CVE-2023-29499-x-CVE-2023-32665/*.patch: fix multiple GVariant serialization issues - CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 * debian/patches/fix-g_test_bug-assertion.patch: Fix g_test_bug assertion in gvariant test * debian/patches/libglib2.0-0.symbols: Add new symbols Important TuxCare License Agreement CVE-2023-32636 CVE-2023-32665 CVE-2023-32611 CVE-2023-32643 CVE-2023-29499 Ubuntu 16.04 LTS * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487 Important TuxCare License Agreement CVE-2023-44487 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP Moderate TuxCare License Agreement CVE-2023-39194 CVE-2023-39193 CVE-2023-3338 CVE-2023-42754 CVE-2023-39192 CVE-2023-42755 CVE-2023-1206 Ubuntu 16.04 LTS * SECURITY UPDATE: bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation - debian/patches/CVE-2023-41360.patch: don't read the first byte of ORF header if we are ahead of stream. - CVE-2023-41360 * SECURITY UPDATE: bgpd/bgp_packet.c processes NLRIs if the attribute length is zero - debian/patches/CVE-2023-41358.patch: do not process NLRIs if the attribute length is zero - CVE-2023-41358 * Fix documentation pdf generation Critical TuxCare License Agreement CVE-2023-41358 CVE-2023-41360 Ubuntu 16.04 LTS * SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip4_64 - CVE-2023-45853 Critical TuxCare License Agreement CVE-2023-45853 Ubuntu 16.04 LTS * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params Important TuxCare License Agreement CVE-2023-42752 CVE-2023-4881 CVE-2023-3772 CVE-2023-4623 CVE-2023-34319 CVE-2023-31083 Ubuntu 16.04 LTS * SECURITY UPDATE: Assign a serial number for messages from the driver - debian/patches/CVE-2023-34969.patch: Fix assertion failure when a monitor is active and a message from the driver cannot be delivered. - CVE-2020-34969 Moderate TuxCare License Agreement CVE-2023-34969 Ubuntu 16.04 LTS * SECURITY UPDATE: a fix of buffer-overflow in trunc_string() - debian/patches/CVE-2023-5344.patch - CVE-2023-5344 * SECURITY UPDATE: segfault in exmode - debian/patches/CVE-2023-5441.patch - CVE-2023-5441 Important TuxCare License Agreement CVE-2023-5441 CVE-2023-5344 Ubuntu 16.04 LTS * SECURITY UPDATE: mod_macro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in mod_macro - CVE-2023-31122 Important TuxCare License Agreement CVE-2023-31122 Ubuntu 16.04 LTS * SECURITY UPDATE: memory leak in stab_demangle_v3_arg - debian/patches/CVE-2022-47007.patch: free dt on failure path - CVE-2022-47007 * SECURITY UPDATE: memory leak in make_tempdir - debian/patches/CVE-2022-47008.patch: free template on all failure paths - CVE-2022-47008 * SECURITY UPDATE: memory leak in pr_function_type - debian/patches/CVE-2022-47010.patch: free "s" on failure path - CVE-2022-47010 * SECURITY UPDATE: memory leak in parse_stab_struct_fields - debian/patches/CVE-2022-47011.patch: free "fields" on failure path - CVE-2022-47011 Moderate TuxCare License Agreement CVE-2022-47010 CVE-2022-47007 CVE-2022-47008 CVE-2022-47011 Ubuntu 16.04 LTS * SECURITY UPDATE: fix an attempt to allocate an unreasonably large amount of memory when parsing a corrupt ELF file - debian/patches/CVE-2022-48063.patch: Check for excessively large sections - CVE-2022-48063 Moderate TuxCare License Agreement CVE-2022-48063 Ubuntu 16.04 LTS * SECURITY UPDATE: a heap-based overflow - debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to line zero - CVE-2023-0288 * SECURITY UPDATE: an out-of-bounds write - debian/patches/CVE-2023-0054.patch: check the return value of vim_regsub() - CVE-2023-0054 Important TuxCare License Agreement CVE-2023-0054 CVE-2023-0288 Ubuntu 16.04 LTS * SECURITY UPDATE: An unauthenticated user may be able to access recently printed documents. The config file /etc/cups/cupsd.conf should be edited manually in case the cups has been already installed in the system: the <Limit Send-Document> and <Limit CUPS-Get-Document> sections should be changed according to the patch. - debian/patches/CVE-2023-32360.patch: Require authentication for CUPS-Get-Document. - CVE-2023-32360 Moderate TuxCare License Agreement CVE-2023-32360 Ubuntu 16.04 LTS * SECURITY UPDATE: possible weak randomness in nonce value - debian/patches/php-7.0-CVE-2023-3247.patch: Fix missing randomness check for SOAP HTTP Digest Moderate TuxCare License Agreement CVE-2023-3247 Ubuntu 16.04 LTS * SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix string_is_ip_address() - CVE-2023-42117 * SECURITY UPDATE: dnsdb out-of-bounds read information disclosure - debian/patches/CVE-2023-42119.patch: harden dnsdb against crafted DNS responses - CVE-2023-42119 Important TuxCare License Agreement CVE-2023-42117 CVE-2023-42119 Ubuntu 16.04 LTS * SECURITY UPDATE: Remote authenticated user can trigger a kadmind crash - debian/patches/CVE-2023-36054.patch: ensure array count consistency in kadm5 RPC - CVE-2023-36054 Moderate TuxCare License Agreement CVE-2023-36054 Ubuntu 16.04 LTS * SECURITY UPDATE: denial of service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847 Important TuxCare License Agreement CVE-2023-46847 Ubuntu 16.04 LTS * Backport upstream releases 8u382 to 16.04 LTS * CVEs fixed in 8u382: - CVE-2023-22045: OpenJDK incorrectly handled array accesses. - CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings. Low TuxCare License Agreement CVE-2023-22045 CVE-2023-22049 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of service could be encountered if a DH key or DH parameters check experience long delays. - debian/patches/CVE-2023-3446.patch: Adds check to prevent the testing of an excessively large modulus in DH_check(). - CVE-2023-3446 Moderate TuxCare License Agreement CVE-2023-3446 Ubuntu 16.04 LTS * SECURITY UPDATE: open socket out of the dedicated directory - debian/patches/CVE-2023-3961.patch: prevents a traversal out the dedicated directory - CVE-2023-3961 Critical TuxCare License Agreement CVE-2023-3961 Ubuntu 16.04 LTS * CVE-2020-12321 - linux-firmware: Update firmware file for Intel Bluetooth 9260 - linux-firmware: Update firmware file for Intel Bluetooth 9560 Important TuxCare License Agreement CVE-2020-12321 Ubuntu 16.04 LTS * SECURITY UPDATE: integer overflow in the TLV parser - debian/patches/CVE-2022-3515.patch: detect a possible overflow directly in the TLV parser - CVE-2022-3515 * SECURITY UPDATE: integer overflow in the CRL signature parser - debian/patches/CVE-2022-47629.patch: fix an integer overflow in the CRL signature parser - CVE-2022-47629 * Enable internal tests Critical TuxCare License Agreement CVE-2022-3515 CVE-2022-47629 Ubuntu 16.04 LTS * SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016.patch: ps: fix possible buffer overflow in -C option. - CVE-2023-4016 Moderate TuxCare License Agreement CVE-2023-4016 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2022-3629 - vsock: Fix memory leak in vsock_connect() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/debug: Add SCHED_WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read Critical TuxCare License Agreement CVE-2023-45871 CVE-2023-31085 CVE-2023-45862 CVE-2022-3629 CVE-2023-39189 CVE-2023-45863 CVE-2023-1077 CVE-2023-5717 Ubuntu 16.04 LTS * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217 Moderate TuxCare License Agreement CVE-2023-40217 Ubuntu 16.04 LTS * SECURITY UPDATE: New microcode data file 2023-11-14 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 - CVE-2023-23583, INTEL-SA-00950 * source: update symlinks to reflect id of the latest release, 20231114 Important TuxCare License Agreement CVE-2023-23583 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of Service attack against Squid’s Gopher gateway due to a NULL pointer dereference bug - debian/patches/CVE-2023-46728.patch: remove support for Gopher protocol - CVE-2023-46728 Important TuxCare License Agreement CVE-2023-46728 Ubuntu 16.04 LTS * SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560 Important TuxCare License Agreement CVE-2022-48560 Ubuntu 16.04 LTS * SECURITY UPDATE: Update to 5.7.44 to fix security issues - CVE-2023-22053, CVE-2023-22084, CVE-2023-22015, CVE-2023-22026, CVE-2023-22028 Moderate TuxCare License Agreement CVE-2023-22028 CVE-2023-22026 CVE-2023-22015 CVE-2023-22084 CVE-2023-22053 Ubuntu 16.04 LTS * SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact - debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header - CVE-2023-45539 Important TuxCare License Agreement CVE-2023-45539 Ubuntu 16.04 LTS * SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 * SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper process startup fails - CVE-2023-49286 Important TuxCare License Agreement CVE-2023-49285 CVE-2023-49286 Ubuntu 16.04 LTS * SECURITY UPDATE: potential DoS attack via CPU and RAM exhaustion - debian/patches/CVE-2022-48564.patch: Improve validation of Plist files that prevent DoS when processing malformed Apple Property List files in binary format - CVE-2022-48564 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217 Moderate TuxCare License Agreement CVE-2023-40217 CVE-2022-48564 Ubuntu 16.04 LTS * SECURITY UPDATE: possible OS command injection - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in command line - CVE-2023-51385 Critical TuxCare License Agreement CVE-2023-51385 Ubuntu 16.04 LTS * Backport upstream releases 8u392 to 16.04 LTS * CVEs fixed in 8u392: - CVE-2023-22067: IOR deserialization issue in CORBA - CVE-2023-22081: Certificate path validation issue * Drop applied CVE-2022-40433.patch (changes are already in the sources) Moderate TuxCare License Agreement CVE-2023-22081 CVE-2023-22067 Ubuntu 16.04 LTS * SECURITY UPDATE: use-after-free in win_close() - debian/patches/CVE-2023-48231.patch: check window is valid, before accessing it - CVE-2023-48231 * SECURITY UPDATE: overflow with count for :s command - debian/patches/CVE-2023-48233.patch: abort the :s command if the count is too large - CVE-2023-48233 * SECURITY UPDATE: overflow in nv_z_get_count - debian/patches/CVE-2023-48234.patch: break out, if count is too large - CVE-2023-48234 * SECURITY UPDATE: overflow in ex address parsing - debian/patches/CVE-2023-48235.patch: verify that lnum is positive, before substracting from LONG_MAX - CVE-2023-48235 * SECURITY UPDATE: overflow in get_number - debian/patches/CVE-2023-48236.patch: return 0 when the count gets too large - CVE-2023-48236 * SECURITY UPDATE: overflow in shift_line - debian/patches/CVE-2023-48237.patch: allow a max indent of INT_MAX - CVE-2023-48237 * SECURITY UPDATE: overflow in :history - debian/patches/CVE-2023-46246.patch: check that value fits into int - CVE-2023-46246 * SECURITY UPDATE: recursive command line loop may cause a crash - debian/patches/CVE-2022-1771.patch: limit recursion of getcmdline() - CVE-2022-1771 Moderate TuxCare License Agreement CVE-2023-48237 CVE-2023-48235 CVE-2023-48234 CVE-2023-48231 CVE-2023-48236 CVE-2023-48233 CVE-2023-46246 CVE-2022-1771 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat Important TuxCare License Agreement CVE-2023-6546 CVE-2023-6610 CVE-2023-6606 CVE-2023-7192 CVE-2023-6932 CVE-2023-6931 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of Service in HTTP Request parsing - debian/patches/CVE-2023-50269.patch: Limit the number of allowed X-Forwarded-For hops - CVE-2023-50269 Important TuxCare License Agreement CVE-2023-50269 Ubuntu 16.04 LTS * SECURITY UPDATE: denial of service attack - debian/patches/CVE-2023-39804.patch: Fix handling of extended header prefixes. - CVE-2023-39804.patch Low TuxCare License Agreement CVE-2023-39804 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE- url: https://ubuntu.com/security/CVE-2022-48619 - Input: add bounds checking to input_set_capability() * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * kernel crash : net_sched race condition in tcindex_destroy() (LP: #1825942) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - RCU, workqueue: Implement rcu_work * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities Important TuxCare License Agreement CVE-2023-6040 CVE-2023-51780 CVE-2023-34324 CVE-2023-51779 CVE-2023-51782 CVE-2023-51781 CVE-2022-36402 CVE-2022-48619 CVE-2023-0597 CVE-2023-4244 Ubuntu 16.04 LTS * SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795 Moderate TuxCare License Agreement CVE-2023-48795 Ubuntu 16.04 LTS * SECURITY UPDATE: A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. - debian/patches/CVE-2023-5869.patch: Detect integer overflow while computing new array dimensions. - CVE-2023-5869 Important TuxCare License Agreement CVE-2023-5869 Ubuntu 16.04 LTS * SECURITY UPDATE: Use-after-free in xmlValidatePopElement() - debian/patches/CVE-2024-25062.patch: Fix use-after-free if XML Reader when used with DTD validation and XInclude expansion - CVE-2024-25062 Important TuxCare License Agreement CVE-2024-25062 Ubuntu 16.04 LTS * SECURITY UPDATE: KeyTrap denial of service vulnerability - debian/patches/CVE-2023-50387-20230-50868.patch: Fix DNSSEC verification complexity issue by updating verification function signatures. - debian/patches/CVE-2023-50387-fix-1.patch: Allow the original CVE-2023-50387 patch to work if multiple threads support is disabled. - debian/patches/CVE-2023-50387-fix-2.patch: Fix a leak. - CVE-2023-50387 - CVE-2023-50868 Important TuxCare License Agreement CVE-2023-50868 CVE-2023-50387 Ubuntu 16.04 LTS * SECURITY UPDATE: SMTP smuggling because of <LF>.<CR><LF> support - debian/patches/CVE-2023-51766.patch: reject "dot, LF" as ending data phase. Testcase for "smtp smuggling". - CVE-2023-51766 Moderate TuxCare License Agreement CVE-2023-51766 Ubuntu 16.04 LTS * SECURITY UPDATE: A flaw fixed when the getaddrinfo function may access memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4806.patch: fix the flaw - CVE-2023-4806 * SECURITY UPDATE: In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4813.patch: fix the flaw - CVE-2023-4813 Moderate TuxCare License Agreement CVE-2023-4806 CVE-2023-4813 Ubuntu 16.04 LTS * SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to config_parser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault - debian/patches/CVE-2023-6004-02.patch: allow multiple '@' in usernames - debian/patches/CVE-2023-6004-03.patch: simplify the hostname parsing in ssh_options_set - debian/patches/CVE-2023-6004-04.patch: add function to check allowed characters of a hostname - debian/patches/CVE-2023-6004-05.patch: add test for ssh_check_hostname_syntax - debian/patches/CVE-2023-6004-06.patch: check for valid syntax of a hostname if it is a domain name - debian/patches/CVE-2023-6004-07.patch: add test for proxycommand injection - debian/patches/CVE-2023-6004-08.patch: add test for ssh_is_ipaddr - debian/patches/CVE-2023-6004-09.patch: add ipv6 link-local check for an ip address - debian/patches/CVE-2023-6004-10.patch: add tests for ipv6 link-local - debian/patches/CVE-2023-6004-regression1.patch: fix regression in IPv6 addresses in hostname parsing - debian/patches/CVE-2023-6004-regression2.patch: increase test coverage for IPv6 address parsing as hostnames - CVE-2023-6004 * SECURITY UPDATE: Unchecked return values for digests may cause DoS - debian/patches/CVE-2023-6918-1.patch: systematically check return values when calculating digests - debian/patches/CVE-2023-6918-2.patch: detect context init failures - debian/patches/CVE-2023-6918-3.patch: code coverage for ssh_get_pubkey_hash() - CVE-2023-6918 Moderate TuxCare License Agreement CVE-2023-6918 Ubuntu 16.04 LTS * SECURITY UPDATE: Heap use-after-free flaw in coders/bmp.c in ImageMagick - debian/patches/CVE-2023-5341.patch: Check BMP file size to fix ImproperImageHeader caused by poc provided by Hardik Shah of Vehere (Dawn Treaders team) - CVE-2023-5341 Moderate TuxCare License Agreement CVE-2023-5341 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of service could be encountered when generating excessively long DH keys or checking excessively long DH keys or parameters. - debian/patches/CVE-2023-5678.patch: Make DH_check_pub_key() and DH_generate_key() safer yet. - CVE-2023-5678. Moderate TuxCare License Agreement CVE-2023-5678 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617 Important TuxCare License Agreement CVE-2024-25617 Ubuntu 16.04 LTS * SECURITY UPDATE: stack-buffer-overflow in option callback func - debian/patches/CVE-2024-22667.patch: pass size of errbuf down the call stack, use snprintf() instead of sprintf() - CVE-2024-22667 Important TuxCare License Agreement CVE-2024-22667 Ubuntu 16.04 LTS * SECURITY UPDATE: Improper cookie domain verification allows malicious HTTP server to set 'super cookies' in package - debian/control: Build-Depends: add libpsl-dev - debian/patches/CVE-2023-46218.patch: Lowercase domain names before PSL checks to ensure proper comparison - CVE-2023-46218 Moderate TuxCare License Agreement CVE-2023-46218 Ubuntu 16.04 LTS * SECURITY UPDATE: Potential Denial of Service via processing maliciously formatted PKCS12 file - debian/patches/CVE-2024-0727.patch: Fix decode error causing NULL pointer in PKCS12_unpack_p7data, PKCS12_unpack_p7encdata, PKCS12_unpack_authsafes, SMIME_write_PKCS7, pkcs12_gen_mac and newpass_p12 functions - CVE-2024-0727 Moderate TuxCare License Agreement CVE-2024-0727 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666) // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets * Bionic update to 4.15.8 stable release (LP: #1755179) // CVE-url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: don't use inet_shutdown on ppp session destroy - l2tp: fix race in pppol2tp_release with session object destroy * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set * Bionic update: upstream stable patchset 2019-07-29 (LP: #1838349) // CVE- url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Fix debugfs NULL pointer dereference Important TuxCare License Agreement CVE-2024-24855 CVE-2023-39197 CVE-2022-20567 CVE-2023-52449 CVE-2023-52445 CVE-2023-52444 CVE-2023-52443 CVE-2024-24860 CVE-2023-34256 Ubuntu 16.04 LTS * SECURITY UPDATE: Execution of arbitrary SQL functions as the command issuer because of late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY - debian/patches/CVE-2024-0985.patch: run REFRESH MATERIALIZED VIEW CONCURRENTLY in right security context - CVE-2024-0985 Important TuxCare License Agreement CVE-2024-0985 Ubuntu 16.04 LTS * SECURITY UPDATE: denial of service (blocked login process) via mkfifo - debian/patches-applied/CVE-2024-22365.patch: pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations - CVE-2024-22365 Moderate TuxCare License Agreement CVE-2024-22365 Ubuntu 16.04 LTS * SECURITY UPDATE: http2: push headers better cleanup - debian/patches/CVE-2024-2398.patch: provide common cleanup method for push headers - CVE-2024-2398 Important TuxCare License Agreement CVE-2024-2398 Ubuntu 16.04 LTS * SECURITY UPDATE: Fix incompatible pointer-to-integer types - debian/patch/CVE-2024-1013.patch: PostgreSQL driver: Fix incompatible pointer-to-integer types. This change is required to avoid a build failure with GCC 14. - CVE-2024-1013 Important TuxCare License Agreement CVE-2024-1013 Ubuntu 16.04 LTS * SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. - CVE-2022-48624 Important TuxCare License Agreement CVE-2022-48624 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration * CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix use-after-free in tw_timer_handler * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46939 - tracing: Restructure trace_clock_global() to never block * CVE-url: https://ubuntu.com/security/CVE-2021-46933 - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // CVE- url: https://ubuntu.com/security/CVE-2021-46924 - NFC: st21nfca: Fix memory leak in device probe and remove * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: convert DVB device types into an enum - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device() Important TuxCare License Agreement CVE-2021-46936 CVE-2021-46933 CVE-2021-46939 CVE-2024-23307 CVE-2021-46932 CVE-2024-26633 CVE-2023-52340 CVE-2021-46924 CVE-2023-52469 CVE-2023-52436 CVE-2023-52470 CVE-2022-45884 Ubuntu 16.04 LTS * SECURITY UPDATE: improper handling of user input vulnerability - debian/patches/CVE-2024-3096.patch: Disallow null character in bcrypt password to prevent password_verify from erroneously returning true - CVE-2024-3096 Moderate TuxCare License Agreement CVE-2024-3096 Ubuntu 16.04 LTS * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47194 - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46955 - openvswitch: fix stack OOB read while fragmenting IPv4 packets * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46966 - ACPI: custom_method: fix potential use-after-free issue * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2019-25162 - i2c: Fix a potential use after free * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-46906 - HID: usbhid: fix info leak in hid_submit_ctrl * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) // CVE- url: https://ubuntu.com/security/CVE-2021-46905 - net: hso: fix NULL-deref on disconnect regression * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE- url: https://ubuntu.com/security/CVE-2021-46904 - net: hso: fix null-ptr-deref during tty device unregistration * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Important TuxCare License Agreement CVE-2024-26600 CVE-2021-46905 CVE-2021-47194 CVE-2021-47198 CVE-2021-47193 CVE-2021-46955 CVE-2023-52600 CVE-2023-24023 CVE-2021-46966 CVE-2023-52603 CVE-2023-52458 CVE-2019-25162 CVE-2021-46904 CVE-2021-46906 CVE-2023-1382 CVE-2023-1998 Ubuntu 16.04 LTS * SECURITY UPDATE: possible insecure cookie abuse - debian/patches/php-7.3-CVE-2024-2756.patch: fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix - CVE-2024-2756 Moderate TuxCare License Agreement CVE-2024-2756 Ubuntu 16.04 LTS * SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487 Important TuxCare License Agreement CVE-2024-32487 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix possible use-after-free in smsc75xx_bind * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix memory leak in smsc75xx_bind * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - linux/kernel.h: Add ALIGN_DOWN macro - pstore: Make ramoops_init_przs generic for other prz arrays - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2022-48659 - mm/slub: fix to return errno if kmalloc() fails * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * Bionic update: upstream stable patchset 2019-07-19 (LP: #1837257) // CVE- url: https://ubuntu.com/security/CVE-2024-26882 - ip: validate header length on virtual device xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts Important TuxCare License Agreement CVE-2024-26805 CVE-2024-26614 CVE-2023-52530 CVE-2023-52601 CVE-2022-48659 CVE-2024-26882 CVE-2024-26901 CVE-2024-26898 CVE-2024-26904 CVE-2024-26622 CVE-2024-26884 CVE-2024-26625 CVE-2024-26697 CVE-2024-26635 CVE-2023-52587 CVE-2023-52615 CVE-2023-52595 CVE-2024-26675 CVE-2023-52619 CVE-2023-52599 CVE-2023-52594 CVE-2023-52602 CVE-2024-26704 CVE-2024-26720 CVE-2024-26825 CVE-2024-26636 CVE-2023-52604 CVE-2024-26679 CVE-2023-52622 CVE-2024-26696 CVE-2023-52486 CVE-2024-26671 CVE-2024-26685 CVE-2024-26910 CVE-2021-47173 CVE-2023-52524 CVE-2023-52566 CVE-2021-47171 CVE-2024-26801 CVE-2024-26903 CVE-2024-26908 CVE-2023-47233 Ubuntu 16.04 LTS * SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintentional freeing in TRACE request handler - CVE-2023-49288 Important TuxCare License Agreement CVE-2023-49288 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fixup disc_mutex handling - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT Important TuxCare License Agreement CVE-2024-35982 CVE-2023-52817 CVE-2024-27013 CVE-2024-27020 CVE-2024-26929 CVE-2024-35978 CVE-2023-52752 CVE-2023-52809 CVE-2024-26934 CVE-2023-52806 CVE-2024-35997 CVE-2024-35984 Ubuntu 16.04 LTS * SECURITY UPDATE: buffer overflow in iconv() function when converting to ISO-2022-CN-EXT character set - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences - CVE-2024-2961 Important TuxCare License Agreement CVE-2024-2961 Ubuntu 16.04 LTS * SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016-2.patch: ps: extended fix of the CVE-2023-4016 - fix possible buffer overflow in -C option. - CVE-2023-4016 Low TuxCare License Agreement CVE-2023-4016 Ubuntu 16.04 LTS * SECURITY UPDATE: filter bypass in filter_var FILTER_VALIDATE_URL - debian/patches/CVE-2024-5458.patch: Fix validation of ipv6 hostname to check all conditions and extract condition to separate function - CVE-2024-5458 Moderate TuxCare License Agreement CVE-2024-5458 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() * CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * CVE-url: https://ubuntu.com/security/CVE-2021-47571 - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() * CVE-url: https://ubuntu.com/security/CVE-2021-47521 - can: sja1000: fix use after free in ems_pcmcia_add_card() * CVE-url: https://ubuntu.com/security/CVE-2021-47520 - can: pch_can: pch_can_rx_normal: fix use after free * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-27405 - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names Important TuxCare License Agreement CVE-2021-47521 CVE-2021-47518 CVE-2021-47571 CVE-2024-26845 CVE-2021-47542 CVE-2024-36901 CVE-2024-26840 CVE-2021-47520 CVE-2024-36902 CVE-2024-27410 CVE-2024-26733 CVE-2024-26804 CVE-2024-26779 CVE-2024-26772 CVE-2024-26777 CVE-2024-26778 CVE-2024-26839 CVE-2024-26773 CVE-2024-26764 CVE-2024-26791 CVE-2024-27405 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2021-47545 - perf hists: Properly release format fields - perf hist: Fix memory leak of a perf_hpp_fmt * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - updateconfigs for CONFIG_BHI_{AUTO|OFF|ON} Important TuxCare License Agreement CVE-2024-26642 CVE-2021-47545 CVE-2024-2201 CVE-2021-33631 Ubuntu 16.04 LTS * SECURITY UPDATE: tack-based buffer overflow in netgroup cache - debian/patches/any/CVE-2024-33599.patch: fix buffer overflow in netgroup cache - CVE-2024-33599 Important TuxCare License Agreement CVE-2024-33599 Ubuntu 16.04 LTS * SECURITY UPDATE: eval() on content received via HTTP in test suite - debian/patches/CVE-2020-27619.patch: No longer call eval() on content received via HTTP in the CJK codec tests - CVE-2020-27619 Critical TuxCare License Agreement CVE-2020-27619 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock Important TuxCare License Agreement CVE-2023-52620 CVE-2024-27073 CVE-2024-27074 CVE-2024-24857 CVE-2024-26994 CVE-2024-26880 CVE-2024-35922 CVE-2024-26976 CVE-2024-35805 CVE-2024-27436 CVE-2024-24859 CVE-2023-52650 CVE-2023-52880 CVE-2023-52644 CVE-2024-26931 CVE-2024-35935 CVE-2024-27008 CVE-2024-35915 CVE-2024-35886 CVE-2024-35969 CVE-2024-26863 CVE-2024-26993 CVE-2024-26923 CVE-2024-26999 CVE-2023-52699 CVE-2024-35828 CVE-2024-26965 CVE-2024-26966 CVE-2024-35930 CVE-2024-26651 CVE-2024-27078 CVE-2024-26955 CVE-2024-27388 CVE-2024-26956 CVE-2024-24858 CVE-2024-35821 CVE-2024-26816 CVE-2024-26851 CVE-2024-39493 CVE-2024-38587 CVE-2024-38381 CVE-2024-26886 CVE-2024-35809 CVE-2024-26875 CVE-2024-27001 CVE-2024-27059 CVE-2024-26974 CVE-2024-35910 CVE-2024-35944 CVE-2024-35830 CVE-2024-35807 CVE-2024-26813 CVE-2024-26810 CVE-2024-35933 CVE-2024-27419 CVE-2024-26859 CVE-2024-26973 CVE-2024-35936 CVE-2024-27075 CVE-2024-27043 CVE-2024-27000 CVE-2024-35815 CVE-2024-26894 CVE-2024-26981 CVE-2024-27437 CVE-2024-26643 Ubuntu 16.04 LTS * SECURITY UPDATE: stack buffer overflow in ada_decode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 * SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build - CVE-2023-39129 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2023-39130.patch: bfd IO functions give warnings - CVE-2023-39130 Moderate TuxCare License Agreement CVE-2023-39130 CVE-2023-39128 CVE-2023-39129 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2_get_enc_key * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/ - ima: fix ima_d_path() possible race with rename * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2022-48850 - net-sysfs: add check for netdevice being present to speed_show * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48860 - ethernet: Fix error handling in xemaclite_of_probe * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48857 - NFC: port100: fix use-after-free in port100_send_complete * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48851 - staging: gdm724x: fix use after free in gdm_lte_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: Remove deprecated create_workqueue - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: move geneve device lookup before iptunnel_pull_header - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-27405 // CVE-url: https://ubuntu.com/security/CVE-2024-35825 - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625) // CVE- url: https://ubuntu.com/security/CVE-2022-33742 - xen/blkfront: force data bouncing when backend is untrusted * CVE-url: https://ubuntu.com/security/CVE-2022-33742 - xen: introduce xenbus_read_unsigned() Important TuxCare License Agreement CVE-2024-25739 CVE-2024-36016 CVE-2024-26687 CVE-2024-35825 CVE-2024-39494 CVE-2024-26857 CVE-2022-48627 CVE-2021-46960 CVE-2024-35950 CVE-2022-33742 CVE-2022-48857 CVE-2024-26654 CVE-2022-48850 CVE-2024-27405 CVE-2022-48860 CVE-2022-48863 CVE-2022-48851 CVE-2024-40902 Ubuntu 16.04 LTS * SECURITY UPDATE: New microcode data file 2024-05-14 - New microcodes: sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192 sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888 sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200 sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008 sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800 sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800 sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688 sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448 sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496 sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480 sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808 sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496 sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240 sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 * source: update symlinks to reflect id of the latest release, 20240514 Important TuxCare License Agreement CVE-2023-45745 CVE-2023-45733 CVE-2023-46103 CVE-2023-39368 CVE-2023-47855 CVE-2023-22655 CVE-2023-28746 CVE-2023-38575 CVE-2023-43490 Ubuntu 16.04 LTS * SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733 Moderate TuxCare License Agreement CVE-2021-3733 Ubuntu 16.04 LTS * SECURITY UPDATE: Insecure behavior with semicolons in URI userinfo - debian/patches/CVE-2024-38428.patch: Properly re-implement userinfo parsing (rfc2396) to fix outdated RFC implementation - CVE-2024-38428 Critical TuxCare License Agreement CVE-2024-38428 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: introduce a controller state machine - nvme: move namespace scanning to core - nvme: move AER handling to common code - nvme: fix a possible use-after-free in controller reset during load - nvme-pci: fix multiple ctrl removal scheduling * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - tty: Define ASYNC_ replacement bits - tty: Replace ASYNC_CTS_FLOW bit and update atomically - tty: Remove ASYNC_CLOSING - tty: mxser: Remove ASYNC_CLOSING - isdn: Remove ASYNC_CLOSING - tty: Replace TTY_IO_ERROR bit tests with tty_io_error() - tty: Replace ASYNC_NORMAL_ACTIVE bit and update atomically - tty: Replace ASYNC_CHECK_CD and update atomically - tty: Replace ASYNC_SUSPENDED bit and update atomically - tty: Replace ASYNC_INITIALIZED bit and update atomically - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE- url: https://ubuntu.com/security/CVE-2022-48809 - net: fix a memleak when uncloning an skb dst and its metadata * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Critical TuxCare License Agreement CVE-2024-42068 CVE-2024-38583 CVE-2024-42244 CVE-2024-41095 CVE-2022-48809 CVE-2024-42153 CVE-2022-48791 CVE-2024-41098 CVE-2024-42236 CVE-2024-42232 CVE-2022-48790 CVE-2022-48792 CVE-2024-41089 CVE-2024-42154 CVE-2024-38570 CVE-2024-42228 CVE-2024-42070 CVE-2024-42079 CVE-2024-42226 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: suppress too verbose messages in tcp_send_ack() - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - new helper: memdup_user_nul() - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation Important TuxCare License Agreement CVE-2024-36950 CVE-2024-38567 CVE-2024-38634 CVE-2024-36286 CVE-2024-36960 CVE-2024-38558 CVE-2024-38607 CVE-2024-38599 CVE-2024-37356 CVE-2024-36919 CVE-2024-36886 CVE-2024-33621 CVE-2024-36905 CVE-2024-38627 CVE-2024-38578 CVE-2024-38560 CVE-2024-36964 CVE-2024-38601 CVE-2024-36939 CVE-2024-38613 CVE-2024-36941 CVE-2024-27401 CVE-2024-39475 CVE-2024-38618 CVE-2024-36883 CVE-2024-27399 CVE-2024-35947 CVE-2024-36934 CVE-2024-36946 CVE-2024-38633 CVE-2024-39480 CVE-2024-36270 CVE-2024-39292 CVE-2024-38600 CVE-2024-38589 CVE-2024-39301 CVE-2024-38565 CVE-2024-38621 CVE-2024-38659 Ubuntu 16.04 LTS * SECURITY UPDATE: exploit “quoted-overlap” zip-bombs with a high compression ratio - debian/patches/CVE-2024-0450.patch: Protect zipfile from "quoted-overlap" zipbomb - CVE-2024-0450 * replace TLSv1 by TLSv1.2 since TLSv1 is not supported in the following tests: - Lib/test/test_ftplib.py - Lib/test/test_httplib.py - Lib/test/test_poplib.py - Lib/test/test_ssl.py - Lib/test/test_urllib2_localnet.py Moderate TuxCare License Agreement CVE-2024-0450 Ubuntu 16.04 LTS * SECURITY UPDATE: still vulnerable to CVE-2020-9484 with a configuration edge case - debian/patches/CVE-2021-25329.patch: use java.nio.file.Path for consistent sub-directory checking - CVE-2021-25329 * SECURITY UPDATE: time-of-check to time-of-use vulnerability introduced by the CVE-2020-9484 fix - debian/patches/CVE-2022-23181.patch: make calculation of session storage location more robust - CVE-2022-23181 * Internal tests: - debian/rules: fail the build if some of the tests have failed - debian/patches/skipping-tests-incompatible-with-firewall.patch: backport from ubuntu18 els - debian/patches/dont-test-unsupported-ciphers.patch: skip testing of unsupported ciphers - debian/patches/skip-tests-error-and-unstable.patch: skip tests that fail with error and unstable ones Important TuxCare License Agreement CVE-2022-23181 CVE-2021-25329 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - fixup! scsi: qla2xxx: Fix double free of fcport Important TuxCare License Agreement CVE-2024-39487 CVE-2024-39484 CVE-2023-52629 CVE-2023-52760 Ubuntu 16.04 LTS * SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: prevent crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38477 Critical TuxCare License Agreement CVE-2024-38475 CVE-2024-38477 CVE-2024-38474 CVE-2024-40725 CVE-2023-38709 CVE-2024-27316 CVE-2024-24795 CVE-2024-39884 CVE-2024-38476 Ubuntu 16.04 LTS * SECURITY UPDATE: Memory Corruption via Out-of-bounds Write in ESI variables assignment - debian/patches/CVE-2024-37894.patch: fix incorrect type declaration in TrieNode.cc to prevent potential type conversion issues - CVE-2024-37894 Moderate TuxCare License Agreement CVE-2024-37894 Ubuntu 16.04 LTS * SECURITY UPDATE: Client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests - debian/patches/CVE-2024-1975.patch: Remove support for SIG(0) message verification. - CVE-2024-1975 Important TuxCare License Agreement CVE-2024-1975 Ubuntu 16.04 LTS * SECURITY UPDATE: Potential arbitrary code execution - debian/patches/CVE-2024-32004.patch: Enhance ownership checks to detect dubious local repositories during cloning, warning users of potential risks. This change affects multiple Git commands to improve overall security. - CVE-2024-32004 Important TuxCare License Agreement CVE-2024-32004 Ubuntu 16.04 LTS * SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str() issues and add unit tests to verify correct behaviour - CVE-2024-7264 Moderate TuxCare License Agreement CVE-2024-7264 Ubuntu 16.04 LTS * SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45491.patch: fix dtdCopy in xmlparse.c - CVE-2024-45491 * SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45492.patch: fix nextScaffoldPart in xmlparse.c - CVE-2024-45492 Critical TuxCare License Agreement CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 Ubuntu 16.04 LTS * SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371 Critical TuxCare License Agreement CVE-2024-37370 CVE-2024-37371 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48742 - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47576 - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-48919 - cifs: fix double free race when mount fails in cifs_get_root() * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47589 - igbvf: fix double free in `igbvf_probe` * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47600 - dm btree remove: fix use after free in rebalance_children() * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) // CVE- url: https://ubuntu.com/security/CVE-2024-41044 - ppp: ensure minimum packet size in ppp_write() * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes Important TuxCare License Agreement CVE-2024-38538 CVE-2024-40980 CVE-2024-40981 CVE-2024-40959 CVE-2024-38619 CVE-2024-41097 CVE-2024-42115 CVE-2023-52803 CVE-2024-42148 CVE-2024-42096 CVE-2024-42097 CVE-2024-40988 CVE-2024-42104 CVE-2024-40916 CVE-2024-40905 CVE-2024-41044 CVE-2024-40904 CVE-2024-42145 CVE-2024-36894 CVE-2024-39501 CVE-2021-47589 CVE-2022-48919 CVE-2021-47576 CVE-2024-44987 CVE-2024-39499 CVE-2024-41006 CVE-2024-42101 CVE-2023-52527 CVE-2022-48943 CVE-2024-38630 CVE-2024-44940 CVE-2024-42271 CVE-2024-43882 CVE-2024-42301 CVE-2024-46674 CVE-2024-44998 CVE-2024-42106 CVE-2024-42094 CVE-2024-40932 CVE-2024-42102 CVE-2024-40943 CVE-2024-41046 CVE-2024-41035 CVE-2024-42105 CVE-2024-40984 CVE-2024-40987 CVE-2024-42090 CVE-2024-40942 CVE-2024-42089 CVE-2024-42084 CVE-2024-26752 CVE-2022-48742 CVE-2024-41059 CVE-2024-46673 CVE-2024-43858 CVE-2024-41071 CVE-2024-43900 CVE-2024-42284 CVE-2021-47600 CVE-2024-42280 Ubuntu 16.04 LTS * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile - debian/patches/CVE-2024-6232.patch: fix regexp handling in tarfile - CVE-2024-6232 * SECURITY UPDATE: Algorithm with quadratic complexity using excess CPU resources while parsing the cookie value - debian/patches/CVE-2024-7592.patch: fix algorithm with quadratic complexity - CVE-2024-7592 Important TuxCare License Agreement CVE-2024-7592 CVE-2024-6232 Ubuntu 16.04 LTS * SECURITY UPDATE: allocation of resources without limits or throttling - debian/patches/CVE-2024-1737-1: introduced new configurable limits that prevent the loading (into zones or into cache) of DNS resource records (RRs) that exceed them - debian/patches/CVE-2024-1737-2: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES. Add masterformat tests for testing RRsets. Important TuxCare License Agreement CVE-2024-1737 Ubuntu 16.04 LTS * SECURITY UPDATE: TOCTOU race condition in pg_dump - debian/patches/CVE-2024-7348.patch: Fix TOCTOU race condition in pg_dump. - CVE-2024-7348 Important TuxCare License Agreement CVE-2024-7348 Ubuntu 16.04 LTS * New microcode update packages from AMD upstream up to 2024-08-11: - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); * SECURITY UPDATE: Fix improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. - CVE-2023-31315 Important TuxCare License Agreement CVE-2023-31315 Ubuntu 16.04 LTS * New microcode update packages from upstream up to 2024-08-13: - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720 sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688 sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280 sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216 * SECURITY UPDATE: - CVE-2024-24980, INTEL-SA-01100 - CVE-2024-25939, INTEL-SA-01118 - CVE-2023-42667, INTEL-SA-01038 - CVE-2023-49141, INTEL-SA-01046 - CVE-2024-24853, INTEL-SA-01083 Low TuxCare License Agreement CVE-2023-49141 CVE-2024-24980 CVE-2024-25939 CVE-2024-24853 CVE-2023-42667 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48838 - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48836 - Input: aiptek - properly check endpoint type * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47181 - usb: musb: tusb6010: check return value after calling platform_get_resource() Important TuxCare License Agreement CVE-2024-46756 CVE-2024-46759 CVE-2024-46758 CVE-2024-38588 CVE-2024-46722 CVE-2022-48733 CVE-2024-44942 CVE-2022-48836 CVE-2024-40912 CVE-2024-26677 CVE-2021-47181 CVE-2022-48838 CVE-2024-46731 CVE-2024-46757 CVE-2024-46800 CVE-2021-47188 CVE-2024-46743 CVE-2024-46723 CVE-2024-46738 CVE-2024-46744 Ubuntu 16.04 LTS * New microcode update packages from upstream up to 2024-09-10: - Updated microcodes: sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216 sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 * SECURITY UPDATE: - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103 Moderate TuxCare License Agreement CVE-2024-23984 CVE-2024-24968 Ubuntu 16.04 LTS * SECURITY UPDATE: prevent heap-buffer overflow in typeahead buffer flushing - debian/patches/CVE-2024-43802.patch: fix heap-buffer-overflow in ins_typebuf() by validating enough space left when flushing typeahead buffer - CVE-2024-43802 Moderate TuxCare License Agreement CVE-2024-43802 Ubuntu 16.04 LTS * SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2024-8927.patch: Fix bypass of cgi.force_redirect configuration - CVE-2024-8927 Important TuxCare License Agreement CVE-2024-8927 Ubuntu 16.04 LTS * SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - CVE-2023-27043 Moderate TuxCare License Agreement CVE-2023-27043 Ubuntu 16.04 LTS * SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - debian/patches/fix-urllib2-test.patch: Fix error in test_issue16464() by rewriting it with a local HTTP server instead of an external resource - CVE-2023-27043 Moderate TuxCare License Agreement CVE-2023-27043 Ubuntu 16.04 LTS * SECURITY UPDATE: use-after-free in alist_add() - debian/patches/CVE-2024-43374.patch: lock the current window so that the reference to the argument list remains valid - CVE-2024-43374 Low TuxCare License Agreement CVE-2024-43374 Ubuntu 16.04 LTS * SECURITY UPDATE: prevent erroneous parsing - debian/patches/CVE-2024-8925.patch: limit multipart/form-data boundaries size to prevent erroneous parsing - CVE-2024-8925 Moderate TuxCare License Agreement CVE-2024-8925 Ubuntu 16.04 LTS * SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347 Moderate TuxCare License Agreement CVE-2024-7347 Ubuntu 16.04 LTS * SECURITY UPDATE: Integer overflow vulnerability in gem-private.h - debian/patches/CVE-2020-27773.patch: fix gamma calculation to prevent division by zero in ConvertLuvToXYZ function - CVE-2020-27773 * SECURITY UPDATE: Undefined behaviour in quantum.h - debian/patches/CVE-2020-27775.patch: fix PowEvaluateOperator to handle negative pixel values correctly - CVE-2020-27775 Low TuxCare License Agreement CVE-2020-27773 CVE-2020-27775 Ubuntu 16.04 LTS * SECURITY UPDATE: Potential overflow in IntensityCompare() function in quantize.c - debian/patches/CVE-2020-27754.patch: fix pixel intensity comparison in quantize.c to avoid integer overflow - debian/patches/CVE-2020-27759.patch: fix IntensityCompare function to correctly calculate intensity difference - CVE-2020-27754 - CVE-2002-27759 Low TuxCare License Agreement CVE-2020-27759 CVE-2020-27754 Ubuntu 16.04 LTS * SECURITY UPDATE: Integer overflow vulnerability in bmp.c - debian/patches/CVE-2020-27772.patch: fix integer overflow causing incorrect color primary values in BMP image encoding - CVE-2020-27772 - debian/patches/fix-cast-to-ssize_t-always-resulting-in-zero.patch: Fix cast to ssize_t always resulting in zero with bounds checking and fallback Low TuxCare License Agreement CVE-2020-27772 Ubuntu 16.04 LTS * SECURITY UPDATE: Division by zero vulnerability - debian/patches/CVE-2020-27763.patch: Fix window function scaling in resize.c to avoid division on every filter call - CVE-2020-27763 Low TuxCare License Agreement CVE-2020-27763 Ubuntu 16.04 LTS * SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020 Low TuxCare License Agreement CVE-2024-32020 Ubuntu 16.04 LTS * SECURITY UPDATE: Fix race condition when hardlinking file from the source repository into the destination file in the target repository. - debian/patches/CVE-2024-32021.patch: builtin/clone: abort when hardlinked source and target file differ - CVE-2024-32021 Low TuxCare License Agreement CVE-2024-32021 Ubuntu 16.04 LTS * SECURITY UPDATE: Improper type casting in calculation in palm.c could lead to undefined behavior in processing input file - debian/patches/CVE-2020-27761.patch: fix color calculation issue that caused incorrect output when writing PALM images - CVE-2020-27761 * SECURITY UPDATE: Negative Quantum value handling issue in quantum-private.h - debian/patches/CVE-2020-27757.patch: fix improper handling of negative Quantum values - CVE-2020-27757 * SECURITY UPDATE: Excessive shifting overflow in quantum-export.c - debian/patches/CVE-2020-27751.patch: fix shift exponent being too large for 64-bit type in scaling function - CVE-2020-27751 * SECURITY UPDATE: Unsigned int type range issue at quantum-private.h - debian/patches/CVE-2020-27768.patch: fix incorrect checking of Quantum in quantum-private.h scaling functions - CVE-2020-27768 * SECURITY UPDATE: Unsigned char overflow in RestoreMSCWarning() - debian/patches/CVE-2020-27771.patch: fix incorrect casting of GetPixelIndex causing overflow - CVE-2020-27771 Low TuxCare License Agreement CVE-2020-27757 CVE-2020-27768 CVE-2020-27751 CVE-2020-27771 CVE-2020-27761 Ubuntu 16.04 LTS * SECURITY UPDATE: Memory leak due to incorrect image depth size check - debian/patches/CVE-2020-27755.patch: Fix image depth not supported error by setting depth to 8 if it is 0 and to maximum size if it exceeds limit - CVE-2020-27755 Low TuxCare License Agreement CVE-2020-27755 Ubuntu 16.04 LTS * SECURITY UPDATE: gettext machinery might get auto-initialized using an unintended locale directory - debian/patches/CVE-2023-25815.patch: avoid using gettext if the locale dir is not present - CVE-2023-25815 Low TuxCare License Agreement CVE-2023-25815 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49015 - net: hsr: Fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48960 - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48988 - memcg: fix possible use-after-free in memcg_write_event_control() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49029 - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2022-48948 - usb: gadget: uvc: Prevent buffer overflow in setup handler * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48967 - NFC: nci: Bounds check struct nfc_target arrays * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Only have rmmod clear buffers that its events were active in - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2021-3759 - memcg: enable accounting of ipc resources * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - Revert "kernfs: do not account ino_ida allocations to memcg" - Revert "gfp: add __GFP_NOACCOUNT" - memcg: only account kmem allocations marked as __GFP_ACCOUNT - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - usbnet/smsc75xx: silence uninitialized variable warning - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use Critical TuxCare License Agreement CVE-2024-47669 CVE-2024-47685 CVE-2024-50073 CVE-2024-47701 CVE-2024-50035 CVE-2024-47742 CVE-2024-45003 CVE-2024-46755 CVE-2024-42265 CVE-2024-38632 CVE-2024-49967 CVE-2024-49995 CVE-2022-49026 CVE-2024-47757 CVE-2023-52528 CVE-2024-46841 CVE-2024-46750 CVE-2024-46676 CVE-2024-44947 CVE-2024-46675 CVE-2024-45021 CVE-2024-42310 CVE-2024-41012 CVE-2024-45028 CVE-2024-43914 CVE-2024-43884 CVE-2024-42309 CVE-2024-26812 CVE-2024-42311 CVE-2021-3759 CVE-2024-43893 CVE-2024-42223 CVE-2024-44954 CVE-2024-46840 CVE-2024-44950 CVE-2024-38602 CVE-2024-26641 CVE-2022-49006 CVE-2024-43856 CVE-2024-46721 CVE-2024-49882 CVE-2024-49950 CVE-2024-50033 CVE-2022-48960 CVE-2024-49860 CVE-2024-43839 CVE-2024-47745 CVE-2024-47723 CVE-2022-49029 CVE-2024-47698 CVE-2022-48967 CVE-2022-48988 CVE-2024-49903 CVE-2024-49900 CVE-2024-47659 CVE-2023-52918 CVE-2022-48951 CVE-2024-49889 CVE-2022-48948 CVE-2024-49884 CVE-2024-50055 CVE-2024-47697 CVE-2024-50044 CVE-2024-49883 CVE-2024-47670 CVE-2022-49015 Ubuntu 16.04 LTS * SECURITY UPDATE: Undefined behavior in the form of values outside the range of type unsigned long - debian/patches/CVE-2020-27764-and-CVE-2020-27776.patch: Fix outside the range of representable values of type unsigned long - CVE-2020-27764 - CVE-2020-27776 * SECURITY UPDATE: Integer overflow in magick/histogram.c - debian/patches/CVE-2020-25666.patch: Fix integer overflow in HistogramCompare in magick/histogram.c - CVE-2020-25666 Low TuxCare License Agreement CVE-2020-27764 CVE-2020-25666 CVE-2020-27776 Ubuntu 16.04 LTS * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2024-52533.patch: Fix a single byte buffer overflow in connect messages in gsocks4aproxy - CVE-2024-52533 Important TuxCare License Agreement CVE-2024-52533 Ubuntu 16.04 LTS * SECURITY UPDATE: Division by zero vulnerability in segment.c - debian/patches/CVE-2020-27765.patch: Fix average_tau calculation by multiplying instead of dividing by number_nodes in OptimalTau function to prevent incorrect segmentation output - CVE-2020-27765 Low TuxCare License Agreement CVE-2020-27765 Ubuntu 16.04 LTS * Update to 8u432-ga fixing a number of CVEs - CVE-2024-20918: missing array range check in C1 compiler leads to out-of-bounds access - CVE-2024-20919: unverified bytecode execution because of the flaw in JVM class file verifier - CVE-2024-20921: optimization issue of loop range check in IfNode and LoopNode - CVE-2024-20926: execution of arbitrary Java code in Nashorn - CVE-2024-20945: private keys for digital signatures leak to logs - CVE-2024-20952: RSA padding problem, TLS timing side-channel attack - CVE-2024-21011: extended Exception message causing a crash - CVE-2024-21068: Integer overflow in address generation by the C1 compiler - CVE-2024-21085: excessive memory allocation in Pack200 - CVE-2024-21094: "exceeded _node_regs array" C2 compilation error - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: infinite loop vunlerability in SymbolTable - CVE-2024-21140: int overflow/underflow in Range Check Elimination - CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: out-of-bounds access in MaskFill - CVE-2024-21147: out-of-bounds array index in Range Check Elimination - CVE-2024-21208: improper handling of maxHeaderSize in HTTP client - CVE-2024-21210: integer overflow in array indexing in SuperWord - CVE-2024-21217: out-of-memory because of unbounded allocation in MessageFormat - CVE-2024-21235: incorrect range check because of integer conversion error in LoopNode * Update patches - debian/patches/zero-sh.diff Important TuxCare License Agreement CVE-2024-21210 CVE-2024-21145 CVE-2024-21140 CVE-2024-20945 CVE-2024-20921 CVE-2024-20919 CVE-2024-20918 CVE-2024-21235 CVE-2024-21217 CVE-2024-21208 CVE-2024-21147 CVE-2024-21138 CVE-2024-21131 CVE-2024-21144 CVE-2024-21094 CVE-2024-21085 CVE-2024-21068 CVE-2024-21011 CVE-2024-20926 CVE-2024-20952 Ubuntu 16.04 LTS * SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correctly and prevent buffer overflow in quantum- import.c - CVE-2020-27767 Low TuxCare License Agreement CVE-2020-27767 CVE-2020-27769 Ubuntu 16.04 LTS * SECURITY UPDATE: Fix DoS by a trusted server by disable ESI - CVE-2024-45802 Important TuxCare License Agreement CVE-2024-45802 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Modify the indentation of trans_stat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in trans_stat_show * Bionic update: upstream stable patchset 2019-12-20 (LP: #1857158) // CVE- url: https://ubuntu.com/security/CVE-2023-52614 - PM / devfreq: Lock devfreq in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - net: sock: move ->sk_shutdown out of bitfields. - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: allow to invert matching criteria - netfilter: limit: use per-rule spinlock to improve the scalability - netfilter: nf_tables: Fix nft limit burst handling - netfilter: nft_limit: reject configurations that cause integer overflow * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - compiler.h: enable builtin overflow checkers and add fallback code * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: fix packet ratelimiting * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args * Miscellaneous Ubuntu changes - [Packaging]: keep only amd64 architecture * Miscellaneous upstream changes - getabis: use ESM version of debian.master/etc/getabis Important TuxCare License Agreement CVE-2024-50067 CVE-2023-52614 CVE-2024-26668 CVE-2024-27397 CVE-2023-52502 CVE-2023-52578 CVE-2022-48938 CVE-2024-45025 CVE-2024-50036 CVE-2024-35877 CVE-2024-43854 CVE-2024-38596 CVE-2024-42240 Ubuntu 16.04 LTS * SECURITY UPDATE: The HTTP header parsers in HAProxy may accept empty header field names - debian/patches/CVE-2023-25725.patch: prevent empty header field names - CVE-2023-25725 Critical TuxCare License Agreement CVE-2023-25725 Ubuntu 16.04 LTS * SECURITY UPDATE: Prevent running the Python interpreter with an attacker-controlled PYTHONPATH environment variable - debian/patches/CVE-2024-48990-CVE-2024-48991.patch: do not set PYTHONPATH environment variable to prevent a LPE and prevent race condition on /proc/$PID/exec evaluation - CVE-2024-48990 - CVE-2024-48991 * SECURITY UPDATE: Prevent running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable - debian/patches/CVE-2024-48992.patch: do not set RUBYLIB environment variable to prevent a LPE - CVE-2024-48992 * SECURITY UPDATE: Prevent running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable - debian/patches/CVE-2024-11003.patch, debian/control: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 Moderate TuxCare License Agreement CVE-2024-48990 CVE-2024-48992 CVE-2024-48991 CVE-2024-11003 CVE-2024-10224 Ubuntu 16.04 LTS * SECURITY UPDATE: Improper newline quoting in email module header serialization - debian/patches/CVE-2024-6923.patch: Encode newlines in headers and verify headers to be sound - CVE-2024-6923 Moderate TuxCare License Agreement CVE-2024-6923 Ubuntu 16.04 LTS * SECURITY UPDATE: improper sanitization of URIs leading to HTTP request smuggling - debian/patches/CVE-2024-11234.patch: Fix HTTP wrapper full URI path to disallow CR or LF characters - CVE-2024-11234 Important TuxCare License Agreement CVE-2024-11234 Ubuntu 16.04 LTS * CVE-2022-38076 - linux-firmware: Update for Intel Dual Band Wireless AC 3168 - linux-firmware: Upadte for Intel Wireless 7265 (Rev D) Family - linux-firmware: Update for Intel Dual Band Wireless AC 3165 - linux-firmware: Update for Intel Wireless AC 9560 - linux-firmware: Update for Intel Wireless AC 9462 - linux-firmware: Update for Intel Wireless AC 9461 - linux-firmware: Update for Intel Wireless AC 9260 Important TuxCare License Agreement CVE-2022-38076 Ubuntu 16.04 LTS * SECURITY UPDATE: Crash in XML_ResumeParser function - debian/patches/CVE-2024-50602.patch: Refuse to stop/suspend an unstarted parser (XML_ERROR_NOT_STARTED). Fix XML_StopParser to be explicit about XML_PARSING and handle default case. Cover XML_StopParser's new handling of status XML_INITIALIZED, Fix crash with NULL pointer dereference in normal_updatePosition - CVE-2024-50602 Moderate TuxCare License Agreement CVE-2024-50602 Ubuntu 16.04 LTS * SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233 Important TuxCare License Agreement CVE-2024-11233 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47118 - pid: take a reference when initializing `cad_pid` * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47086 - phonet/pep: refuse to enable an unbound pipe * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48695 - scsi: mpt3sas: Fix use-after-free warning * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47321 - watchdog: Fix possible use-after-free by calling del_timer_sync() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47310 - net: ti: fix UAF in tlan_remove_one * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47353 - udf: Fix NULL pointer dereference in udf_symlink function * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Allow multiple commit requests in flight per file - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-47055 - mtd: require write permissions for locking and badblock ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue Important TuxCare License Agreement CVE-2023-52574 CVE-2024-50256 CVE-2024-40910 CVE-2024-44944 CVE-2024-35868 CVE-2024-36952 CVE-2024-35867 CVE-2021-47466 CVE-2024-35861 CVE-2024-35863 CVE-2021-47321 CVE-2024-35896 CVE-2021-47310 CVE-2022-48695 CVE-2021-47353 CVE-2024-27010 CVE-2024-50142 CVE-2024-50148 CVE-2021-47055 CVE-2024-50115 CVE-2024-53057 CVE-2024-26961 CVE-2021-47118 CVE-2021-47501 CVE-2024-26958 CVE-2024-35864 CVE-2023-52477 CVE-2023-52475 CVE-2023-52507 CVE-2024-36968 CVE-2023-52531 CVE-2021-47086 Ubuntu 16.04 LTS * New microcode update packages from upstream up to 2024-11-12: - Updated microcodes: sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240 sig 0x000b0671, pf_mask 0x32, 2024-08-29, rev 0x012b, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 * SECURITY UPDATE: - CVE-2024-21853, INTEL-SA-01101 - CVE-2024-23918, CVE-2024-21820, INTEL-SA-01079 - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103 Low TuxCare License Agreement CVE-2024-21820 CVE-2024-21853 CVE-2024-23918 Ubuntu 16.04 LTS * SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2024-47814.patch: Fix use-after-free issue when closing a buffer by checking for deletions before editing - CVE-2024-47814 Low TuxCare License Agreement CVE-2024-47814 Ubuntu 16.04 LTS * SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12085.patch: fix issue with checksum length manipulation leading to uninitialized memory leak - CVE-2024-12085 Important TuxCare License Agreement CVE-2024-12085 Ubuntu 16.04 LTS * SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 * debian/rules, debian/patches/series: use series file to manage patches * debian/patches/ssh-6-option.diff make it compatible with Quilt Moderate TuxCare License Agreement CVE-2024-12747 Ubuntu 16.04 LTS * SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12086.patch: fix info leak when connecting to malicious server - CVE-2024-12086 * SECURITY UPDATE: arbitraty file write via inproper symlink verification - debian/patches/CVE-2024-12087.patch: fix writing malicious files to arbitrary locations when using '--inc-recursive' option - CVE-2024-12087 * SECURITY UPDATE: arbitraty file write when using '--safe-links' option - debian/patches/CVE-2024-12088.patch: properly verify if a symbolic link destination contains another symbolic link within it when using the '--safe-links' option - CVE-2024-12088 Moderate TuxCare License Agreement CVE-2024-12088 CVE-2024-12087 CVE-2024-12086 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47485 - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - sock: struct proto hash function may error - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47404 - HID: betop: fix slab-out-of-bounds Write in betop_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47254 - gfs2: Fix use-after-free in gfs2_glock_shrink_scan * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47506 - nfsd: fix use-after-free due to delegation race * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47280 - drm: Fix use-after-free read in drm_getunique() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47235 - net: ethernet: fix potential use-after-free in ec_bhf_remove * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47309 - net: validate lwtstate->data before returning from skb_tunnel_info() * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47549 - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE- url: https://ubuntu.com/security/CVE-2021-47500 - iio: mma8452: Fix trigger reference couting * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47483 - regmap: Fix possible double-free in regcache_rbtree_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47334 - misc/libmasm/module: Fix two use after free in ibmasm_init_one * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47355 - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47245 - netfilter: synproxy: Fix out of bounds when parsing TCP options * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47288 - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO Important TuxCare License Agreement CVE-2023-52478 CVE-2023-52476 CVE-2021-47288 CVE-2024-56595 CVE-2024-53142 CVE-2023-52741 CVE-2024-56650 CVE-2021-47549 CVE-2021-47235 CVE-2024-38597 CVE-2024-56600 CVE-2021-47280 CVE-2021-47404 CVE-2024-35887 CVE-2021-47191 CVE-2021-47309 CVE-2024-53141 CVE-2024-53227 CVE-2023-52818 CVE-2024-26996 CVE-2024-56605 CVE-2024-53173 CVE-2024-56759 CVE-2021-47485 CVE-2024-56604 CVE-2021-47254 CVE-2024-50154 CVE-2024-56601 CVE-2024-53155 CVE-2021-47506 CVE-2024-56598 CVE-2024-56602 CVE-2024-56596 CVE-2024-53165 CVE-2021-47500 CVE-2024-56603 CVE-2024-53156 CVE-2021-47483 CVE-2024-56631 CVE-2024-56606 CVE-2021-47334 CVE-2021-47355 CVE-2024-36924 CVE-2021-47245 CVE-2024-40982 CVE-2023-52488 CVE-2024-41066 CVE-2024-38553 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Important TuxCare License Agreement CVE-2024-53104 Ubuntu 16.04 LTS * SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 * debian/control: add package Recommends to krb5-doc Critical TuxCare License Agreement CVE-2024-3596 Ubuntu 16.04 LTS * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile header parsing - debian/patches/CVE-2024-6232.patch: Fix header parsing vulnerability that could lead to ReDoS - CVE-2024-6923 Important TuxCare License Agreement CVE-2024-6232 Ubuntu 16.04 LTS * SECURITY UPDATE: insufficient space allocation in assert() function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abort_msg_s struct to store the length of the message string - CVE-2025-0395 Moderate TuxCare License Agreement CVE-2025-0395 Ubuntu 16.04 LTS * SECURITY UPDATE: Ability to modify permissions with privileged programs - debian/patches/CVE-2023-6597.patch: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2023-6597 Important TuxCare License Agreement CVE-2023-6597 Ubuntu 16.04 LTS * SECURITY UPDATE: PPD injection issues - debian/patches/CVE-2024-47175.patch: sanitize make and model, PPDize preset and template names in cups/ppd-cache.c - CVE-2024-47175 Important TuxCare License Agreement CVE-2024-47175 Ubuntu 16.04 LTS * New microcode update packages from upstream up to 2025-02-11: - New microcodes: sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952 sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032 sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496 sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 * SECURITY UPDATE: - CVE-2024-31068 (INTEL-SA-01166) - CVE-2024-36293 (INTEL-SA-01213) - CVE-2024-39279 (INTEL-SA-01139) Moderate TuxCare License Agreement CVE-2024-39279 CVE-2024-31068 CVE-2024-36293 Ubuntu 16.04 LTS * SECURITY UPDATE: buffer over-read in xmlHTMLPrintFileContext - debian/patches/CVE-2024-34459.patch: Fix buffer overread with `xmllint --htmlout` by adding a missing bounds check - CVE-2024-34459 * SECURITY UPDATE: use-after-free vulnerability in xinclude.c - debian/patches/CVE-2022-49043.patch: Fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free - CVE-2022-49043 * SECURITY UPDATE: stack-based buffer overflow in xmlSnprintfElements in valid.c - debian/patches/CVE-2025-24928.patch: Fix stack-buffer-overflow in xmlSnprintfElements caused by improperly calculating qname length - CVE-2025-24928 * SECURITY UPDATE: NULL pointer dereference in xmlPatMatch in pattern.c - debian/patches/CVE-2025-27113.patch: Fix compilation of explicit child axis to generate XML_OP_ELEM like the case without an axis - CVE-2025-27113 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171 Important TuxCare License Agreement CVE-2022-49043 CVE-2025-24928 CVE-2024-56171 CVE-2024-34459 CVE-2025-27113 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neigh_periodic_work() * CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211_get_station * CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma buf fence polling * CVE-url: https://ubuntu.com/security/CVE-2024-44931 - gpio: prevent potential speculation leaks in gpio_device_get_desc() * CVE-url: https://ubuntu.com/security/CVE-2024-50229 - nilfs2: fix potential deadlock with newly created symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-50171 - net: systemport: fix potential memory leak in bcm_sysport_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-50233 - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() * CVE-url: https://ubuntu.com/security/CVE-2024-44938 - jfs: Fix shift-out-of-bounds in dbDiscardAG * CVE-url: https://ubuntu.com/security/CVE-2024-50117 - drm/amd: Guard against bad data for ATIF ACPI method * CVE-url: https://ubuntu.com/security/CVE-2024-49902 - jfs: check if leafidx greater than num leaves per dmap tree * CVE-url: https://ubuntu.com/security/CVE-2023-52799 - jfs: fix array-index-out-of-bounds in dbFindLeaf * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: fix power_on vs close race - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-50267 - USB: serial: io_edgeport: fix use after free in debug printk * CVE-url: https://ubuntu.com/security/CVE-2024-50230 - nilfs2: fix kernel bug due to missing clearing of checked flag * CVE-url: https://ubuntu.com/security/CVE-2024-50302 - HID: core: zero-initialize the report buffer * CVE-url: https://ubuntu.com/security/CVE-2024-50180 - fbdev: sisfb: Fix strbuf array overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing - dm cache: fix potential out-of-bounds access on the first resume * CVE-url: https://ubuntu.com/security/CVE-2024-50234 - wifi: iwlegacy: Clear stale interrupts before resuming device * CVE-url: https://ubuntu.com/security/CVE-2024-50301 - security/keys: fix slab-out-of-bounds in key_task_permission * CVE-url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Add __must_check attribute to check_*() helpers - compiler.h: drop fallback overflow checkers - overflow: Allow mixed type arguments - udf: fix uninit-value use in udf_get_fileshortad * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Include header file with SIZE_MAX declaration * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow.h: Add allocation size calculation helpers * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow.h: Add arithmetic shift helper * CVE-url: https://ubuntu.com/security/CVE-2024-53061 - media: s5p-jpeg: prevent buffer overflows * CVE-url: https://ubuntu.com/security/CVE-2024-47809 - dlm: fix possible lkb_resource null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove Important TuxCare License Agreement CVE-2024-49902 CVE-2024-41020 CVE-2021-47379 CVE-2024-50117 CVE-2024-50267 CVE-2024-50230 CVE-2024-50143 CVE-2024-50233 CVE-2024-50180 CVE-2024-43863 CVE-2024-53061 CVE-2024-53239 CVE-2024-50302 CVE-2024-50051 CVE-2024-41063 CVE-2023-52799 CVE-2024-40911 CVE-2024-44938 CVE-2024-50171 CVE-2024-43892 CVE-2023-52522 CVE-2024-47809 CVE-2024-44931 CVE-2024-50234 CVE-2024-50229 CVE-2024-50278 CVE-2024-50301 Ubuntu 16.04 LTS * SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE: Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938 * SECURITY UPDATE: Incorrent information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private” in ipaddress module - debian/patches/CVE-2024-4032.patch: fix "private" (non-global) IP address ranges - CVE-2024-4032 Moderate TuxCare License Agreement CVE-2025-0938 CVE-2024-11168 CVE-2024-4032 Ubuntu 16.04 LTS * SECURITY UPDATE: stack-based buffer overflow via manipulation of argument - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow at objdump disassemble_bytes by restricting insn_width to range 1-49 - CVE-2025-0840 Important TuxCare License Agreement CVE-2025-0840 Ubuntu 16.04 LTS * SECURITY UPDATE: Incorrect path quoting in venv allows command injection - debian/patches/CVE-2024-9287.patch: Quote template strings in venv activation - CVE-2024-9287 Important TuxCare License Agreement CVE-2024-9287 Ubuntu 16.04 LTS * SECURITY UPDATE: PostgreSQL libpq incorrect neutralization of quoting syntax allows SQL injection - debian/patches/CVE-2025-1094.patch: Add full encoding validation in libpq data-quoting functions. - CVE-2025-1094 Important TuxCare License Agreement CVE-2025-1094 Ubuntu 16.04 LTS * SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465 Moderate TuxCare License Agreement CVE-2025-26465 Ubuntu 16.04 LTS * SECURITY UPDATE: Possible inject of arbitrary data into third-party executables or plug-ins - debian/patches/CVE-2017-12166.patch: Fix an out-of-bounds issue preventing potential stack overflow - CVE-2017-12166 * UPDATE CERTIFICATES: Renew sample keys - debian/patches/sample-keys-renew.patch: Renew sample keys for 10 years Critical TuxCare License Agreement CVE-2017-12166 Ubuntu 16.04 LTS * SECURITY UPDATE: improper verification of key fingerprints in apt_key module - debian/patches/CVE-2016-8614.patch: fix use of long key IDs for delete, check for key_id presence and fix key_id length for verification. Fix reversed order of return values in parse_key_id function - CVE-2016-8614 Important TuxCare License Agreement CVE-2016-8614 Ubuntu 16.04 LTS * SECURITY UPDATE: security vulnerability in logging credentials at DEBUG level - debian/patches/CVE-2019-14846.patch: Fix plugins leaking boto credentials to logs by switching logging level to INFO - CVE-2019-14846 Important TuxCare License Agreement CVE-2019-14846 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-26872 - RDMA/srpt: Do not register event handler until srpt device is fully setup * CVE-url: https://ubuntu.com/security/CVE-2024-53179 - smb: client: fix use-after-free of signing key * CVE-url: https://ubuntu.com/security/CVE-2021-47357 - atm: iphase: fix possible use-after-free in ia_module_exit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2021-47103 - inet: fully convert sk->sk_rx_dst to RCU rules * CVE-url: https://ubuntu.com/security/CVE-2025-21858 - geneve: Fix use-after-free in geneve_find_dev(). * CVE-url: https://ubuntu.com/security/CVE-2024-36921 - wifi: iwlwifi: mvm: guard against invalid STA ID on removal * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49478 - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init * CVE-url: https://ubuntu.com/security/CVE-2023-52621 - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers * CVE-url: https://ubuntu.com/security/CVE-2025-21855 - ibmvnic: Don't reference skb after sending to VIOS * CVE-url: https://ubuntu.com/security/CVE-2021-47110 - x86/kvm: Disable kvmclock on all CPUs on shutdown * CVE-url: https://ubuntu.com/security/CVE-2024-57980 - media: uvcvideo: Fix double free in error path * CVE-url: https://ubuntu.com/security/CVE-2025-21718 - net: rose: fix timer races against user threads * CVE-url: https://ubuntu.com/security/CVE-2025-21735 - NFC: nci: Add bounds checking in nci_hci_create_pipe() * CVE-url: https://ubuntu.com/security/CVE-2023-52805 - jfs: fix array-index-out-of-bounds in diAlloc * CVE-url: https://ubuntu.com/security/CVE-2023-52847 - media: bttv: fix use after free error due to btv->timeout timer * CVE-url: https://ubuntu.com/security/CVE-2024-41014 - xfs: add bounds checking to xlog_recover_process_data * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48702 - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48701 - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-26982 - Squashfs: check the inode number is not the invalid value of zero * CVE-url: https://ubuntu.com/security/CVE-2024-56548 - hfsplus: don't query the device logical block size multiple times * CVE-url: https://ubuntu.com/security/CVE-2024-57850 - jffs2: Prevent rtime decompress memory corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49982 - aoe: fix the potential use-after-free problem in more places * CVE-url: https://ubuntu.com/security/CVE-2025-21687 - vfio/platform: check the bounds of read/write syscalls * CVE-url: https://ubuntu.com/security/CVE-2024-56539 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() * CVE-url: https://ubuntu.com/security/CVE-2024-53680 - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() * CVE-url: https://ubuntu.com/security/CVE-2024-56630 - ocfs2: free inode when ocfs2_get_init_inode() fails * CVE-url: https://ubuntu.com/security/CVE-2024-53184 - um: ubd: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57884 - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() * CVE-url: https://ubuntu.com/security/CVE-2024-56597 - jfs: fix shift-out-of-bounds in dbSplit * CVE-url: https://ubuntu.com/security/CVE-2025-21664 - dm thin: make get_first_thin use rcu-safe list first function * CVE-url: https://ubuntu.com/security/CVE-2024-56594 - drm/amdgpu: set the right AMDGPU sg segment limitation * CVE-url: https://ubuntu.com/security/CVE-2024-52332 - igb: Fix potential invalid memory access in igb_init_module() * CVE-url: https://ubuntu.com/security/CVE-2024-53172 - ubi: fastmap: Fix duplicate slab cache names while attaching * CVE-url: https://ubuntu.com/security/CVE-2024-56532 - ALSA: us122l: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53183 - um: net: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57948 - mac802154: check local interfaces before deleting sdata list * CVE-url: https://ubuntu.com/security/CVE-2024-57904 - iio: adc: at91: call input_free_device() on allocated iio_dev * CVE-url: https://ubuntu.com/security/CVE-2024-56637 - netfilter: ipset: Hold module reference while requesting a module * CVE-url: https://ubuntu.com/security/CVE-2024-53214 - vfio/pci: Properly hide first-in-list PCIe extended capability * CVE-url: https://ubuntu.com/security/CVE-2024-56700 - media: wl128x: Fix atomicity violation in fmc_send_cmd() * CVE-url: https://ubuntu.com/security/CVE-2024-56531 - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53194 - PCI: Fix use-after-free of slot->bus on hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-56619 - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2021-47636 - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49058 - cifs: potential buffer overflow in handling symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-5317 - nfsd: make sure exp active before svc_export_show * CVE-url: https://ubuntu.com/security/CVE-2024-53174 - SUNRPC: make sure cache entry active before cache_show * CVE-url: https://ubuntu.com/security/CVE-2021-47219 - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() * CVE-url: https://ubuntu.com/security/CVE-2024-50269 - usb: musb: sunxi: Fix accessing an released usb phy * CVE-url: https://ubuntu.com/security/CVE-2024-57908 - iio: imu: kmx61: fix information leak in triggered buffer Important TuxCare License Agreement CVE-2025-21858 CVE-2021-47219 CVE-2022-48702 CVE-2024-5317 CVE-2024-53184 CVE-2024-53194 CVE-2021-47103 CVE-2024-53680 CVE-2024-56531 CVE-2024-56637 CVE-2021-47636 CVE-2022-49058 CVE-2025-21718 CVE-2024-56548 CVE-2024-49982 CVE-2024-50269 CVE-2023-52847 CVE-2024-53174 CVE-2024-26872 CVE-2021-47357 CVE-2024-53179 CVE-2024-57948 CVE-2024-56532 CVE-2024-56594 CVE-2024-57904 CVE-2024-56539 CVE-2024-53172 CVE-2024-53183 CVE-2024-41014 CVE-2023-52621 CVE-2024-53214 CVE-2023-52805 CVE-2022-48701 CVE-2024-26982 CVE-2024-57908 CVE-2025-21687 CVE-2024-57884 CVE-2024-56597 CVE-2024-57850 CVE-2025-21735 CVE-2025-21855 CVE-2024-56700 CVE-2022-49478 CVE-2021-47110 CVE-2024-56630 CVE-2024-57980 CVE-2025-21664 CVE-2024-52332 CVE-2024-56619 CVE-2024-36921 Ubuntu 16.04 LTS * SECURITY UPDATE: insufficiently random password generation vulnerability - debian/patches/CVE-2020-10729.patch: Fix issue with caching Jinja2 expressions, only cache results of single variable names - CVE-2020-10729 Important TuxCare License Agreement CVE-2020-10729 CVE-2019-14904 Ubuntu 16.04 LTS * SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594 Low TuxCare License Agreement CVE-2024-5594 Ubuntu 16.04 LTS * SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592 Important TuxCare License Agreement CVE-2024-7592 Ubuntu 16.04 LTS * SECURITY UPDATE: insecure password handling in svn module - debian/patches/CVE-2020-1739.patch: Update subversion module to provide password securely with --password-from-stdin option to prevent leaking in case of outdated svn versions - CVE-2020-1739 Low TuxCare License Agreement CVE-2020-1739 Ubuntu 16.04 LTS * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-23041 - xen/gnttab: fix gnttab_end_foreign_access() without page specified * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49850 - nilfs2: fix deadlock in nilfs_count_free_blocks() * CVE-url: https://ubuntu.com/security/CVE-2024-42305 - ext4: check dot and dotdot of dx_root before making dir indexed * CVE-url: https://ubuntu.com/security/CVE-2024-53168 - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket * CVE-url: https://ubuntu.com/security/CVE-2024-26915 - drm/amdgpu: Add check to prevent IH overflow - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit * CVE-url: https://ubuntu.com/security/CVE-2024-56770 - net/sched: netem: account for backlog updates from child qdisc - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47587 - net: systemport: Add global locking for descriptor lifecycle * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46959 - spi: Fix use-after-free with devm_spi_alloc_* * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-53066 - nfs: Fix KMSAN warning in decode_getfattr_attrs() * CVE-url: https://ubuntu.com/security/CVE-2024-49944 - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start * CVE-url: https://ubuntu.com/security/CVE-2024-50237 - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower * CVE-url: https://ubuntu.com/security/CVE-2024-46780 - nilfs2: protect references to superblock parameters exposed in sysfs * CVE-url: https://ubuntu.com/security/CVE-2024-53063 - media: dvbdev: prevent the risk of out of memory access - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set * CVE-url: https://ubuntu.com/security/CVE-2021-47150 - net: fec: fix the potential memory leak in fec_enet_init() * CVE-url: https://ubuntu.com/security/CVE-2024-53140 - netlink: terminate outstanding dump on socket close * CVE-url: https://ubuntu.com/security/CVE-2025-21971 - net_sched: Prevent creation of classes with TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2023-52572 - cifs: Fix UAF in cifs_demultiplex_thread() * CVE-url: https://ubuntu.com/security/CVE-2025-37785 - ext4: fix OOB read when checking dotdot dir * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47277 - kvm: avoid speculation-based attacks from out-of-range memslot accesses * CVE-url: https://ubuntu.com/security/CVE-2022-49740 - wifi: brcmfmac: Check the count value of channel spec to prevent out-of- bounds reads * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49404 - RDMA/hfi1: Fix potential integer multiplication overflow errors * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2022-49757 - EDAC/highbank: Fix memory leak in highbank_mc_probe() * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49395 - um: Fix out-of-bounds read in LDT setup * CVE-url: https://ubuntu.com/security/CVE-2022-49738 - f2fs: fix to do sanity check on summary info - f2fs: should put a page when checking the summary info - f2fs: fix to do sanity check on i_extra_isize in is_alive() * CVE-url: https://ubuntu.com/security/ - ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules * CVE-url: https://ubuntu.com/security/CVE-2025-21891 - ipvlan: ensure network headers are in skb linear part * CVE-url: https://ubuntu.com/security/CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd * CVE-url: https://ubuntu.com/security/CVE-2025-21957 - scsi: qla1280: Fix kernel oops when debug level > 2 * CVE-url: https://ubuntu.com/security/CVE-2025-21948 - HID: appleir: Fix potential NULL dereference at raw event handle * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52989 - firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52932 - mm/swapfile: add cond_resched() in get_swap_pages() * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2023-53015 - HID: betop: check shape of output reports * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2023-52993 - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL * CVE-url: https://ubuntu.com/security/CVE-2025-21912 - gpio: rcar: Use raw_spinlock to protect register access * CVE-url: https://ubuntu.com/security/CVE-2025-21922 - ppp: Fix KMSAN uninit-value warning with bpf * CVE-url: https://ubuntu.com/security/CVE-2025-21959 - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52988 - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() * CVE-url: https://ubuntu.com/security/CVE-2025-21996 - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() * CVE-url: https://ubuntu.com/security/CVE-2025-21917 - usb: renesas_usbhs: Flush the notify_hotplug_work * CVE-url: https://ubuntu.com/security/CVE-2023-53001 - drm/drm_vma_manager: Add drm_vma_node_allow_once() * CVE-url: https://ubuntu.com/security/CVE-2025-21920 - vlan: enforce underlying device type * CVE-url: https://ubuntu.com/security/CVE-2025-21904 - caif_virtio: fix wrong pointer check in cfv_probe() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47320 - net: caif: added cfserl_release function - net: caif: add proper error handling - net: caif: fix memory leak in caif_device_notify * CVE-url: https://ubuntu.com/security/CVE-2021-47342 - ext4: fix memory leak in ext4_fill_super - ext4: fix timer use-after-free on failed mount * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47320 - nfs: fix acl memory leak of posix_acl_create() * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47602 - mac80211: track only QoS data frames for admission control * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2025-21702 - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 * CVE-url: https://ubuntu.com/security/CVE-2024-56658 - net: defer final 'struct net' free in netns dismantle * CVE-url: https://ubuntu.com/security/CVE-2024-50265 - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46826 - ELF: fix kernel.randomize_va_space double read * CVE-url: https://ubuntu.com/security/CVE-2025-21700 - net: sched: Disallow replacing of child qdisc from one parent to another * CVE-url: https://ubuntu.com/security/CVE-2024-50167 - be2net: fix potential memory leak in be_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-49952 - netfilter: nf_tables: prevent nf_skb_duplicated corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49948 - net: add more sanity checks to qdisc_pkt_len_init() Important TuxCare License Agreement CVE-2021-47277 CVE-2024-56658 CVE-2023-52932 CVE-2024-53063 CVE-2024-53140 CVE-2024-53168 CVE-2025-21948 CVE-2023-52989 CVE-2023-52993 CVE-2025-21904 CVE-2023-52572 CVE-2025-37785 CVE-2024-26915 CVE-2025-21959 CVE-2024-46780 CVE-2024-42305 CVE-2021-47150 CVE-2022-49395 CVE-2025-21957 CVE-2023-53015 CVE-2025-21917 CVE-2024-53066 CVE-2024-50237 CVE-2024-56770 CVE-2022-49740 CVE-2023-53001 CVE-2022-49757 CVE-2025-21969 CVE-2025-21912 CVE-2022-49738 CVE-2025-21891 CVE-2023-52988 CVE-2025-21996 CVE-2025-21971 CVE-2021-46959 CVE-2021-47328 CVE-2025-21920 CVE-2025-21702 CVE-2022-23041 CVE-2025-21700 CVE-2021-47342 CVE-2024-26689 CVE-2024-49944 CVE-2022-49850 Ubuntu 16.04 LTS * SECURITY UPDATE: incomplete tracking of row security allows unauthorized access to data - debian/patches/CVE-2024-10976.patch: Ensure cached plans to be correctly marked as dependent on role to fix the issue of neglected marking which could lead to incorrect row visibility. - CVE-2024-10976 * SECURITY UPDATE: server error message leakage - debian/patches/CVE-2024-10977.patch: Discard error messages received during SSL and GSS negotiation to prevent arbitrary bytes written to the client's terminal - CVE-2024-10977 Moderate TuxCare License Agreement CVE-2024-10977 CVE-2024-10976 Ubuntu 16.04 LTS * SECURITY UPDATE: Externally controlled reference to resources. - debian/patches/CVE-2024-10979.patch: Remove magic property of ENV in ./src/pl/plperl/plc_trusted.pl. Add get_environ to ./src/test/regress/regress.c. - CVE-2024-10979 Important TuxCare License Agreement CVE-2024-10979 CVE-2024-10978 Ubuntu 16.04 LTS * SECURITY UPDATE: sensitive data leakage through User module - debian/patches/CVE-2018-16837.patch: do not pass ssh_key_passphrase on cmdline, fix passphrase being passed on command line - CVE-2018-16837 Critical TuxCare License Agreement CVE-2018-16837 CVE-2016-9587 CVE-2017-7481 Ubuntu 16.04 LTS * SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 * SECURITY UPDATE: Heap buffer under-read in XML schema validation - debian/patches/CVE-2025-32415.patch: Fix heap buffer overflow in xmlSchemaIDCFillNodeTables - CVE-2025-32415 Important TuxCare License Agreement CVE-2025-32414 CVE-2025-32415 Ubuntu 16.04 LTS * SECURITY UPDATE: template Injection Vulnerability - debian/patches/CVE-2021-3583.patch: fix unsafe preservation across newlines to ensure always having unsafe - CVE-2021-3583 Important TuxCare License Agreement CVE-2018-10875 CVE-2021-3583 CVE-2020-1733 CVE-2020-10744 Ubuntu 16.04 LTS * SECURITY UPDATE: password prompt vulnerability from template expansion - debian/patches/CVE-2019-10206.patch: prevent templating of passwords from prompt to avoid special characters triggering it incorrectly - CVE-2019-10206 - debian/patches/CVE-2019-14856.patch: fix incomplete CVE-2019-10206 patch - CVE-2019-14856 Moderate TuxCare License Agreement CVE-2019-10206 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc * CVE-url: https://ubuntu.com/security/CVE-2024-56661 - tipc: fix NULL deref in cleanup_bearer() * CVE-url: https://ubuntu.com/security/CVE-2024-56642 - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). * CVE-url: https://ubuntu.com/security/CVE-2021-47163 - tipc: wait and exit until all work queues are done * Miscellaneous upstream changes - Revert "block: add check that partition length needs to be aligned with block size" Important TuxCare License Agreement CVE-2024-56551 CVE-2024-57896 CVE-2024-56642 CVE-2021-47211 CVE-2024-56661 CVE-2021-47163 Ubuntu 16.04 LTS * Update to 8u452-ga fixing a number of CVEs - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-April/019989.html Important TuxCare License Agreement CVE-2025-30691 CVE-2025-30698 CVE-2025-21587 Ubuntu 16.04 LTS * Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53197 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49909 - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49530 - drm/amd/pm: fix double free in si_parse_power_table() * CVE-url: https://ubuntu.com/security/CVE-2025-39688 - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() * CVE-url: https://ubuntu.com/security/CVE-2024-50106 - nfsd: simplify nfs4_put_deleg_lease calls - nfsd: factor out common delegation-destruction code - nfsd: Fix race to FREE_STATEID and cl_revoked - nfsd: don't call functions with side-effecting inside WARN_ON() - nfsd: remove fault injection code - nfsd: avoid race after unhash_delegation_locked() - nfsd: split sc_status out of sc_type - nfsd: fix race between laundromat and free_stateid * CVE-url: https://ubuntu.com/security/CVE-2024-35937 - wifi: cfg80211: check A-MSDU format more carefully * CVE-url: https://ubuntu.com/security/CVE-2024-49966 - ocfs2: cancel dqi_sync_work before freeing oinfo * CVE-url: https://ubuntu.com/security/CVE-2023-52588 - f2fs: fix to tag gcing flag on page during block migration * CVE-url: https://ubuntu.com/security/CVE-2024-57798 - drm/dp-mst-helper: Remove hotplug callback - drm/dp_mst: Remove huge conditional in drm_dp_mst_handle_up_req() - drm/dp_mst: Refactor drm_dp_mst_handle_up_req() - drm/dp_mst: Rename drm_dp_add_port and drm_dp_update_port - drm/dp_mst: Handle UP requests asynchronously - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() * Miscellaneous Ubuntu changes - [Config] updateconfigs for NFSD_FAULT_INJECTION Important TuxCare License Agreement CVE-2022-49909 CVE-2024-50106 CVE-2025-37937 CVE-2024-35937 CVE-2024-49966 CVE-2023-52588 CVE-2024-57798 CVE-2025-39688 CVE-2024-53197 CVE-2022-49530 Ubuntu 16.04 LTS * SECURITY UPDATE: security vulnerability addressed - debian/patches/CVE-2025-48384.patch: quote values containing CR character to prevent unintended behavior - CVE-2025-48384 Important TuxCare License Agreement CVE-2025-48384 Ubuntu 16.04 LTS * SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794_CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 - CVE-2025-49796 Critical TuxCare License Agreement CVE-2025-49796 CVE-2025-49794 Ubuntu 16.04 LTS * SECURITY UPDATE: unauthorized command execution on remote hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462 Important TuxCare License Agreement CVE-2025-32462 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length * CVE-url: https://ubuntu.com/security/CVE-2024-46771 - can: bcm: Remove proc entry when dev is unregistered. * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49842 - ASoC: core: Fix use-after-free in snd_soc_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47336 - smackfs: restrict bytes count in smk_set_cipso() * CVE-url: https://ubuntu.com/security/CVE-2025-21993 - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() * CVE-url: https://ubuntu.com/security/CVE-2022-49541 - cifs: fix potential double free during failed mount * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Protect the whole snd_timer_close() with open race - ALSA: timer: Follow standard EXPORT_SYMBOL() declarations - ALSA: timer: Limit max instances per timer - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * Bionic update: upstream stable patchset 2020-01-14 (LP: #1859712) // CVE- url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Limit max amount of slave instances * Bionic update: upstream stable patchset 2019-11-13 (LP: #1852492) // CVE- url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: timer: Simplify error path in snd_timer_open() Important TuxCare License Agreement CVE-2024-46771 CVE-2022-49842 CVE-2021-47336 CVE-2021-47352 CVE-2025-21993 CVE-2022-49541 CVE-2021-47281 Ubuntu 16.04 LTS * SECURITY UPDATE: aggregate term exceeding column count vulnerability - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965 Critical TuxCare License Agreement CVE-2025-6965 Ubuntu 16.04 LTS * New microcode update packages from upstream up to 2025-05-12: - New microcodes: sig 0x000a06d1, pf_mask 0x20, 2025-02-07, rev 0xa0000d1, size 1635328 sig 0x000a06d1, pf_mask 0x95, 2025-02-07, rev 0x10003a2, size 1664000 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b06d1, pf_mask 0x80, 2025-03-18, rev 0x011f, size 79872 sig 0x000c0652, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x000606a6, pf_mask 0x87, 2025-01-07, rev 0xd000404, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-01-07, rev 0x10002d0, size 300032 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x000806f4, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f4, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f5, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f5, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f6, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f6, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f7, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f8, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f8, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x00090672, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x00090675, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000906a3, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906a4, pf_mask 0x40, 2024-12-06, rev 0x000a, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2025-02-13, rev 0x0024, size 140288 sig 0x000a06f3, pf_mask 0x01, 2025-02-10, rev 0x3000341, size 1542144 sig 0x000b0671, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06e0, pf_mask 0x19, 2024-12-06, rev 0x001d, size 139264 sig 0x000b06f2, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f5, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f6, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f7, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 sig 0x000c06f2, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 3891 * SECURITY UPDATE: - CVE-2024-28956, INTEL-SA-01153 - CVE-2025-20054, INTEL-SA-01244 - CVE-2025-20103, INTEL-SA-01244 - CVE-2024-43420, INTEL-SA-01247 - CVE-2024-45332, INTEL-SA-01247 - CVE-2025-20623, INTEL-SA-01247 - CVE-2025-20012, INTEL-SA-01322 - CVE-2025-24495, INTEL-SA-01322 Moderate TuxCare License Agreement CVE-2024-28956 CVE-2024-43420 CVE-2025-20054 CVE-2025-20103 CVE-2025-20623 CVE-2025-24495 CVE-2024-45332 CVE-2025-20012 Ubuntu 16.04 LTS * SECURITY UPDATE: potential file creation/truncation when cloning untrusted repository in gitk - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: improve dark mode support, remove hard-coded colors in ttext calls and use colors from the theme for text widgets via Text.Background and Text.Foreground - CVE-2025-27613 * SECURITY UPDATE: security vulnerability allowing arbitrary script execution - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: Fix hard-coded colors in ttext widgets to use theme colors - CVE-2025-27614 * SECURITY UPDATE: security issue with untrusted repository cloning and file editing - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: validate directory names to prevent file overwrite attacks - CVE-2025-46835 Moderate TuxCare License Agreement CVE-2025-46835 CVE-2025-27613 CVE-2025-27614 Ubuntu 16.04 LTS * SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2025-48386.patch: fix buffer overflow in wcsncat() caused by off-by-one error and length not accounted for in wcsncat() calls - CVE-2025-48386 Moderate TuxCare License Agreement CVE-2025-48386 Ubuntu 16.04 LTS * SECURITY UPDATE: Insufficient validation of filenames against control characters in repositories served via mod_dav_svn - debian/patches/CVE-2024-46901.patch: fix mod_dav_svn denial-of-service via control characters in paths Moderate TuxCare License Agreement CVE-2024-46901 Ubuntu 16.04 LTS * OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-July/020263.html Important TuxCare License Agreement CVE-2025-50106 CVE-2025-30754 CVE-2025-30749 CVE-2025-30761 CVE-2025-50059 Ubuntu 16.04 LTS * SECURITY UPDATE: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - debian/patches/CVE-2025-3576: don't issue session keys with deprecated enctypes. Updates tests. - CVE-2025-3576 Moderate TuxCare License Agreement CVE-2025-3576 Ubuntu 16.04 LTS * SECURITY UPDATE: denial of service via sqlite3_db_config argument values - debian/patches/CVE-2025-29088.patch: harden the SQLITE_DBCONFIG_LOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation - CVE-2025-29088 Moderate TuxCare License Agreement CVE-2025-29088 Ubuntu 16.04 LTS * SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2025-26603.patch: Fix heap use-after-free in str_to_reg() - CVE-2025-26603 Moderate TuxCare License Agreement CVE-2025-26603 Ubuntu 16.04 LTS * SECURITY UPDATE: mod_ssl TLS upgrade attack - debian/patches/CVE-2025-49812.patch: remove antiquated 'SSLEngine optional' TLS upgrade in modules/ssl/ssl_engine_config.c, modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h. - CVE-2025-49812 Important TuxCare License Agreement CVE-2025-49812 CVE-2024-47252 Ubuntu 16.04 LTS * SECURITY UPDATE: stack-based buffer overflow via integer overflows in buffer size calculations in xmlBuildQName function - debian/patches/CVE-2025-6021.patch: Fix integer overflow in xmlBuildQName that affects memory safety - CVE-2025-6021 Important TuxCare License Agreement CVE-2025-6021 Ubuntu 16.04 LTS * SECURITY UPDATE: heap-based buffer overflow in copy_section function - debian/patches/CVE-2025-7545.patch: Don't extend output section size beyond input section size to fix section contents from being copied - CVE-2025-7545 Important TuxCare License Agreement CVE-2025-7545 Ubuntu 16.04 LTS * SECURITY UPDATE: misinterpretation of HTTP response headers - debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1217 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1734.patch: adds logic to fail invalid HTTP headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1734 * SECURITY UPDATE: http redirect location truncation - debian/patches/CVE-2025-1861.patch: converts the allocation of location to be on heap instead of stack and errors if the location length is greater than 8086 bytes in ext/standard/http_fopen_wrapper.c - CVE-2025-1861 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1736.patch: updates the http user header check for crlf in ext/standard/http_fopen_wrapper.c - CVE-2025-1736 Critical TuxCare License Agreement CVE-2025-1217 CVE-2025-1861 CVE-2025-1734 CVE-2025-1736 Ubuntu 16.04 LTS * SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574 Critical TuxCare License Agreement CVE-2025-54574 Ubuntu 16.04 LTS * SECURITY UPDATE: heap buffer overflow in InterpretImageFilename function - debian/patches/CVE-2025-53014.patch: Correct out of bounds read of a single byte in InterpretImageFilename function - CVE-2025-53014 Critical TuxCare License Agreement CVE-2025-53014 Ubuntu 16.04 LTS * SECURITY UPDATE: access control bypass by trusted clients via TLS 1.3 session resumption - debian/patches/CVE-2025-23048.patch: update SNI validation to fix compatibility issue - CVE-2025-23048 Important TuxCare License Agreement CVE-2025-23048 Ubuntu 16.04 LTS * SECURITY UPDATE: inadequate validation in pgsql and pdo_pgsql functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdo_pgsql extensions to prevent potential security issues - CVE-2025-1735 Important TuxCare License Agreement CVE-2025-1735 Ubuntu 16.04 LTS * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-34981 - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails * CVE-url: https://ubuntu.com/security/CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling * CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url: https://ubuntu.com/security/CVE-2025-37752 - net_sched: sch_sfq: move the limit validation * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50202 // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: propagate directory read errors from nilfs_find_entry() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: Remove check for PageError - nilfs2: return the mapped address from nilfs_get_page() * CVE-url: https://ubuntu.com/security/CVE-2024-50202 - make ext2_get_page() and friends work without external serialization * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47345 - RDMA/cma: Fix rdma_resolve_route() memory leak * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53131 - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53130 - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() * CVE-url: https://ubuntu.com/security/CVE-2025-21640 - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-57913 - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind * CVE-url: https://ubuntu.com/security/CVE-2025-21638 - sctp: sysctl: auth_enable: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-50195 - posix-clock: Fix missing timespec64 check in pc_clock_settime() * CVE-url: https://ubuntu.com/security/CVE-2024-50299 - sctp: properly validate chunk size in sctp_sf_ootb() * CVE-url: https://ubuntu.com/security/CVE-2024-41016 - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-50287 - media: v4l2-tpg: prevent the risk of a division by zero * CVE-url: https://ubuntu.com/security/CVE-2024-49965 - ocfs2: remove unreasonable unlock in ocfs2_read_blocks * CVE-url: https://ubuntu.com/security/CVE-2024-50179 - ceph: remove the incorrect Fw reference check when dirtying pages * CVE-url: https://ubuntu.com/security/CVE-2024-40953 - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() * CVE-url: https://ubuntu.com/security/CVE-2024-50290 - media: cx24116: prevent overflows on SNR calculus * CVE-url: https://ubuntu.com/security/CVE-2024-49877 - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-50008 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() * CVE-url: https://ubuntu.com/security/CVE-2024-49959 - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error * CVE-url: https://ubuntu.com/security/CVE-2024-49963 - mailbox: bcm2835: Fix timeout during suspend mode * CVE-url: https://ubuntu.com/security/CVE-2024-47709 - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). * CVE-url: https://ubuntu.com/security/CVE-2025-21699 - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag * CVE-url: https://ubuntu.com/security/CVE-2025-21689 - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() * CVE-url: https://ubuntu.com/security/CVE-2024-53101 - fs: Fix uninitialized value issue in from_kuid and from_kgid Important TuxCare License Agreement CVE-2024-50290 CVE-2024-49965 CVE-2024-49877 CVE-2024-47709 CVE-2024-41016 CVE-2024-40953 CVE-2025-37752 CVE-2021-34981 CVE-2025-37797 CVE-2025-37798 CVE-2025-21638 CVE-2024-50195 CVE-2024-50299 CVE-2025-21640 CVE-2024-57913 CVE-2024-50287 CVE-2025-21699 CVE-2025-21689 CVE-2024-53130 CVE-2021-47345 CVE-2024-53131 CVE-2024-57996 CVE-2024-50008 CVE-2024-53101 CVE-2024-50179 CVE-2024-49963 CVE-2024-50202 CVE-2024-49959 Ubuntu 16.04 LTS * SECURITY UPDATE: defect in TarFile module leading to infinite loop and deadlock - debian/patches/CVE-2025-8194.patch: Validate archives to ensure member offsets are non-negative - CVE-2025-8194 Important TuxCare License Agreement CVE-2025-8194 Ubuntu 16.04 LTS * SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630 Important TuxCare License Agreement CVE-2023-30630 Ubuntu 16.04 LTS * SECURITY UPDATE: memory corruption vulnerability in attribute type flags - debian/patches/CVE-2025-7425.patch: fix heap-use-after-free in xmlFreeID caused by `atype` corruption - CVE-2025-7425 Important TuxCare License Agreement CVE-2025-7425 Ubuntu 16.04 LTS * SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix InterpretImageFilename function by adjusting the offset to prevent potential buffer overflow - CVE-2025-53101 Critical TuxCare License Agreement CVE-2025-53101 Ubuntu 16.04 LTS * SECURITY UPDATE: out-of-bounds read in sftp_handle function - debian/patches/CVE-2025-5318.patch: fix possible buffer overrun issue in sftpserver.c by changing conditional from val > SFTP_HANDLES to val >= SFTP_HANDLES - CVE-2025-5318 Important TuxCare License Agreement CVE-2025-5318 Ubuntu 16.04 LTS * SECURITY UPDATE: heap out-of-bounds write in BlobStream (WriteBlob) - debian/patches/CVE-2025-57807.patch: enforce extent ≥ offset + length when forward-seeking before writes in MagickCore/blob.c - CVE-2025-57807 Critical TuxCare License Agreement CVE-2025-57807 Ubuntu 16.04 LTS * SECURITY UPDATE: disable kpasswd port to mitigate vulnerabilities - debian/patches/CVE-2022-2031_CVE-2022-32744.patch: add kpasswd port = 0 to disable kpasswd service as a workaround for CVE-2022-32744 and CVE-2022-2031 - kpasswd is not a critical protocol for AD DC in most installations - CVE-2022-32744, CVE-2022-2031 Important TuxCare License Agreement CVE-2022-2031 CVE-2022-32744 Ubuntu 16.04 LTS * SECURITY UPDATE: double-free when exporting SAN otherName - debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries. - CVE-2025-32988 * SECURITY UPDATE: 1-byte heap write in certtool template parsing - debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused by malformed certificate template input in certtool. - CVE-2025-32990 Important TuxCare License Agreement CVE-2025-32988 CVE-2025-32990 Ubuntu 16.04 LTS * SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2025-58060.patch: block authentication using alternate method in scheduler/auth.c - CVE-2025-58060 Important TuxCare License Agreement CVE-2025-58060 Ubuntu 16.04 LTS * SECURITY UPDATE: memory leak when specifying multiple %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019 Important TuxCare License Agreement CVE-2025-53019 Ubuntu 16.04 LTS * SECURITY UPDATE: IPP extension tag parsing vulnerability - debian/patches/CVE-2025-58364.patch: fix handling of extension tag in ipp_read_io() - CVE-2025-58364 Moderate TuxCare License Agreement CVE-2025-58364 Ubuntu 16.04 LTS * SECURITY UPDATE: geometry string with only ":" triggers crash leading to denial of service - debian/patches/CVE-2025-55212.patch: Fix invalid width and height checks in ThumbnailImage by adding MagickSafeReciprocal method - CVE-2025-55212 Important TuxCare License Agreement CVE-2025-55212 Ubuntu 16.04 LTS * SECURITY UPDATE: fix privilege escalation in pam_namespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020 Important TuxCare License Agreement CVE-2025-6020 Ubuntu 16.04 LTS * SECURITY UPDATE: fix NULL pointer dereference in SOAP with huge QName - debian/patches/CVE-2025-6491.patch: Add safeguard in ext/soap/soap.c to handle invalid XML node names produced by libxml2 with extremely large namespace prefixes - CVE-2025-6491 Moderate TuxCare License Agreement CVE-2025-6491 Ubuntu 16.04 LTS * SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714-*.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows and resource exhaustion - CVE-2025-9714 Moderate TuxCare License Agreement CVE-2025-9714 Ubuntu 16.04 LTS * SECURITY UPDATE: heap-based buffer overflow in function _bfd_elf_gc_mark_rsec - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the sym_hashes array of the elf bfd cookie structure - CVE-2025-1176 Moderate TuxCare License Agreement CVE-2025-1176 Ubuntu 16.04 LTS * SECURITY UPDATE: 32-bit integer overflow in BMP encoder allows attacker- controlled heap corruption - debian/patches/CVE-2025-57803.patch: Fix buffer overflow issue in BMP decoder caused by insufficient memory allocation - CVE-2025-57803 Important TuxCare License Agreement CVE-2025-55154 CVE-2025-55298 CVE-2025-57803 Ubuntu 16.04 LTS * SECURITY UPDATE: improper handling of association groups can lead to use- after-free vulnerability - debian/patches/CVE-2021-3738.patch: Fix routines for preparing service before handling CVE-2021-3738 - debian/patches/CVE-2021-3738-1.patch: Fix DsBindAssocGroupAdmin to use admin credentials for DsBind - CVE-2021-3738 Important TuxCare License Agreement CVE-2021-3738 Ubuntu 16.04 LTS * CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47149 - net: fujitsu: fix potential null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47319 - virtio-blk: Fix memory leak among suspend/resume procedure * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48737 - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47633 - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47475 - comedi: vmk80xx: fix transfer-buffer overflows - comedi: vmk80xx: fix bulk-buffer overflow - comedi: vmk80xx: fix bulk and interrupt message timeouts * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-47497 - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49407 - dlm: fix plock invalid read * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-21704 - cdc-acm: reassemble fragmented notifications * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_drr: make drr_qlen_notify() idempotent - sch_htb: make htb_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_qfq: make qfq_qlen_notify() idempotent Important TuxCare License Agreement CVE-2021-47633 CVE-2022-49407 CVE-2023-52835 CVE-2021-47391 CVE-2022-48737 CVE-2021-47149 CVE-2024-41069 CVE-2021-47475 CVE-2023-52868 CVE-2022-48827 CVE-2024-56616 CVE-2022-49292 CVE-2025-21704 CVE-2024-35966 CVE-2023-52764 CVE-2025-37798 CVE-2021-47319 CVE-2021-47497 CVE-2024-35965 CVE-2025-21796 CVE-2025-38618 CVE-2025-38617 CVE-2024-35849 CVE-2024-49924 Ubuntu 16.04 LTS * SECURITY UPDATE: memory corruption in bfd_set_format function - debian/patches/CVE-2025-1153.patch: Fix heap/memory corruption in bfd_set_format of format.c - CVE-2025-1153 Moderate TuxCare License Agreement CVE-2025-1153 Ubuntu 16.04 LTS * SECURITY UPDATE: segmentation fault in silent Ex mode due to scrolling function vulnerability - debian/patches/CVE-2025-24014.patch: Fix segfault in win_line() by checking that ScreenLines is not NULL in gui_do_scroll() - CVE-2025-24014 Moderate TuxCare License Agreement CVE-2025-24014 Ubuntu 16.04 LTS * SECURITY UPDATE: information disclosure in error handling - debian/patches/CVE-2025-62168.patch: Fix bug where proxy auth data was visible to scripts by redacting credentials from error page code expansion output and email links - CVE-2025-62168 Important TuxCare License Agreement CVE-2025-62168 Ubuntu 16.04 LTS * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2023-52804 - fs: jfs: fix shift-out-of-bounds in dbAllocAG * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47153 - i2c: i801: Don't generate an interrupt on bus reset * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48757 - net: fix information leakage in /proc/net/ptype * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48760 - USB: core: Fix hang in usb_kill_urb by adding memory barriers * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47383 - tty: Fix out-of-bound vmalloc access in imageblit * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49145 - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997) // CVE- url: https://ubuntu.com/security/CVE-2021-47458 - ocfs2: mount fails with buffer overflow in strlen * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47477 - comedi: dt9812: fix DMA buffers on stack * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47642 - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47565 - scsi: mpt3sas: Fix kernel panic during drive powercycle test * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47566 - proc/vmcore: fix clearing user buffer by properly using clear_user() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - net: ppp: Add bound checking for skb data on ppp_sync_txmung - wifi: at76c50x: fix use after free access in at76_disconnect Important TuxCare License Agreement CVE-2022-48760 CVE-2021-47566 CVE-2022-49170 CVE-2024-41042 CVE-2022-49519 CVE-2023-52804 CVE-2025-22079 CVE-2024-58014 CVE-2025-21772 CVE-2025-38352 CVE-2024-36880 CVE-2024-37078 CVE-2025-38477 CVE-2021-47565 CVE-2021-47642 CVE-2021-47477 CVE-2021-47479 CVE-2021-47458 CVE-2024-46713 CVE-2022-49145 CVE-2021-47383 CVE-2022-48757 CVE-2021-47153 CVE-2024-39469 CVE-2022-25265 Ubuntu 16.04 LTS * SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to fix issue on 32-bit systems - CVE-2025-62171 Important TuxCare License Agreement CVE-2025-62171 Ubuntu 16.04 LTS * SECURITY UPDATE: insecure regex patterns for interpreter detection - debian/patches/CVE-2022-30688.patch: prevent local privilege escalation by anchoring interpreter regex patterns - CVE-2022-30688 Important TuxCare License Agreement CVE-2022-30688 Ubuntu 16.04 LTS * SECURITY UPDATE: remove abort call in debug format printing code - debian/patches/CVE-2025-11839.patch: remove call to abort in the debug format printing code, allowing display of fuzzed input files to complete without triggering an abort - CVE-2025-11839 * SECURITY UPDATE: fix SEGV in vfinfo - debian/patches/CVE-2025-11840.patch: prevent segmentation fault by checking for NULL name in reloc howto structure in coff_slurp_reloc_table - CVE-2025-11840 Moderate TuxCare License Agreement CVE-2025-11840 CVE-2025-11839 Ubuntu 16.04 LTS * OpenJDK 8u472 release - CVE-2025-53057: fix unauthorized remote data-modification - CVE-2025-53066: fix unauthorized remote data access - CVE-2025-61748: fix limited remote unauthorized data modification - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-October/thread.html Moderate TuxCare License Agreement CVE-2025-53066 CVE-2025-53057 Ubuntu 16.04 LTS * SECURITY UPDATE: debug_information memory leak in process_debug_info - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking alloc_num_debug_info_entries instead of num_debug_info_entries to determine whether debug_information has been allocated - CVE-2025-8225 Low TuxCare License Agreement CVE-2025-8225 Ubuntu 16.04 LTS * SECURITY UPDATE: Heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HT_MAX_SIZE before allocation. - CVE-2025-14178 Low TuxCare License Agreement CVE-2025-14178 Ubuntu 16.04 LTS * SECURITY UPDATE: Heap-based buffer overflow in elf_swap_shdr function - debian/patches/CVE-2025-11083.patch: Avoid a linker crash by rejecting corrupt section headers in linker input files. Changed elf_swap_shdr_in to return bfd_boolean and validate section sizes against file size to detect and reject corrupt headers - CVE-2025-11083 Important TuxCare License Agreement CVE-2025-11083 Ubuntu 16.04 LTS * SECURITY UPDATE: Possible DoS attack caused by a slow client communication - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client - CVE-2025-58436 Moderate TuxCare License Agreement CVE-2025-58436 Ubuntu 16.04 LTS * SECURITY UPDATE: Carriage Return characters in credential protocol - debian/patches/CVE-2024-52006.patch: fix to disallow Carriage Return characters in the credential protocol by default to prevent vulnerabilities when credential helpers interpret bare Carriage Returns as newlines - CVE-2024-52006 Important TuxCare License Agreement CVE-2024-52006 Ubuntu 16.04 LTS * SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: Fix faulty double increment in armor_filter function. - CVE-2025-68973 Important TuxCare License Agreement CVE-2025-68973 Ubuntu 16.04 LTS * SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode <host>[:<port>] in credential_format(), sanitize the user prompt - CVE-2024-50349 Moderate TuxCare License Agreement CVE-2024-50349 Ubuntu 16.04 LTS * SECURITY UPDATE: DoS by providing specially crafted PKCS#7 data for signature verification - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use - CVE-2026-22796 Moderate TuxCare License Agreement CVE-2026-22796 Ubuntu 16.04 LTS * SECURITY UPDATE: XML_ExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference (CWE-476) from external entities that declare use of an unknown encoding. The expected impact is denial of service. - debian/patches/CVE-2026-24515.patch: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515 Low TuxCare License Agreement CVE-2026-24515 Ubuntu 16.04 LTS * SECURITY UPDATE: out of bounds write vulnerability in XBM decoder - debian/patches/CVE-2026-23876.patch: add overflow checks to prevent out of bounds write in coders/xbm.c - CVE-2026-23876 Critical TuxCare License Agreement CVE-2026-23876 Ubuntu 16.04 LTS * SECURITY UPDATE: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference - debian/patches/CVE-2025-69421.patch: Check oct argument for NULL - CVE-2025-69421 Important TuxCare License Agreement CVE-2025-69421 Ubuntu 16.04 LTS * SECURITY UPDATE: Possible memory corruption in the armor parser - debian/patches/CVE-2025-68973.patch: fix faulty double increment - CVE-2025-68973 Important TuxCare License Agreement CVE-2025-68973 Ubuntu 16.04 LTS * SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 * SECURITY UPDATE: WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow and trigger a DoS attack - debian/patches/CVE-2025-69204.patch: fix DOS due to integer overflow during image processing of a specially crafted SVG image - CVE-2025-69204 Important TuxCare License Agreement CVE-2025-69204 CVE-2025-68618 Ubuntu 16.04 LTS * SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366 Important TuxCare License Agreement CVE-2025-15366 Ubuntu 16.04 LTS * SECURITY UPDATE: defect in poplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15367.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15367 Important TuxCare License Agreement CVE-2025-15367 Ubuntu 16.04 LTS * OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html * d/p/hotspot-libpath-*.diff: Refresh patches. * d/p/uabs-*.diff: Drop patches applied upstream. Important TuxCare License Agreement CVE-2026-21925 CVE-2026-21933 CVE-2026-21945 CVE-2026-21932 Ubuntu 16.04 LTS * SECURITY UPDATE: Buffer underflow in GVariant parser leads to heap corruption - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflows in GVariant text format parser when processing input longer than INT_MAX - CVE-2025-14087 * SECURITY UPDATE: Integer overflow in escape_byte_string() leads to heap buffer overflow - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflow in escape_byte_string() for byte strings with many invalid characters - CVE-2025-14512 Critical TuxCare License Agreement CVE-2025-14512 CVE-2025-13601 CVE-2025-14087 Ubuntu 16.04 LTS * SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 * SECURITY UPDATE: out-of-bounds heap write on 32-bit systems - debian/patches/CVE-2026-25897.patch: Add size-calculating heap overflow sanity check and validate row padding addition to prevent out-of-bounds heap write on 32-bit systems caused by integer overflow in pixel buffer length computation. - CVE-2026-25897 Critical TuxCare License Agreement CVE-2026-25897 CVE-2026-26284 Ubuntu 16.04 LTS * SECURITY UPDATE: Buffer overflow in netbeans special_keys() handling - debian/patches/CVE-2026-26269.patch: limit writing to max KEYBUFLEN bytes - CVE-2026-26269 Important TuxCare License Agreement CVE-2026-26269 Ubuntu 16.04 LTS * SECURITY UPDATE: command injection via improper NetBIOS name validation in shell hook handling (CVE) - debian/patches/CVE-2025-10230-1.patch: Validate NetBIOS names before passing them to hook shell command, rejecting characters outside alphanumeric, dot, underscore, or hyphen. Prevent command injection caused by untrusted names containing shell metacharacters. - debian/patches/CVE-2025-10230-2.patch: Add selftest verifying WINS hook skip invocation for registered names containing shell metacharacters; issue stem from unsafe name handling allowing hook execution with untrusted, potentially command-injecting name strings. - CVE-2025-10230 Critical TuxCare License Agreement CVE-2025-10230 Ubuntu 16.04 LTS * SECURITY UPDATE: denial-of-service via division-by-zero in image loading - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing incorrect AND with OR in horizontal/vertical axis checks and prevent acceptance of invalid sampling caused by flawed boolean logic. - CVE-2026-25799 * SECURITY UPDATE: Null pointer dereference in ClonePixelCacheRepository resulting in denial-of-service - debian/patches/CVE-2026-25798.patch: Add overflow sanity check in OpenPixelCache and reset cache storage class and length before throwing on allocation failure - CVE-2026-25798 * SECURITY UPDATE: memory leak in ReadSTEGANOImage that can be exploited for denial-of-service - debian/patches/CVE-2026-25796.patch: free watermark object on three early-return paths - CVE-2026-25796 * SECURITY UPDATE: a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT` - debian/patches/CVE-2026-26066.patch: replace `c=0` with `c=ReadBlobByte(ifile)` in formatIPTC so the loop advances past an unrecognised tag instead of spinning forever - CVE-2026-26066 Important TuxCare License Agreement CVE-2026-25799 CVE-2026-25796 CVE-2026-25798 CVE-2026-26066 Ubuntu 16.04 LTS * SECURITY UPDATE: nULL pointer dereference and crash during image read when temporary file creation fails - debian/patches/CVE-2026-25795.patch: Destroy read_info after copying filename and avoid NULL pointer dereference in ReadSFWImage; cause: incorrect order of operations when temporary file creation fails. - CVE-2026-25795 Important TuxCare License Agreement CVE-2026-25795 Ubuntu 16.04 LTS * SECURITY UPDATE: heap information disclosure in PSD handler - debian/patches/CVE-2026-24481.patch: zero-initialize pixel buffer in ReadPSDChannelZip to prevent heap info leak when ZIP-compressed layer data decompresses to fewer bytes than expected - CVE-2026-24481 Low TuxCare License Agreement CVE-2026-24481 Ubuntu 16.04 LTS * SECURITY UPDATE: remote out-of-bounds read in SFTP extension name handler - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read from sftp extensions; correct index comparison from '>' to '>=' and prevent access past extension count. - CVE-2026-3731 Important TuxCare License Agreement CVE-2026-3731 Ubuntu 16.04 LTS * SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210 Important TuxCare License Agreement CVE-2026-25210 Ubuntu 16.04 LTS * SECURITY UPDATE: global buffer overflow read via negative pixel index in UIL and XPM image encoders - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898 Critical TuxCare License Agreement CVE-2026-25986 CVE-2026-25987 CVE-2026-25898 Ubuntu 16.04 LTS * SECURITY UPDATE: stack buffer overflow in msl.c (attribute handling), path traversal bypass of security policy, XSS in HTML coder output, and MSL attribute overflow - debian/patches/CVE-2026-25797_CVE-2026-25965_CVE-2026-25968_CVE-2026-25982.patch: Fix memory leaks, stack overflows, integer overflows and out‑of‑bounds reads; add bounds checks, validate DCM entry sizes, sanitize PostScript filenames, canonicalize paths and free resources; escape user-controlled strings written as raw HTML in the HTML coder; cause was unsafe header and filename parsing, incorrect assumptions about byte counts, path resolution, unnormalized path matching allowing policy bypass, and unescaped HTML output enabling cross-site scripting. - CVE-2026-25797 - CVE-2026-25965 - CVE-2026-25968 - CVE-2026-25982 * SECURITY UPDATE: null pointer dereference in msl.c (repage/roll handlers) - debian/patches/CVE-2026-25983.patch: move image null‑checks before accessing image attributes in the repage and roll MSL tag handlers; cause was dereferencing the image pointer for page geometry and dimensions before verifying the image was defined. - CVE-2026-25983 * SECURITY UPDATE: infinite recursion via crafted MSL/SVG/MVG files - debian/patches/CVE-2026-25971.patch: add global Splay tree guards in MSL and SVG coders to detect and reject recursive image references; block dangerous protocols (ftp, http, mvg, vid) in DrawPrimitive; cause was unbounded recursion through nested image reads. - CVE-2026-25971 * SECURITY UPDATE: null pointer dereference in msl.c (comment/label handlers) - debian/patches/CVE-2026-23952.patch: add image null-checks before accessing image properties in the comment and label MSL end-element handlers; cause was dereferencing the image pointer for DeleteImageProperty before verifying the image was defined. - CVE-2026-23952 * SECURITY UPDATE: MSLPushImage return value not captured - debian/patches/CVE-2026-25988.patch: change MSLPushImage to return the new image index and capture the return value in the MSL image tag handler; cause was the local index variable not being updated after pushing a new image onto the stack. - CVE-2026-25988 Critical TuxCare License Agreement CVE-2026-25968 CVE-2026-23952 CVE-2026-25971 CVE-2026-25797 CVE-2026-25988 CVE-2026-25983 CVE-2026-25965 CVE-2026-25982 Ubuntu 16.04 LTS * SECURITY UPDATE: Heap buffer overflow in helpfile option handling - debian/patches/CVE-2026-25749.patch: use vim_strncpy with MAXPATHL bound instead of unbounded STRCPY in get_tagfname() - CVE-2026-25749 Important TuxCare License Agreement CVE-2026-28417 CVE-2026-25749 CVE-2026-28421 Ubuntu 16.04 LTS * SECURITY UPDATE: heap overflow in PNG encoder from large profile - debian/patches/CVE-2026-30883.patch: add overflow check in Magick_png_write_raw_profile to reject profiles with length that would overflow allocated_length arithmetic - CVE-2026-30883 Important TuxCare License Agreement CVE-2026-30883 Ubuntu 16.04 LTS * SECURITY UPDATE: memory corruption and denial-of-service via malicious SIXEL images - debian/patches/CVE-2026-25970.patch: Correct misspelled position variables and adjust variable types; fix out-of-bounds write caused by incorrect bounds checks and signed/unsigned type misuse. - CVE-2026-25970 Important TuxCare License Agreement CVE-2026-25970 Ubuntu 16.04 LTS * SECURITY UPDATE: denial-of-service from nested multi-layer MVG-to-SVG conversions - debian/patches/CVE-2026-24484.patch: Throw VectorGraphicsNestedTooDeeply when vector-graphics nesting reaches MagickMaxRecursionDepth; fix crashes caused by unbounded nesting of graphic-context elements. - debian/patches/CVE-2026-24484-1.patch: Add recursion-depth check and throw exception for excessively nested vector graphics; mitigate crash/resource exhaustion caused by missing bounds check allowing unbounded nesting. - CVE-2026-24484 Moderate TuxCare License Agreement CVE-2026-24484 Ubuntu 16.04 LTS * SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738_escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 * SECURITY UPDATE: denial of service via use-after-free in ICP request handling - debian/patches/CVE-2026-32748.patch: return HttpRequestPointer and move icpAccessAllowed into icpGetRequest to fix HttpRequest lifetime for ICP v3 queries - CVE-2026-32748 Important TuxCare License Agreement CVE-2026-33526 CVE-2026-32748 Ubuntu 16.04 LTS * CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743} * CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number {CVE-2025-39685} * CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-38713} * CVE-2025-38699 - scsi: bfa: Double-free fix {CVE-2025-38699} * CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697} * CVE-2025-38680 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} * CVE-2025-38677 - f2fs: fix to avoid out-of-boundary access in dnode page {CVE-2025-38677} * CVE-2025-38572 - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} * CVE-2025-38538 - dmaengine: nbpfaxi: Fix memory corruption in probe() {CVE-2025-38538} * CVE-2025-38530 - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530} * CVE-2025-38529 - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529} * CVE-2025-38494 - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} * CVE-2025-38482 - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482} * CVE-2025-38428 - Input: ims-pcu - check record size in ims_pcu_flash_firmware() {CVE-2025-38428} * CVE-2025-38416 - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416} * CVE-2025-38415 - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} * CVE-2025-38403 - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} * CVE-2025-38286 - pinctrl: at91: Fix possible out-of-boundary access {CVE-2025-38286} * CVE-2025-38245 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} * CVE-2025-38212 - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} * CVE-2025-38204 - jfs: fix array-index-out-of-bounds read in add_missing_indices {CVE-2025-38204} * CVE-2025-38157 - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} * CVE-2025-38079 - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} * CVE-2025-38051 - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} * CVE-2023-53676 - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() {CVE-2023-53676} * CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} * CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668} * CVE-2023-53622 - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} * CVE-2023-53616 - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount {CVE-2023-53616} * CVE-2023-53608 - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() {CVE-2023-53608} * CVE-2023-53587 - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} * CVE-2023-53569 - ext2: Check block size validity during mount {CVE-2023-53569} * CVE-2023-53559 - ip_vti: fix potential slab-use-after-free in decode_session6 {CVE-2023-53559} * CVE-2023-53541 - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write {CVE-2023-53541} * CVE-2023-53521 - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} * CVE-2023-53506 - udf: Do not bother merging very long extents {CVE-2023-53506} * CVE-2023-53485 - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev {CVE-2023-53485} * CVE-2023-53484 - lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484} * CVE-2023-53454 - HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454} * CVE-2023-53322 - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} * CVE-2023-53311 - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput {CVE-2023-53311} * CVE-2023-53259 - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} * CVE-2023-53219 - media: netup_unidvb: fix use-after-free at del_timer() {CVE-2023-53219} * CVE-2023-53138 - net: caif: Fix use-after-free in cfusbl_device_notify() {CVE-2023-53138} * CVE-2023-53075 - ftrace: Fix invalid address access in lookup_rec() when index is 0 {CVE-2023-53075} * CVE-2023-53035 - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() {CVE-2023-53035} * CVE-2022-50542 - media: si470x: Fix use-after-free in si470x_int_in_callback() {CVE-2022-50542} * CVE-2022-50496 - dm cache: Fix UAF in destroy() {CVE-2022-50496} * CVE-2022-50478 - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() {CVE-2022-50478} * CVE-2022-50470 - xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470} * CVE-2022-50432 - kernfs: fix use-after-free in __kernfs_remove {CVE-2022-50432} * CVE-2022-50423 - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() {CVE-2022-50423} * CVE-2022-50419 - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419} * CVE-2022-50411 - ACPICA: Fix error code path in acpi_ds_call_control_method() {CVE-2022-50411} * CVE-2022-50394 - i2c: ismt: Fix an out-of-bounds bug in ismt_access() {CVE-2022-50394} * CVE-2022-50384 - staging: vme_user: Fix possible UAF in tsi148_dma_list_add {CVE-2022-50384} * CVE-2022-50333 - fs: jfs: fix shift-out-of-bounds in dbDiscardAG {CVE-2022-50333} * CVE-2022-50301 - iommu/omap: Fix buffer overflow in debugfs {CVE-2022-50301} * CVE-2022-50094 - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions {CVE-2022-50094} * CVE-2022-50022 - drivers:md:fix a potential use-after-free bug {CVE-2022-50022} * CVE-2022-49945 - hwmon: (gpio-fan) Fix array out of bounds access {CVE-2022-49945} * CVE-2022-49865 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865} * CVE-2022-49775 - tcp: cdg: allow tcp_cdg_release() to be called multiple times {CVE-2022-49775} * CVE-2022-49581 - be2net: Fix buffer overflow in be_get_module_eeprom {CVE-2022-49581} * CVE-2022-49503 - ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix {CVE-2022-49503} * CVE-2021-47142 - drm/amdgpu: Fix a use-after-free {CVE-2021-47142} * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class * Focal update: v5.4.255 upstream stable release (LP: #2039440) - Bluetooth: L2CAP: Fix use-after-free * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) - Bluetooth: L2CAP: Fix user-after-free - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() * Focal update: v5.4.253 upstream stable release (LP: #2038652) - ip6mr: Fix skb_under_panic in ip6mr_cache_report() * Focal update: v5.4.224 upstream stable release (LP: #1999273) - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) - vt: Clear selection before changing the font * Focal update: v5.4.237 upstream stable release (LP: #2023420) - fs: prevent out-of-bounds array speculation when closing a file descriptor * Focal update: v5.4.231 upstream stable release (LP: #2011226) - netlink: prevent potential spectre v1 gadgets * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ALSA: bcd2000: Fix a UAF bug on the error path of probing - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - md-raid10: fix KASAN warning - selinux: Add boundary check in put_entry() - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) - igb: Do not free q_vector unless new one was allocated * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - net: mdio: fix undefined behavior in bit shift for __mdiobus_register * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Focal update: v5.4.225 upstream stable release (LP: #2002347) - ntfs: fix use-after-free in ntfs_attr_find() * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() * Miscellaneous upstream changes - debian: add control and changelog files - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint - f2fs: return error when accessing insane flie offset - f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks - f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() - usb: vhci-hcd: Do not drop references before new references are gained - tracing: Fix oob write in trace_seq_to_buffer() - mtd: inftlcore: Add error check for inftl_read_oob() - jbd2: remove wrong sb->s_sequence check - usb: dwc3: gadget: check that event count does not exceed event buffer length - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control - Bluetooth: hci_core: Fix use-after-free in vhci_flush() - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" - scsi: target: Fix WRITE_SAME No Data Buffer crash - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too - HID: core: Harden s32ton() against conversion to 0 bits - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - wifi: mac80211_hwsim: drop short frames - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write Important TuxCare License Agreement CVE-2022-50097 CVE-2025-38572 CVE-2023-53117 CVE-2022-49581 CVE-2022-50419 CVE-2022-49945 CVE-2023-53454 CVE-2023-53622 CVE-2022-49948 CVE-2022-50411 CVE-2023-53322 CVE-2023-53035 CVE-2025-38538 CVE-2022-49907 CVE-2023-53000 CVE-2023-53321 CVE-2022-50094 CVE-2023-53219 CVE-2025-38415 CVE-2025-38079 CVE-2025-39743 CVE-2022-50301 CVE-2022-50211 CVE-2025-38713 CVE-2022-50470 CVE-2023-53282 CVE-2025-37839 CVE-2022-50384 CVE-2022-50542 CVE-2025-38286 CVE-2022-50496 CVE-2025-38051 CVE-2025-37823 CVE-2022-50099 CVE-2025-39685 CVE-2022-49865 CVE-2023-53569 CVE-2023-53138 CVE-2024-43883 CVE-2022-50185 CVE-2023-53145 CVE-2025-37882 CVE-2022-50022 CVE-2022-50333 CVE-2022-50423 CVE-2025-38529 CVE-2023-53365 CVE-2023-53559 CVE-2022-50408 CVE-2025-38697 CVE-2025-38157 CVE-2025-37892 CVE-2022-50478 CVE-2023-53608 CVE-2022-49870 CVE-2022-50200 CVE-2022-50252 CVE-2025-37923 CVE-2021-47142 CVE-2025-38494 CVE-2025-38403 CVE-2025-38699 CVE-2022-50432 CVE-2023-53616 CVE-2025-38428 CVE-2023-53521 CVE-2025-38482 CVE-2023-53484 CVE-2023-53075 CVE-2025-38245 CVE-2025-38680 CVE-2025-38530 CVE-2025-38677 CVE-2025-38204 CVE-2022-49503 CVE-2022-50422 CVE-2023-53587 CVE-2022-49763 CVE-2023-53395 CVE-2022-50394 CVE-2023-53311 CVE-2023-53675 CVE-2023-53676 CVE-2022-50101 CVE-2023-53668 CVE-2023-53259 CVE-2023-53305 CVE-2025-38250 CVE-2022-21546 CVE-2022-50386 CVE-2025-38556 CVE-2022-49775 CVE-2023-53541 CVE-2023-53506 CVE-2025-37810 CVE-2025-38416 CVE-2022-50258 CVE-2022-49917 CVE-2025-22083 CVE-2023-53485 CVE-2025-37739 CVE-2025-38212 CVE-2022-50229 Ubuntu 16.04 LTS * SECURITY UPDATE: fix heap buffer overflow in _bfd_elf_parse_eh_frame - debian/patches/CVE-2025-11082.patch: fix heap buffer overflow in _bfd_elf_parse_eh_frame - CVE-2025-11082 * SECURITY UPDATE: fix NULL deref in elf_gc_sweep with empty groups - debian/patches/CVE-2025-5244.patch: fix NULL deref in elf_gc_sweep with empty groups - CVE-2025-5244 * SECURITY UPDATE: fix SEGV in debug_type_samep - debian/patches/CVE-2025-5245.patch: fix SEGV in debug_type_samep - CVE-2025-5245 * SECURITY UPDATE: fix out-of-bounds reads in xcoff_link_add_symbols - debian/patches/CVE-2026-3441.patch: properly bounds check XTY_LD x_scnlen index and sanity check r_symndx before using it to index sym hashes in xcoff_link_add_symbols - CVE-2026-3441 - CVE-2026-3442 Important TuxCare License Agreement CVE-2026-3442 CVE-2025-11082 CVE-2025-5244 CVE-2026-3441 CVE-2025-5245 Ubuntu 16.04 LTS * SECURITY UPDATE: heap read past bounds in sftp_parse_longname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longname_field; bound string walks at NUL; fail if field not found - CVE-2026-0968 Low TuxCare License Agreement CVE-2026-0968 /etc/els-release Ubuntu 16\.04 LTS \(Final, ELS by CloudLinux\) 1 expat libexpat1 libexpat1-dev bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 lemon libsqlite3-0 libsqlite3-dev libsqlite3-tcl sqlite3 sqlite3-doc squid squid-cgi squid-common squid-purge squid3 squidclient vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny sosreport binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 expat libexpat1 libexpat1-dev libxml2 libxml2-dev libxml2-doc libxml2-utils python-libxml2 curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev mongodb mongodb-clients mongodb-server libperl-dev libperl5.22 perl perl-base perl-debug perl-doc perl-modules-5.22 lemon libsqlite3-0 libsqlite3-dev libsqlite3-tcl sqlite3 sqlite3-doc nginx nginx-common nginx-core nginx-doc nginx-extras nginx-full nginx-light libmysqlclient-dev libmysqlclient20 libmysqld-dev mysql-client mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server mysql-server-5.7 mysql-server-core-5.7 mysql-source-5.7 mysql-testsuite mysql-testsuite-5.7 idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal dbus dbus-1-doc dbus-tests dbus-user-session dbus-x11 libdbus-1-3 libdbus-1-dev idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv isc-dhcp-client isc-dhcp-client-ddns isc-dhcp-common isc-dhcp-dev isc-dhcp-relay isc-dhcp-server isc-dhcp-server-ldap xterm openjdk-8-demo openjdk-8-doc openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless openjdk-8-jre-jamvm openjdk-8-jre-zero openjdk-8-source vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny login passwd uidmap linux-buildinfo-4.4.0-236-tuxcare.els7-generic linux-buildinfo-4.4.0-236-tuxcare.els7-lowlatency linux-cloud-tools-4.4.0-236-tuxcare.els7 linux-cloud-tools-4.4.0-236-tuxcare.els7-generic linux-cloud-tools-4.4.0-236-tuxcare.els7-lowlatency linux-cloud-tools-common linux-cloud-tools-generic linux-cloud-tools-lowlatency linux-crashdump linux-doc linux-generic linux-headers-4.4.0-236-tuxcare.els7 linux-headers-4.4.0-236-tuxcare.els7-generic linux-headers-4.4.0-236-tuxcare.els7-lowlatency linux-headers-generic linux-headers-lowlatency linux-image-generic linux-image-lowlatency linux-image-unsigned-4.4.0-236-tuxcare.els7-generic linux-image-unsigned-4.4.0-236-tuxcare.els7-lowlatency linux-libc-dev linux-lowlatency linux-modules-4.4.0-236-tuxcare.els7-generic linux-modules-4.4.0-236-tuxcare.els7-lowlatency linux-modules-extra-4.4.0-236-tuxcare.els7-generic linux-source linux-source-4.4.0 linux-tools-4.4.0-236-tuxcare.els7 linux-tools-4.4.0-236-tuxcare.els7-generic linux-tools-4.4.0-236-tuxcare.els7-lowlatency linux-tools-common linux-tools-generic linux-tools-host linux-tools-lowlatency libxml2 libxml2-dev libxml2-doc libxml2-utils python-libxml2 imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu libservlet3.0-java libservlet3.0-java-doc libtomcat7-java tomcat7 tomcat7-admin tomcat7-common tomcat7-docs tomcat7-examples tomcat7-user vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny glibc-doc glibc-source libc-bin libc-dev-bin libc6 libc6-dev libc6-dev-i386 libc6-dev-x32 libc6-i386 libc6-pic libc6-x32 locales locales-all multiarch-support nscd bsdutils libblkid-dev libblkid1 libfdisk-dev libfdisk1 libmount-dev libmount1 libsmartcols-dev libsmartcols1 libuuid1 mount util-linux util-linux-locales uuid-dev uuid-runtime ctdb libnss-winbind libpam-winbind libparse-pidl-perl libsmbclient libsmbclient-dev libwbclient-dev libwbclient0 python-samba registry-tools samba samba-common samba-common-bin samba-dev samba-dsdb-modules samba-libs samba-testsuite samba-vfs-modules smbclient winbind krb5-admin-server krb5-doc krb5-gss-samples krb5-k5tls krb5-kdc krb5-kdc-ldap krb5-locales krb5-multidev krb5-otp krb5-pkinit krb5-user libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit9 libkadm5srv-mit9 libkdb5-8 libkrad-dev libkrad0 libkrb5-3 libkrb5-dev libkrb5support0 vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libpam-cracklib libpam-doc libpam-modules libpam-modules-bin libpam-runtime libpam0g libpam0g-dev apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-suexec-custom apache2-suexec-pristine apache2-utils vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny ctdb libnss-winbind libpam-winbind libparse-pidl-perl libsmbclient libsmbclient-dev libwbclient-dev libwbclient0 python-samba registry-tools samba samba-common samba-common-bin samba-dev samba-dsdb-modules samba-libs samba-testsuite samba-vfs-modules smbclient winbind libmysqlclient-dev libmysqlclient20 libmysqld-dev mysql-client mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server mysql-server-5.7 mysql-server-core-5.7 mysql-source-5.7 mysql-testsuite mysql-testsuite-5.7 krb5-admin-server krb5-doc krb5-gss-samples krb5-k5tls krb5-kdc krb5-kdc-ldap krb5-locales krb5-multidev krb5-otp krb5-pkinit krb5-user libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit9 libkadm5srv-mit9 libkdb5-8 libkrad-dev libkrad0 libkrb5-3 libkrb5-dev libkrb5support0 apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-suexec-custom apache2-suexec-pristine apache2-utils sudo sudo-ldap libssl-dev libssl-doc libssl1.0.0 openssl cpp-5 cpp-5-doc fixincludes g++-5 g++-5-multilib gcc-5 gcc-5-base gcc-5-doc gcc-5-hppa64-linux-gnu gcc-5-locales gcc-5-multilib gcc-5-plugin-dev gcc-5-source gcc-5-test-results gccgo-5 gccgo-5-doc gccgo-5-multilib gcj-5 gcj-5-jdk gcj-5-jre gcj-5-jre-headless gcj-5-jre-lib gcj-5-source gdc-5 gdc-5-multilib gfortran-5 gfortran-5-doc gfortran-5-multilib gnat-5 gnat-5-doc gnat-5-sjlj gobjc++-5 gobjc++-5-multilib gobjc-5 gobjc-5-multilib lib32asan2 lib32atomic1 lib32cilkrts5 lib32gcc-5-dev lib32gfortran-5-dev lib32gfortran3 lib32go7 lib32gomp1 lib32itm1 lib32lsan0 lib32mpx0 lib32objc-5-dev lib32objc4 lib32phobos-5-dev lib32quadmath0 lib32stdc++-5-dev lib32stdc++6 lib32ubsan0 libasan2 libatomic1 libcc1-0 libcilkrts5 libgcc-5-dev libgccjit-5-dev libgccjit-5-doc libgccjit0 libgcj-doc libgcj16 libgcj16-awt libgcj16-dev libgfortran-5-dev libgfortran3 libgnat-5 libgnatprj5 libgnatprj5-dev libgnatvsn5 libgnatvsn5-dev libgo7 libgomp1 libitm1 liblsan0 libmpx0 libobjc-5-dev libobjc4 libphobos-5-dev libquadmath0 libstdc++-5-dev libstdc++-5-doc libstdc++-5-pic libstdc++6 libtsan0 libubsan0 libx32asan2 libx32atomic1 libx32cilkrts5 libx32gcc-5-dev libx32gfortran-5-dev libx32gfortran3 libx32go7 libx32gomp1 libx32itm1 libx32lsan0 libx32objc-5-dev libx32objc4 libx32phobos-5-dev libx32quadmath0 libx32stdc++-5-dev libx32stdc++6 libx32ubsan0 git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb libnss3 libnss3-1d libnss3-dev libnss3-nssdb libnss3-tools libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip tar tar-scripts idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev intel-microcode ctdb libnss-winbind libpam-winbind libparse-pidl-perl libsmbclient libsmbclient-dev libwbclient-dev libwbclient0 python-samba registry-tools samba samba-common samba-common-bin samba-dev samba-dsdb-modules samba-libs samba-testsuite samba-vfs-modules smbclient winbind libnss-myhostname libnss-mymachines libnss-resolve libpam-systemd libsystemd-dev libsystemd0 libudev-dev libudev1 systemd systemd-container systemd-coredump systemd-journal-remote systemd-sysv udev vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb glusterfs-client glusterfs-common glusterfs-server libnss3 libnss3-1d libnss3-dev libnss3-nssdb libnss3-tools curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick libxml2 libxml2-dev libxml2-doc libxml2-utils python-libxml2 linux-buildinfo-4.4.0-238-tuxcare.els9-generic linux-buildinfo-4.4.0-238-tuxcare.els9-lowlatency linux-cloud-tools-4.4.0-238-tuxcare.els9 linux-cloud-tools-4.4.0-238-tuxcare.els9-generic linux-cloud-tools-4.4.0-238-tuxcare.els9-lowlatency linux-cloud-tools-common linux-cloud-tools-generic linux-cloud-tools-lowlatency linux-crashdump linux-doc linux-generic linux-headers-4.4.0-238-tuxcare.els9 linux-headers-4.4.0-238-tuxcare.els9-generic linux-headers-4.4.0-238-tuxcare.els9-lowlatency linux-headers-generic linux-headers-lowlatency linux-image-generic linux-image-lowlatency linux-image-unsigned-4.4.0-238-tuxcare.els9-generic linux-image-unsigned-4.4.0-238-tuxcare.els9-lowlatency linux-libc-dev linux-lowlatency linux-modules-4.4.0-238-tuxcare.els9-generic linux-modules-4.4.0-238-tuxcare.els9-lowlatency linux-modules-extra-4.4.0-238-tuxcare.els9-generic linux-source linux-source-4.4.0 linux-tools-4.4.0-238-tuxcare.els9 linux-tools-4.4.0-238-tuxcare.els9-generic linux-tools-4.4.0-238-tuxcare.els9-lowlatency linux-tools-common linux-tools-generic linux-tools-host linux-tools-lowlatency libssl-dev libssl-doc libssl1.0.0 openssl git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb libmysqlclient-dev libmysqlclient20 libmysqld-dev mysql-client mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server mysql-server-5.7 mysql-server-core-5.7 mysql-source-5.7 mysql-testsuite mysql-testsuite-5.7 linux-buildinfo-4.4.0-240-tuxcare.els11-generic linux-buildinfo-4.4.0-240-tuxcare.els11-lowlatency linux-cloud-tools-4.4.0-240-tuxcare.els11 linux-cloud-tools-4.4.0-240-tuxcare.els11-generic linux-cloud-tools-4.4.0-240-tuxcare.els11-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-240-tuxcare.els11 linux-headers-4.4.0-240-tuxcare.els11-generic linux-headers-4.4.0-240-tuxcare.els11-lowlatency linux-image-unsigned-4.4.0-240-tuxcare.els11-generic linux-image-unsigned-4.4.0-240-tuxcare.els11-lowlatency linux-libc-dev linux-modules-4.4.0-240-tuxcare.els11-generic linux-modules-4.4.0-240-tuxcare.els11-lowlatency linux-modules-extra-4.4.0-240-tuxcare.els11-generic linux-source-4.4.0 linux-tools-4.4.0-240-tuxcare.els11 linux-tools-4.4.0-240-tuxcare.els11-generic linux-tools-4.4.0-240-tuxcare.els11-lowlatency linux-tools-common linux-tools-host isag sysstat isag sysstat vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libperl-dev libperl5.22 perl perl-base perl-debug perl-doc perl-modules-5.22 libssl-dev libssl-doc libssl1.0.0 openssl gnupg gnupg-curl gpgv binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev exim4 exim4-base exim4-config exim4-daemon-heavy exim4-daemon-light exim4-dev eximon4 linux-buildinfo-4.4.0-241-tuxcare.els12-generic linux-buildinfo-4.4.0-241-tuxcare.els12-lowlatency linux-cloud-tools-4.4.0-241-tuxcare.els12 linux-cloud-tools-4.4.0-241-tuxcare.els12-generic linux-cloud-tools-4.4.0-241-tuxcare.els12-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-241-tuxcare.els12 linux-headers-4.4.0-241-tuxcare.els12-generic linux-headers-4.4.0-241-tuxcare.els12-lowlatency linux-image-unsigned-4.4.0-241-tuxcare.els12-generic linux-image-unsigned-4.4.0-241-tuxcare.els12-lowlatency linux-libc-dev linux-modules-4.4.0-241-tuxcare.els12-generic linux-modules-4.4.0-241-tuxcare.els12-lowlatency linux-modules-extra-4.4.0-241-tuxcare.els12-generic linux-source-4.4.0 linux-tools-4.4.0-241-tuxcare.els12 linux-tools-4.4.0-241-tuxcare.els12-generic linux-tools-4.4.0-241-tuxcare.els12-lowlatency linux-tools-common linux-tools-host libcap-dev libcap2 libcap2-bin libpam-cap apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-suexec-custom apache2-suexec-pristine apache2-utils cups cups-bsd cups-client cups-common cups-core-drivers cups-daemon cups-ipp-utils cups-ppdc cups-server-common libcups2 libcups2-dev libcupscgi1 libcupscgi1-dev libcupsimage2 libcupsimage2-dev libcupsmime1 libcupsmime1-dev libcupsppdc1 libcupsppdc1-dev openjdk-8-demo openjdk-8-doc openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless openjdk-8-jre-jamvm openjdk-8-jre-zero openjdk-8-source imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick sudo sudo-ldap ldap-utils libldap-2.4-2 libldap2-dev slapd slapd-smbk5pwd libperl-dev libperl5.22 perl perl-base perl-debug perl-doc perl-modules-5.22 idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv linux-buildinfo-4.4.0-242-tuxcare.els13-generic linux-buildinfo-4.4.0-242-tuxcare.els13-lowlatency linux-cloud-tools-4.4.0-242-tuxcare.els13 linux-cloud-tools-4.4.0-242-tuxcare.els13-generic linux-cloud-tools-4.4.0-242-tuxcare.els13-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-242-tuxcare.els13 linux-headers-4.4.0-242-tuxcare.els13-generic linux-headers-4.4.0-242-tuxcare.els13-lowlatency linux-image-unsigned-4.4.0-242-tuxcare.els13-generic linux-image-unsigned-4.4.0-242-tuxcare.els13-lowlatency linux-libc-dev linux-modules-4.4.0-242-tuxcare.els13-generic linux-modules-4.4.0-242-tuxcare.els13-lowlatency linux-modules-extra-4.4.0-242-tuxcare.els13-generic linux-source-4.4.0 linux-tools-4.4.0-242-tuxcare.els13 linux-tools-4.4.0-242-tuxcare.els13-generic linux-tools-4.4.0-242-tuxcare.els13-lowlatency linux-tools-common linux-tools-host cups cups-bsd cups-client cups-common cups-core-drivers cups-daemon cups-ipp-utils cups-ppdc cups-server-common libcups2 libcups2-dev libcupscgi1 libcupscgi1-dev libcupsimage2 libcupsimage2-dev libcupsmime1 libcupsmime1-dev libcupsppdc1 libcupsppdc1-dev bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd ctdb libnss-winbind libpam-winbind libparse-pidl-perl libsmbclient libsmbclient-dev libwbclient-dev libwbclient0 python-samba registry-tools samba samba-common samba-common-bin samba-dev samba-dsdb-modules samba-libs samba-testsuite samba-vfs-modules smbclient winbind openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-askpass-gnome ssh-krb5 amd64-microcode libodbc1 odbcinst odbcinst1debian2 unixodbc unixodbc-dev amanda-client amanda-common amanda-server libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip linux-buildinfo-4.4.0-243-tuxcare.els14-generic linux-buildinfo-4.4.0-243-tuxcare.els14-lowlatency linux-cloud-tools-4.4.0-243-tuxcare.els14 linux-cloud-tools-4.4.0-243-tuxcare.els14-generic linux-cloud-tools-4.4.0-243-tuxcare.els14-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-243-tuxcare.els14 linux-headers-4.4.0-243-tuxcare.els14-generic linux-headers-4.4.0-243-tuxcare.els14-lowlatency linux-image-unsigned-4.4.0-243-tuxcare.els14-generic linux-image-unsigned-4.4.0-243-tuxcare.els14-lowlatency linux-libc-dev linux-modules-4.4.0-243-tuxcare.els14-generic linux-modules-4.4.0-243-tuxcare.els14-lowlatency linux-modules-extra-4.4.0-243-tuxcare.els14-generic linux-source-4.4.0 linux-tools-4.4.0-243-tuxcare.els14 linux-tools-4.4.0-243-tuxcare.els14-generic linux-tools-4.4.0-243-tuxcare.els14-lowlatency linux-tools-common linux-tools-host intel-microcode libssl-dev libssl-doc libssl1.0.0 openssl linux-buildinfo-4.4.0-244-tuxcare.els15-generic linux-buildinfo-4.4.0-244-tuxcare.els15-lowlatency linux-cloud-tools-4.4.0-244-tuxcare.els15 linux-cloud-tools-4.4.0-244-tuxcare.els15-generic linux-cloud-tools-4.4.0-244-tuxcare.els15-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-244-tuxcare.els15 linux-headers-4.4.0-244-tuxcare.els15-generic linux-headers-4.4.0-244-tuxcare.els15-lowlatency linux-image-unsigned-4.4.0-244-tuxcare.els15-generic linux-image-unsigned-4.4.0-244-tuxcare.els15-lowlatency linux-libc-dev linux-modules-4.4.0-244-tuxcare.els15-generic linux-modules-4.4.0-244-tuxcare.els15-lowlatency linux-modules-extra-4.4.0-244-tuxcare.els15-generic linux-source-4.4.0 linux-tools-4.4.0-244-tuxcare.els15 linux-tools-4.4.0-244-tuxcare.els15-generic linux-tools-4.4.0-244-tuxcare.els15-lowlatency linux-tools-common linux-tools-host busybox busybox-initramfs busybox-static busybox-syslogd udhcpc udhcpd amd64-microcode binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu openjdk-8-demo openjdk-8-doc openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless openjdk-8-jre-jamvm openjdk-8-jre-zero openjdk-8-source idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv linux-buildinfo-4.4.0-245-tuxcare.els16-generic linux-buildinfo-4.4.0-245-tuxcare.els16-lowlatency linux-cloud-tools-4.4.0-245-tuxcare.els16 linux-cloud-tools-4.4.0-245-tuxcare.els16-generic linux-cloud-tools-4.4.0-245-tuxcare.els16-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-245-tuxcare.els16 linux-headers-4.4.0-245-tuxcare.els16-generic linux-headers-4.4.0-245-tuxcare.els16-lowlatency linux-image-unsigned-4.4.0-245-tuxcare.els16-generic linux-image-unsigned-4.4.0-245-tuxcare.els16-lowlatency linux-libc-dev linux-modules-4.4.0-245-tuxcare.els16-generic linux-modules-4.4.0-245-tuxcare.els16-lowlatency linux-modules-extra-4.4.0-245-tuxcare.els16-generic linux-source-4.4.0 linux-tools-4.4.0-245-tuxcare.els16 linux-tools-4.4.0-245-tuxcare.els16-generic linux-tools-4.4.0-245-tuxcare.els16-lowlatency linux-tools-common linux-tools-host vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu libssh2-1 libssh2-1-dev linux-buildinfo-4.4.0-246-tuxcare.els17-generic linux-buildinfo-4.4.0-246-tuxcare.els17-lowlatency linux-cloud-tools-4.4.0-246-tuxcare.els17 linux-cloud-tools-4.4.0-246-tuxcare.els17-generic linux-cloud-tools-4.4.0-246-tuxcare.els17-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-246-tuxcare.els17 linux-headers-4.4.0-246-tuxcare.els17-generic linux-headers-4.4.0-246-tuxcare.els17-lowlatency linux-image-unsigned-4.4.0-246-tuxcare.els17-generic linux-image-unsigned-4.4.0-246-tuxcare.els17-lowlatency linux-libc-dev linux-modules-4.4.0-246-tuxcare.els17-generic linux-modules-4.4.0-246-tuxcare.els17-lowlatency linux-modules-extra-4.4.0-246-tuxcare.els17-generic linux-source-4.4.0 linux-tools-4.4.0-246-tuxcare.els17 linux-tools-4.4.0-246-tuxcare.els17-generic linux-tools-4.4.0-246-tuxcare.els17-lowlatency linux-tools-common linux-tools-host binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick memcached libwebp-dev libwebp5 libwebpdemux1 libwebpmux1 webp idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev exim4 exim4-base exim4-config exim4-daemon-heavy exim4-daemon-light exim4-dev eximon4 idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv cups cups-bsd cups-client cups-common cups-core-drivers cups-daemon cups-ipp-utils cups-ppdc cups-server-common libcups2 libcups2-dev libcupscgi1 libcupscgi1-dev libcupsimage2 libcupsimage2-dev libcupsmime1 libcupsmime1-dev libcupsppdc1 libcupsppdc1-dev libglib2.0-0 libglib2.0-0-refdbg libglib2.0-bin libglib2.0-data libglib2.0-dev libglib2.0-doc libglib2.0-tests nginx nginx-common nginx-core nginx-doc nginx-extras nginx-full nginx-light linux-buildinfo-4.4.0-247-tuxcare.els18-generic linux-buildinfo-4.4.0-247-tuxcare.els18-lowlatency linux-cloud-tools-4.4.0-247-tuxcare.els18 linux-cloud-tools-4.4.0-247-tuxcare.els18-generic linux-cloud-tools-4.4.0-247-tuxcare.els18-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-247-tuxcare.els18 linux-headers-4.4.0-247-tuxcare.els18-generic linux-headers-4.4.0-247-tuxcare.els18-lowlatency linux-image-unsigned-4.4.0-247-tuxcare.els18-generic linux-image-unsigned-4.4.0-247-tuxcare.els18-lowlatency linux-libc-dev linux-modules-4.4.0-247-tuxcare.els18-generic linux-modules-4.4.0-247-tuxcare.els18-lowlatency linux-modules-extra-4.4.0-247-tuxcare.els18-generic linux-source-4.4.0 linux-tools-4.4.0-247-tuxcare.els18 linux-tools-4.4.0-247-tuxcare.els18-generic linux-tools-4.4.0-247-tuxcare.els18-lowlatency linux-tools-common linux-tools-host quagga quagga-doc lib32z1 lib32z1-dev libx32z1 libx32z1-dev zlib1g zlib1g-dev linux-buildinfo-4.4.0-248-tuxcare.els19-generic linux-buildinfo-4.4.0-248-tuxcare.els19-lowlatency linux-cloud-tools-4.4.0-248-tuxcare.els19 linux-cloud-tools-4.4.0-248-tuxcare.els19-generic linux-cloud-tools-4.4.0-248-tuxcare.els19-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-248-tuxcare.els19 linux-headers-4.4.0-248-tuxcare.els19-generic linux-headers-4.4.0-248-tuxcare.els19-lowlatency linux-image-unsigned-4.4.0-248-tuxcare.els19-generic linux-image-unsigned-4.4.0-248-tuxcare.els19-lowlatency linux-libc-dev linux-modules-4.4.0-248-tuxcare.els19-generic linux-modules-4.4.0-248-tuxcare.els19-lowlatency linux-modules-extra-4.4.0-248-tuxcare.els19-generic linux-source-4.4.0 linux-tools-4.4.0-248-tuxcare.els19 linux-tools-4.4.0-248-tuxcare.els19-generic linux-tools-4.4.0-248-tuxcare.els19-lowlatency linux-tools-common linux-tools-host dbus dbus-1-doc dbus-tests dbus-user-session dbus-x11 libdbus-1-3 libdbus-1-dev vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-suexec-custom apache2-suexec-pristine apache2-utils binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-dev binutils-doc binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64-linux-gnuabi64 binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny cups cups-bsd cups-client cups-common cups-core-drivers cups-daemon cups-ipp-utils cups-ppdc cups-server-common libcups2 libcups2-dev libcupscgi1 libcupscgi1-dev libcupsimage2 libcupsimage2-dev libcupsmime1 libcupsmime1-dev libcupsppdc1 libcupsppdc1-dev libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip exim4 exim4-base exim4-config exim4-daemon-heavy exim4-daemon-light exim4-dev eximon4 krb5-admin-server krb5-doc krb5-gss-samples krb5-k5tls krb5-kdc krb5-kdc-ldap krb5-locales krb5-multidev krb5-otp krb5-pkinit krb5-user libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit9 libkadm5srv-mit9 libkdb5-8 libkrad-dev libkrad0 libkrb5-3 libkrb5-dev libkrb5support0 squid squid-cgi squid-common squid-purge squid3 squidclient openjdk-8-demo openjdk-8-doc openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless openjdk-8-jre-jamvm openjdk-8-jre-zero openjdk-8-source libssl-dev libssl-doc libssl1.0.0 openssl ctdb libnss-winbind libpam-winbind libparse-pidl-perl libsmbclient libsmbclient-dev libwbclient-dev libwbclient0 python-samba registry-tools samba samba-common samba-common-bin samba-dev samba-dsdb-modules samba-libs samba-testsuite samba-vfs-modules smbclient winbind linux-firmware libksba-dev libksba8 libprocps4 libprocps4-dev procps linux-buildinfo-4.4.0-249-tuxcare.els20-generic linux-buildinfo-4.4.0-249-tuxcare.els20-lowlatency linux-cloud-tools-4.4.0-249-tuxcare.els20 linux-cloud-tools-4.4.0-249-tuxcare.els20-generic linux-cloud-tools-4.4.0-249-tuxcare.els20-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-249-tuxcare.els20 linux-headers-4.4.0-249-tuxcare.els20-generic linux-headers-4.4.0-249-tuxcare.els20-lowlatency linux-image-unsigned-4.4.0-249-tuxcare.els20-generic linux-image-unsigned-4.4.0-249-tuxcare.els20-lowlatency linux-libc-dev linux-modules-4.4.0-249-tuxcare.els20-generic linux-modules-4.4.0-249-tuxcare.els20-lowlatency linux-modules-extra-4.4.0-249-tuxcare.els20-generic linux-source-4.4.0 linux-tools-4.4.0-249-tuxcare.els20 linux-tools-4.4.0-249-tuxcare.els20-generic linux-tools-4.4.0-249-tuxcare.els20-lowlatency linux-tools-common linux-tools-host idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal intel-microcode squid squid-cgi squid-common squid-purge squid3 squidclient idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal libmysqlclient-dev libmysqlclient20 libmysqld-dev mysql-client mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server mysql-server-5.7 mysql-server-core-5.7 mysql-source-5.7 mysql-testsuite mysql-testsuite-5.7 haproxy haproxy-doc vim-haproxy squid squid-cgi squid-common squid-purge squid3 squidclient idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-askpass-gnome ssh-krb5 openjdk-8-demo openjdk-8-doc openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless openjdk-8-jre-jamvm openjdk-8-jre-zero openjdk-8-source vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny linux-buildinfo-4.4.0-250-tuxcare.els21-generic linux-buildinfo-4.4.0-250-tuxcare.els21-lowlatency linux-cloud-tools-4.4.0-250-tuxcare.els21 linux-cloud-tools-4.4.0-250-tuxcare.els21-generic linux-cloud-tools-4.4.0-250-tuxcare.els21-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-250-tuxcare.els21 linux-headers-4.4.0-250-tuxcare.els21-generic linux-headers-4.4.0-250-tuxcare.els21-lowlatency linux-image-unsigned-4.4.0-250-tuxcare.els21-generic linux-image-unsigned-4.4.0-250-tuxcare.els21-lowlatency linux-libc-dev linux-modules-4.4.0-250-tuxcare.els21-generic linux-modules-4.4.0-250-tuxcare.els21-lowlatency linux-modules-extra-4.4.0-250-tuxcare.els21-generic linux-source-4.4.0 linux-tools-4.4.0-250-tuxcare.els21 linux-tools-4.4.0-250-tuxcare.els21-generic linux-tools-4.4.0-250-tuxcare.els21-lowlatency linux-tools-common linux-tools-host squid squid-cgi squid-common squid-purge squid3 squidclient tar tar-scripts linux-buildinfo-4.4.0-251-tuxcare.els22-generic linux-buildinfo-4.4.0-251-tuxcare.els22-lowlatency linux-cloud-tools-4.4.0-251-tuxcare.els22 linux-cloud-tools-4.4.0-251-tuxcare.els22-generic linux-cloud-tools-4.4.0-251-tuxcare.els22-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-251-tuxcare.els22 linux-headers-4.4.0-251-tuxcare.els22-generic linux-headers-4.4.0-251-tuxcare.els22-lowlatency linux-image-unsigned-4.4.0-251-tuxcare.els22-generic linux-image-unsigned-4.4.0-251-tuxcare.els22-lowlatency linux-libc-dev linux-modules-4.4.0-251-tuxcare.els22-generic linux-modules-4.4.0-251-tuxcare.els22-lowlatency linux-modules-extra-4.4.0-251-tuxcare.els22-generic linux-source-4.4.0 linux-tools-4.4.0-251-tuxcare.els22 linux-tools-4.4.0-251-tuxcare.els22-generic linux-tools-4.4.0-251-tuxcare.els22-lowlatency linux-tools-common linux-tools-host openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-askpass-gnome ssh-krb5 libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 libxml2 libxml2-dev libxml2-doc libxml2-utils python-libxml2 bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd exim4 exim4-base exim4-config exim4-daemon-heavy exim4-daemon-light exim4-dev eximon4 glibc-doc glibc-source libc-bin libc-dev-bin libc6 libc6-dev libc6-dev-i386 libc6-dev-x32 libc6-i386 libc6-pic libc6-x32 locales locales-all multiarch-support nscd libssh-4 libssh-dev libssh-doc libssh-gcrypt-4 libssh-gcrypt-dev imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick libssl-dev libssl-doc libssl1.0.0 openssl squid squid-cgi squid-common squid-purge squid3 squidclient vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev libssl-dev libssl-doc libssl1.0.0 openssl linux-buildinfo-4.4.0-253-tuxcare.els24-generic linux-buildinfo-4.4.0-253-tuxcare.els24-lowlatency linux-cloud-tools-4.4.0-253-tuxcare.els24 linux-cloud-tools-4.4.0-253-tuxcare.els24-generic linux-cloud-tools-4.4.0-253-tuxcare.els24-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-253-tuxcare.els24 linux-headers-4.4.0-253-tuxcare.els24-generic linux-headers-4.4.0-253-tuxcare.els24-lowlatency linux-image-unsigned-4.4.0-253-tuxcare.els24-generic linux-image-unsigned-4.4.0-253-tuxcare.els24-lowlatency linux-libc-dev linux-modules-4.4.0-253-tuxcare.els24-generic linux-modules-4.4.0-253-tuxcare.els24-lowlatency linux-modules-extra-4.4.0-253-tuxcare.els24-generic linux-source-4.4.0 linux-tools-4.4.0-253-tuxcare.els24 linux-tools-4.4.0-253-tuxcare.els24-generic linux-tools-4.4.0-253-tuxcare.els24-lowlatency linux-tools-common linux-tools-host libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 libpam-cracklib libpam-doc libpam-modules libpam-modules-bin libpam-runtime libpam0g libpam0g-dev curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev libodbc1 odbcinst odbcinst1debian2 unixodbc unixodbc-dev less linux-buildinfo-4.4.0-254-tuxcare.els25-generic linux-buildinfo-4.4.0-254-tuxcare.els25-lowlatency linux-cloud-tools-4.4.0-254-tuxcare.els25 linux-cloud-tools-4.4.0-254-tuxcare.els25-generic linux-cloud-tools-4.4.0-254-tuxcare.els25-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-254-tuxcare.els25 linux-headers-4.4.0-254-tuxcare.els25-generic linux-headers-4.4.0-254-tuxcare.els25-lowlatency linux-image-unsigned-4.4.0-254-tuxcare.els25-generic linux-image-unsigned-4.4.0-254-tuxcare.els25-lowlatency linux-libc-dev linux-modules-4.4.0-254-tuxcare.els25-generic linux-modules-4.4.0-254-tuxcare.els25-lowlatency linux-modules-extra-4.4.0-254-tuxcare.els25-generic linux-source-4.4.0 linux-tools-4.4.0-254-tuxcare.els25 linux-tools-4.4.0-254-tuxcare.els25-generic linux-tools-4.4.0-254-tuxcare.els25-lowlatency linux-tools-common linux-tools-host libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip linux-buildinfo-4.4.0-255-tuxcare.els26-generic linux-buildinfo-4.4.0-255-tuxcare.els26-lowlatency linux-cloud-tools-4.4.0-255-tuxcare.els26 linux-cloud-tools-4.4.0-255-tuxcare.els26-generic linux-cloud-tools-4.4.0-255-tuxcare.els26-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-255-tuxcare.els26 linux-headers-4.4.0-255-tuxcare.els26-generic linux-headers-4.4.0-255-tuxcare.els26-lowlatency linux-image-unsigned-4.4.0-255-tuxcare.els26-generic linux-image-unsigned-4.4.0-255-tuxcare.els26-lowlatency linux-libc-dev linux-modules-4.4.0-255-tuxcare.els26-generic linux-modules-4.4.0-255-tuxcare.els26-lowlatency linux-modules-extra-4.4.0-255-tuxcare.els26-generic linux-source-4.4.0 linux-tools-4.4.0-255-tuxcare.els26 linux-tools-4.4.0-255-tuxcare.els26-generic linux-tools-4.4.0-255-tuxcare.els26-lowlatency linux-tools-common linux-tools-host libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip less linux-buildinfo-4.4.0-256-tuxcare.els27-generic linux-buildinfo-4.4.0-256-tuxcare.els27-lowlatency linux-cloud-tools-4.4.0-256-tuxcare.els27 linux-cloud-tools-4.4.0-256-tuxcare.els27-generic linux-cloud-tools-4.4.0-256-tuxcare.els27-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-256-tuxcare.els27 linux-headers-4.4.0-256-tuxcare.els27-generic linux-headers-4.4.0-256-tuxcare.els27-lowlatency linux-image-unsigned-4.4.0-256-tuxcare.els27-generic linux-image-unsigned-4.4.0-256-tuxcare.els27-lowlatency linux-libc-dev linux-modules-4.4.0-256-tuxcare.els27-generic linux-modules-4.4.0-256-tuxcare.els27-lowlatency linux-modules-extra-4.4.0-256-tuxcare.els27-generic linux-source-4.4.0 linux-tools-4.4.0-256-tuxcare.els27 linux-tools-4.4.0-256-tuxcare.els27-generic linux-tools-4.4.0-256-tuxcare.els27-lowlatency linux-tools-common linux-tools-host squid squid-cgi squid-common squid-purge squid3 squidclient linux-buildinfo-4.4.0-257-tuxcare.els28-generic linux-buildinfo-4.4.0-257-tuxcare.els28-lowlatency linux-cloud-tools-4.4.0-257-tuxcare.els28 linux-cloud-tools-4.4.0-257-tuxcare.els28-generic linux-cloud-tools-4.4.0-257-tuxcare.els28-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-257-tuxcare.els28 linux-headers-4.4.0-257-tuxcare.els28-generic linux-headers-4.4.0-257-tuxcare.els28-lowlatency linux-image-unsigned-4.4.0-257-tuxcare.els28-generic linux-image-unsigned-4.4.0-257-tuxcare.els28-lowlatency linux-libc-dev linux-modules-4.4.0-257-tuxcare.els28-generic linux-modules-4.4.0-257-tuxcare.els28-lowlatency linux-modules-extra-4.4.0-257-tuxcare.els28-generic linux-source-4.4.0 linux-tools-4.4.0-257-tuxcare.els28 linux-tools-4.4.0-257-tuxcare.els28-generic linux-tools-4.4.0-257-tuxcare.els28-lowlatency linux-tools-common linux-tools-host glibc-doc glibc-source libc-bin libc-dev-bin libc6 libc6-dev libc6-dev-i386 libc6-dev-x32 libc6-i386 libc6-pic libc6-x32 locales locales-all multiarch-support nscd libprocps4 libprocps4-dev procps libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip linux-buildinfo-4.4.0-258-tuxcare.els29-generic linux-buildinfo-4.4.0-258-tuxcare.els29-lowlatency linux-cloud-tools-4.4.0-258-tuxcare.els29 linux-cloud-tools-4.4.0-258-tuxcare.els29-generic linux-cloud-tools-4.4.0-258-tuxcare.els29-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-258-tuxcare.els29 linux-headers-4.4.0-258-tuxcare.els29-generic linux-headers-4.4.0-258-tuxcare.els29-lowlatency linux-image-unsigned-4.4.0-258-tuxcare.els29-generic linux-image-unsigned-4.4.0-258-tuxcare.els29-lowlatency linux-libc-dev linux-modules-4.4.0-258-tuxcare.els29-generic linux-modules-4.4.0-258-tuxcare.els29-lowlatency linux-modules-extra-4.4.0-258-tuxcare.els29-generic linux-source-4.4.0 linux-tools-4.4.0-258-tuxcare.els29 linux-tools-4.4.0-258-tuxcare.els29-generic linux-tools-4.4.0-258-tuxcare.els29-lowlatency linux-tools-common linux-tools-host linux-buildinfo-4.4.0-259-tuxcare.els30-generic linux-buildinfo-4.4.0-259-tuxcare.els30-lowlatency linux-cloud-tools-4.4.0-259-tuxcare.els30 linux-cloud-tools-4.4.0-259-tuxcare.els30-generic linux-cloud-tools-4.4.0-259-tuxcare.els30-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-259-tuxcare.els30 linux-headers-4.4.0-259-tuxcare.els30-generic linux-headers-4.4.0-259-tuxcare.els30-lowlatency linux-image-unsigned-4.4.0-259-tuxcare.els30-generic linux-image-unsigned-4.4.0-259-tuxcare.els30-lowlatency linux-libc-dev linux-modules-4.4.0-259-tuxcare.els30-generic linux-modules-4.4.0-259-tuxcare.els30-lowlatency linux-modules-extra-4.4.0-259-tuxcare.els30-generic linux-source-4.4.0 linux-tools-4.4.0-259-tuxcare.els30 linux-tools-4.4.0-259-tuxcare.els30-generic linux-tools-4.4.0-259-tuxcare.els30-lowlatency linux-tools-common linux-tools-host glibc-doc glibc-source libc-bin libc-dev-bin libc6 libc6-dev libc6-dev-i386 libc6-dev-x32 libc6-i386 libc6-pic libc6-x32 locales locales-all multiarch-support nscd idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal linux-buildinfo-4.4.0-260-tuxcare.els31-generic linux-buildinfo-4.4.0-260-tuxcare.els31-lowlatency linux-cloud-tools-4.4.0-260-tuxcare.els31 linux-cloud-tools-4.4.0-260-tuxcare.els31-generic linux-cloud-tools-4.4.0-260-tuxcare.els31-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-260-tuxcare.els31 linux-headers-4.4.0-260-tuxcare.els31-generic linux-headers-4.4.0-260-tuxcare.els31-lowlatency linux-image-unsigned-4.4.0-260-tuxcare.els31-generic linux-image-unsigned-4.4.0-260-tuxcare.els31-lowlatency linux-libc-dev linux-modules-4.4.0-260-tuxcare.els31-generic linux-modules-4.4.0-260-tuxcare.els31-lowlatency linux-modules-extra-4.4.0-260-tuxcare.els31-generic linux-source-4.4.0 linux-tools-4.4.0-260-tuxcare.els31 linux-tools-4.4.0-260-tuxcare.els31-generic linux-tools-4.4.0-260-tuxcare.els31-lowlatency linux-tools-common linux-tools-host gdb gdb-doc gdb-multiarch gdb-source gdbserver linux-buildinfo-4.4.0-261-tuxcare.els32-generic linux-buildinfo-4.4.0-261-tuxcare.els32-lowlatency linux-cloud-tools-4.4.0-261-tuxcare.els32 linux-cloud-tools-4.4.0-261-tuxcare.els32-generic linux-cloud-tools-4.4.0-261-tuxcare.els32-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-261-tuxcare.els32 linux-headers-4.4.0-261-tuxcare.els32-generic linux-headers-4.4.0-261-tuxcare.els32-lowlatency linux-image-unsigned-4.4.0-261-tuxcare.els32-generic linux-image-unsigned-4.4.0-261-tuxcare.els32-lowlatency linux-libc-dev linux-modules-4.4.0-261-tuxcare.els32-generic linux-modules-4.4.0-261-tuxcare.els32-lowlatency linux-modules-extra-4.4.0-261-tuxcare.els32-generic linux-source-4.4.0 linux-tools-4.4.0-261-tuxcare.els32 linux-tools-4.4.0-261-tuxcare.els32-generic linux-tools-4.4.0-261-tuxcare.els32-lowlatency linux-tools-common linux-tools-host intel-microcode idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal wget linux-buildinfo-4.4.0-262-tuxcare.els33-generic linux-buildinfo-4.4.0-262-tuxcare.els33-lowlatency linux-cloud-tools-4.4.0-262-tuxcare.els33 linux-cloud-tools-4.4.0-262-tuxcare.els33-generic linux-cloud-tools-4.4.0-262-tuxcare.els33-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-262-tuxcare.els33 linux-headers-4.4.0-262-tuxcare.els33-generic linux-headers-4.4.0-262-tuxcare.els33-lowlatency linux-image-unsigned-4.4.0-262-tuxcare.els33-generic linux-image-unsigned-4.4.0-262-tuxcare.els33-lowlatency linux-libc-dev linux-modules-4.4.0-262-tuxcare.els33-generic linux-modules-4.4.0-262-tuxcare.els33-lowlatency linux-modules-extra-4.4.0-262-tuxcare.els33-generic linux-source-4.4.0 linux-tools-4.4.0-262-tuxcare.els33 linux-tools-4.4.0-262-tuxcare.els33-generic linux-tools-4.4.0-262-tuxcare.els33-lowlatency linux-tools-common linux-tools-host linux-buildinfo-4.4.0-263-tuxcare.els34-generic linux-buildinfo-4.4.0-263-tuxcare.els34-lowlatency linux-cloud-tools-4.4.0-263-tuxcare.els34 linux-cloud-tools-4.4.0-263-tuxcare.els34-generic linux-cloud-tools-4.4.0-263-tuxcare.els34-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-263-tuxcare.els34 linux-headers-4.4.0-263-tuxcare.els34-generic linux-headers-4.4.0-263-tuxcare.els34-lowlatency linux-image-unsigned-4.4.0-263-tuxcare.els34-generic linux-image-unsigned-4.4.0-263-tuxcare.els34-lowlatency linux-libc-dev linux-modules-4.4.0-263-tuxcare.els34-generic linux-modules-4.4.0-263-tuxcare.els34-lowlatency linux-modules-extra-4.4.0-263-tuxcare.els34-generic linux-source-4.4.0 linux-tools-4.4.0-263-tuxcare.els34 linux-tools-4.4.0-263-tuxcare.els34-generic linux-tools-4.4.0-263-tuxcare.els34-lowlatency linux-tools-common linux-tools-host idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv libservlet3.1-java libservlet3.1-java-doc libtomcat8-java tomcat8 tomcat8-admin tomcat8-common tomcat8-docs tomcat8-examples tomcat8-user linux-buildinfo-4.4.0-264-tuxcare.els35-generic linux-buildinfo-4.4.0-264-tuxcare.els35-lowlatency linux-cloud-tools-4.4.0-264-tuxcare.els35 linux-cloud-tools-4.4.0-264-tuxcare.els35-generic linux-cloud-tools-4.4.0-264-tuxcare.els35-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-264-tuxcare.els35 linux-headers-4.4.0-264-tuxcare.els35-generic linux-headers-4.4.0-264-tuxcare.els35-lowlatency linux-image-unsigned-4.4.0-264-tuxcare.els35-generic linux-image-unsigned-4.4.0-264-tuxcare.els35-lowlatency linux-libc-dev linux-modules-4.4.0-264-tuxcare.els35-generic linux-modules-4.4.0-264-tuxcare.els35-lowlatency linux-modules-extra-4.4.0-264-tuxcare.els35-generic linux-source-4.4.0 linux-tools-4.4.0-264-tuxcare.els35 linux-tools-4.4.0-264-tuxcare.els35-generic linux-tools-4.4.0-264-tuxcare.els35-lowlatency linux-tools-common linux-tools-host apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-suexec-custom apache2-suexec-pristine apache2-utils squid squid-cgi squid-common squid-purge squid3 squidclient bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev expat libexpat1 libexpat1-dev krb5-admin-server krb5-doc krb5-gss-samples krb5-k5tls krb5-kdc krb5-kdc-ldap krb5-locales krb5-multidev krb5-otp krb5-pkinit krb5-user libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit9 libkadm5srv-mit9 libkdb5-8 libkrad-dev libkrad0 libkrb5-3 libkrb5-dev libkrb5support0 linux-buildinfo-4.4.0-265-tuxcare.els36-generic linux-buildinfo-4.4.0-265-tuxcare.els36-lowlatency linux-cloud-tools-4.4.0-265-tuxcare.els36 linux-cloud-tools-4.4.0-265-tuxcare.els36-generic linux-cloud-tools-4.4.0-265-tuxcare.els36-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-265-tuxcare.els36 linux-headers-4.4.0-265-tuxcare.els36-generic linux-headers-4.4.0-265-tuxcare.els36-lowlatency linux-image-unsigned-4.4.0-265-tuxcare.els36-generic linux-image-unsigned-4.4.0-265-tuxcare.els36-lowlatency linux-libc-dev linux-modules-4.4.0-265-tuxcare.els36-generic linux-modules-4.4.0-265-tuxcare.els36-lowlatency linux-modules-extra-4.4.0-265-tuxcare.els36-generic linux-source-4.4.0 linux-tools-4.4.0-265-tuxcare.els36 linux-tools-4.4.0-265-tuxcare.els36-generic linux-tools-4.4.0-265-tuxcare.els36-lowlatency linux-tools-common linux-tools-host idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal bind9 bind9-doc bind9-host bind9utils dnsutils host libbind-dev libbind-export-dev libbind9-140 libdns-export162 libdns162 libirs-export141 libirs141 libisc-export160 libisc160 libisccc-export140 libisccc140 libisccfg-export140 libisccfg140 liblwres141 lwresd libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 postgresql-doc-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5 postgresql-server-dev-9.5 amd64-microcode intel-microcode linux-buildinfo-4.4.0-266-tuxcare.els37-generic linux-buildinfo-4.4.0-266-tuxcare.els37-lowlatency linux-cloud-tools-4.4.0-266-tuxcare.els37 linux-cloud-tools-4.4.0-266-tuxcare.els37-generic linux-cloud-tools-4.4.0-266-tuxcare.els37-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-266-tuxcare.els37 linux-headers-4.4.0-266-tuxcare.els37-generic linux-headers-4.4.0-266-tuxcare.els37-lowlatency linux-image-unsigned-4.4.0-266-tuxcare.els37-generic linux-image-unsigned-4.4.0-266-tuxcare.els37-lowlatency linux-libc-dev linux-modules-4.4.0-266-tuxcare.els37-generic linux-modules-4.4.0-266-tuxcare.els37-lowlatency linux-modules-extra-4.4.0-266-tuxcare.els37-generic linux-source-4.4.0 linux-tools-4.4.0-266-tuxcare.els37 linux-tools-4.4.0-266-tuxcare.els37-generic linux-tools-4.4.0-266-tuxcare.els37-lowlatency linux-tools-common linux-tools-host intel-microcode vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal idle-python3.5 libpython3.5 libpython3.5-dev libpython3.5-minimal libpython3.5-stdlib libpython3.5-testsuite python3.5 python3.5-dev python3.5-doc python3.5-examples python3.5-minimal python3.5-venv vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip nginx nginx-common nginx-core nginx-doc nginx-extras nginx-full nginx-light imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick git git-all git-arch git-core git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb linux-buildinfo-4.4.0-267-tuxcare.els38-generic linux-buildinfo-4.4.0-267-tuxcare.els38-lowlatency linux-cloud-tools-4.4.0-267-tuxcare.els38 linux-cloud-tools-4.4.0-267-tuxcare.els38-generic linux-cloud-tools-4.4.0-267-tuxcare.els38-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-267-tuxcare.els38 linux-headers-4.4.0-267-tuxcare.els38-generic linux-headers-4.4.0-267-tuxcare.els38-lowlatency linux-image-unsigned-4.4.0-267-tuxcare.els38-generic linux-image-unsigned-4.4.0-267-tuxcare.els38-lowlatency linux-libc-dev linux-modules-4.4.0-267-tuxcare.els38-generic linux-modules-4.4.0-267-tuxcare.els38-lowlatency linux-modules-extra-4.4.0-267-tuxcare.els38-generic linux-source-4.4.0 linux-tools-4.4.0-267-tuxcare.els38 linux-tools-4.4.0-267-tuxcare.els38-generic linux-tools-4.4.0-267-tuxcare.els38-lowlatency linux-tools-common linux-tools-host imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick libglib2.0-0 libglib2.0-0-refdbg libglib2.0-bin libglib2.0-data libglib2.0-dev libglib2.0-doc libglib2.0-tests imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick openjdk-8-demo openjdk-8-doc openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless openjdk-8-jre-jamvm openjdk-8-jre-zero openjdk-8-source imagemagick imagemagick-6.q16 imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libmagick++-6-headers libmagick++-6.q16-5v5 libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagickwand-dev perlmagick squid squid-cgi squid-common squid-purge squid3 squidclient linux-buildinfo-4.4.0-268-tuxcare.els39-generic linux-buildinfo-4.4.0-268-tuxcare.els39-lowlatency linux-cloud-tools-4.4.0-268-tuxcare.els39 linux-cloud-tools-4.4.0-268-tuxcare.els39-generic linux-cloud-tools-4.4.0-268-tuxcare.els39-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.4.0-268-tuxcare.els39 linux-headers-4.4.0-268-tuxcare.els39-generic linux-headers-4.4.0-268-tuxcare.els39-lowlatency linux-image-unsigned-4.4.0-268-tuxcare.els39-generic linux-image-unsigned-4.4.0-268-tuxcare.els39-lowlatency linux-libc-dev linux-modules-4.4.0-268-tuxcare.els39-generic linux-modules-4.4.0-268-tuxcare.els39-lowlatency linux-modules-extra-4.4.0-268-tuxcare.els39-generic linux-source-4.4.0 linux-tools-4.4.0-268-tuxcare.els39 linux-tools-4.4.0-268-tuxcare.els39-generic linux-tools-4.4.0-268-tuxcare.els39-lowlatency linux-tools-common linux-tools-host haproxy haproxy-doc vim-haproxy needrestart idle-python2.7 libpython2.7 libpython2.7-dev libpython2.7-minimal libpython2.7-stdlib libpython2.7-testsuite python2.7 python2.7-dev python2.7-doc python2.7-examples python2.7-minimal libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip linux-firmware expat libexpat1 libexpat1-dev libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-bcmath php7.0-bz2 php7.0-cgi php7.0-cli php7.0-common php7.0-curl php7.0-dba php7.0-dev php7.0-enchant php7.0-fpm php7.0-gd php7.0-gmp php7.0-imap php7.0-interbase php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-odbc php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-readline php7.0-recode php7.0-snmp php7.0-soap php7.0-sqlite3 php7.0-sybase php7.0-tidy php7.0-xml php7.0-xmlrpc php7.0-xsl php7.0-zip linux-buildinfo-4.4.0-269-tuxcare.els40-generic linux-buildinfo-4.4.0-269-tuxcare.els40-lowlatency linux-cloud-tools-4.4.0-269-tuxcare.els40 linux-cloud-tools-4.4.0-269-tuxcare.els40-generic linux-cloud-tools-4.4.0-269-tuxcare.els40-lowlatency linux-cloud-tools-common linux-cloud-tools-generic linux-cloud-tools-lowlatency linux-crashdump linux-doc linux-generic linux-headers-4.4.0-269-tuxcare.els40 linux-headers-4.4.0-269-tuxcare.els40-generic linux-headers-4.4.0-269-tuxcare.els40-lowlatency linux-headers-generic linux-headers-lowlatency linux-image-generic linux-image-lowlatency linux-image-unsigned-4.4.0-269-tuxcare.els40-generic linux-image-unsigned-4.4.0-269-tuxcare.els40-lowlatency linux-libc-dev linux-lowlatency linux-modules-4.4.0-269-tuxcare.els40-generic linux-modules-4.4.0-269-tuxcare.els40-lowlatency linux-modules-extra-4.4.0-269-tuxcare.els40-generic linux-source linux-source-4.4.0 linux-tools-4.4.0-269-tuxcare.els40 linux-tools-4.4.0-269-tuxcare.els40-generic linux-tools-4.4.0-269-tuxcare.els40-lowlatency linux-tools-common linux-tools-generic linux-tools-host linux-tools-lowlatency intel-microcode vim vim-athena vim-athena-py2 vim-common vim-doc vim-gnome vim-gnome-py2 vim-gtk vim-gtk-py2 vim-gtk3 vim-gtk3-py2 vim-gui-common vim-nox vim-nox-py2 vim-runtime vim-tiny rsync linux-buildinfo-4.4.0-270-tuxcare.els41-generic linux-buildinfo-4.4.0-270-tuxcare.els41-lowlatency linux-cloud-tools-4.4.0-270-tuxcare.els41 linux-cloud-tools-4.4.0-270-tuxcare.els41-generic linux-cloud-tools-4.4.0-270-tuxcare.els41-lowlatency linux-headers-4.4.0-270-tuxcare.els41 linux-headers-4.4.0-270-tuxcare.els41-generic linux-headers-4.4.0-270-tuxcare.els41-lowlatency linux-image-unsigned-4.4.0-270-tuxcare.els41-generic linux-image-unsigned-4.4.0-270-tuxcare.els41-lowlatency linux-modules-4.4.0-270-tuxcare.els41-generic linux-modules-4.4.0-270-tuxcare.els41-lowlatency linux-modules-extra-4.4.0-270-tuxcare.els41-generic linux-tools-4.4.0-270-tuxcare.els41 linux-tools-4.4.0-270-tuxcare.els41-generic linux-tools-4.4.0-270-tuxcare.els41-lowlatency linux-buildinfo-4.4.0-271-tuxcare.els42-generic linux-buildinfo-4.4.0-271-tuxcare.els42-lowlatency linux-cloud-tools-4.4.0-271-tuxcare.els42 linux-cloud-tools-4.4.0-271-tuxcare.els42-generic linux-cloud-tools-4.4.0-271-tuxcare.els42-lowlatency linux-headers-4.4.0-271-tuxcare.els42 linux-headers-4.4.0-271-tuxcare.els42-generic linux-headers-4.4.0-271-tuxcare.els42-lowlatency linux-image-unsigned-4.4.0-271-tuxcare.els42-generic linux-image-unsigned-4.4.0-271-tuxcare.els42-lowlatency linux-modules-4.4.0-271-tuxcare.els42-generic linux-modules-4.4.0-271-tuxcare.els42-lowlatency linux-modules-extra-4.4.0-271-tuxcare.els42-generic linux-tools-4.4.0-271-tuxcare.els42 linux-tools-4.4.0-271-tuxcare.els42-generic linux-tools-4.4.0-271-tuxcare.els42-lowlatency linux-buildinfo-4.4.0-272-tuxcare.els43-generic linux-buildinfo-4.4.0-272-tuxcare.els43-lowlatency linux-cloud-tools-4.4.0-272-tuxcare.els43 linux-cloud-tools-4.4.0-272-tuxcare.els43-generic linux-cloud-tools-4.4.0-272-tuxcare.els43-lowlatency linux-headers-4.4.0-272-tuxcare.els43 linux-headers-4.4.0-272-tuxcare.els43-generic linux-headers-4.4.0-272-tuxcare.els43-lowlatency linux-image-unsigned-4.4.0-272-tuxcare.els43-generic linux-image-unsigned-4.4.0-272-tuxcare.els43-lowlatency linux-modules-4.4.0-272-tuxcare.els43-generic linux-modules-4.4.0-272-tuxcare.els43-lowlatency linux-modules-extra-4.4.0-272-tuxcare.els43-generic linux-tools-4.4.0-272-tuxcare.els43 linux-tools-4.4.0-272-tuxcare.els43-generic linux-tools-4.4.0-272-tuxcare.els43-lowlatency openvpn ansible linux-buildinfo-4.4.0-273-tuxcare.els44-generic linux-buildinfo-4.4.0-273-tuxcare.els44-lowlatency linux-cloud-tools-4.4.0-273-tuxcare.els44 linux-cloud-tools-4.4.0-273-tuxcare.els44-generic linux-cloud-tools-4.4.0-273-tuxcare.els44-lowlatency linux-headers-4.4.0-273-tuxcare.els44 linux-headers-4.4.0-273-tuxcare.els44-generic linux-headers-4.4.0-273-tuxcare.els44-lowlatency linux-image-unsigned-4.4.0-273-tuxcare.els44-generic linux-image-unsigned-4.4.0-273-tuxcare.els44-lowlatency linux-modules-4.4.0-273-tuxcare.els44-generic linux-modules-4.4.0-273-tuxcare.els44-lowlatency linux-modules-extra-4.4.0-273-tuxcare.els44-generic linux-tools-4.4.0-273-tuxcare.els44 linux-tools-4.4.0-273-tuxcare.els44-generic linux-tools-4.4.0-273-tuxcare.els44-lowlatency linux-buildinfo-4.4.0-274-tuxcare.els45-generic linux-buildinfo-4.4.0-274-tuxcare.els45-lowlatency linux-cloud-tools-4.4.0-274-tuxcare.els45 linux-cloud-tools-4.4.0-274-tuxcare.els45-generic linux-cloud-tools-4.4.0-274-tuxcare.els45-lowlatency linux-headers-4.4.0-274-tuxcare.els45 linux-headers-4.4.0-274-tuxcare.els45-generic linux-headers-4.4.0-274-tuxcare.els45-lowlatency linux-image-unsigned-4.4.0-274-tuxcare.els45-generic linux-image-unsigned-4.4.0-274-tuxcare.els45-lowlatency linux-modules-4.4.0-274-tuxcare.els45-generic linux-modules-4.4.0-274-tuxcare.els45-lowlatency linux-modules-extra-4.4.0-274-tuxcare.els45-generic linux-tools-4.4.0-274-tuxcare.els45 linux-tools-4.4.0-274-tuxcare.els45-generic linux-tools-4.4.0-274-tuxcare.els45-lowlatency linux-buildinfo-4.4.0-275-tuxcare.els46-generic linux-buildinfo-4.4.0-275-tuxcare.els46-lowlatency linux-cloud-tools-4.4.0-275-tuxcare.els46 linux-cloud-tools-4.4.0-275-tuxcare.els46-generic linux-cloud-tools-4.4.0-275-tuxcare.els46-lowlatency linux-headers-4.4.0-275-tuxcare.els46 linux-headers-4.4.0-275-tuxcare.els46-generic linux-headers-4.4.0-275-tuxcare.els46-lowlatency linux-image-unsigned-4.4.0-275-tuxcare.els46-generic linux-image-unsigned-4.4.0-275-tuxcare.els46-lowlatency linux-modules-4.4.0-275-tuxcare.els46-generic linux-modules-4.4.0-275-tuxcare.els46-lowlatency linux-modules-extra-4.4.0-275-tuxcare.els46-generic linux-tools-4.4.0-275-tuxcare.els46 linux-tools-4.4.0-275-tuxcare.els46-generic linux-tools-4.4.0-275-tuxcare.els46-lowlatency linux-cloud-tools-4.4.0-276-tuxcare.els47-lowlatency linux-headers-4.4.0-276-tuxcare.els47-generic linux-image-unsigned-4.4.0-276-tuxcare.els47-generic linux-image-unsigned-4.4.0-276-tuxcare.els47-lowlatency linux-modules-extra-4.4.0-276-tuxcare.els47-generic linux-tools-4.4.0-276-tuxcare.els47 linux-tools-4.4.0-276-tuxcare.els47-lowlatency linux-buildinfo-4.4.0-277-tuxcare.els48-generic linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency linux-cloud-tools-4.4.0-277-tuxcare.els48 linux-cloud-tools-4.4.0-277-tuxcare.els48-generic linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency linux-headers-4.4.0-277-tuxcare.els48 linux-headers-4.4.0-277-tuxcare.els48-generic linux-headers-4.4.0-277-tuxcare.els48-lowlatency linux-image-unsigned-4.4.0-277-tuxcare.els48-generic linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency linux-modules-4.4.0-277-tuxcare.els48-generic linux-modules-4.4.0-277-tuxcare.els48-lowlatency linux-modules-extra-4.4.0-277-tuxcare.els48-generic linux-tools-4.4.0-277-tuxcare.els48 linux-tools-4.4.0-277-tuxcare.els48-generic linux-tools-4.4.0-277-tuxcare.els48-lowlatency libapache2-mod-svn libapache2-svn libsvn-dev libsvn-doc libsvn-java libsvn-perl libsvn-ruby1.8 libsvn1 python-subversion ruby-svn subversion subversion-tools linux-buildinfo-4.4.0-278-tuxcare.els49-generic linux-buildinfo-4.4.0-278-tuxcare.els49-lowlatency linux-cloud-tools-4.4.0-278-tuxcare.els49 linux-cloud-tools-4.4.0-278-tuxcare.els49-generic linux-cloud-tools-4.4.0-278-tuxcare.els49-lowlatency linux-headers-4.4.0-278-tuxcare.els49 linux-headers-4.4.0-278-tuxcare.els49-generic linux-headers-4.4.0-278-tuxcare.els49-lowlatency linux-image-unsigned-4.4.0-278-tuxcare.els49-generic linux-image-unsigned-4.4.0-278-tuxcare.els49-lowlatency linux-modules-4.4.0-278-tuxcare.els49-generic linux-modules-4.4.0-278-tuxcare.els49-lowlatency linux-modules-extra-4.4.0-278-tuxcare.els49-generic linux-tools-4.4.0-278-tuxcare.els49 linux-tools-4.4.0-278-tuxcare.els49-generic linux-tools-4.4.0-278-tuxcare.els49-lowlatency dmidecode gnutls-bin gnutls-doc guile-gnutls libgnutls-dev libgnutls-openssl27 libgnutls28-dev libgnutls30 libgnutlsxx28 linux-buildinfo-4.4.0-279-tuxcare.els50-generic linux-buildinfo-4.4.0-279-tuxcare.els50-lowlatency linux-cloud-tools-4.4.0-279-tuxcare.els50 linux-cloud-tools-4.4.0-279-tuxcare.els50-generic linux-cloud-tools-4.4.0-279-tuxcare.els50-lowlatency linux-headers-4.4.0-279-tuxcare.els50 linux-headers-4.4.0-279-tuxcare.els50-generic linux-headers-4.4.0-279-tuxcare.els50-lowlatency linux-image-unsigned-4.4.0-279-tuxcare.els50-generic linux-image-unsigned-4.4.0-279-tuxcare.els50-lowlatency linux-modules-4.4.0-279-tuxcare.els50-generic linux-modules-4.4.0-279-tuxcare.els50-lowlatency linux-modules-extra-4.4.0-279-tuxcare.els50-generic linux-tools-4.4.0-279-tuxcare.els50 linux-tools-4.4.0-279-tuxcare.els50-generic linux-tools-4.4.0-279-tuxcare.els50-lowlatency linux-buildinfo-4.4.0-280-tuxcare.els51-generic linux-buildinfo-4.4.0-280-tuxcare.els51-lowlatency linux-cloud-tools-4.4.0-280-tuxcare.els51 linux-cloud-tools-4.4.0-280-tuxcare.els51-generic linux-cloud-tools-4.4.0-280-tuxcare.els51-lowlatency linux-headers-4.4.0-280-tuxcare.els51 linux-headers-4.4.0-280-tuxcare.els51-generic linux-headers-4.4.0-280-tuxcare.els51-lowlatency linux-image-unsigned-4.4.0-280-tuxcare.els51-generic linux-image-unsigned-4.4.0-280-tuxcare.els51-lowlatency linux-modules-4.4.0-280-tuxcare.els51-generic linux-modules-4.4.0-280-tuxcare.els51-lowlatency linux-modules-extra-4.4.0-280-tuxcare.els51-generic linux-tools-4.4.0-280-tuxcare.els51 linux-tools-4.4.0-280-tuxcare.els51-generic linux-tools-4.4.0-280-tuxcare.els51-lowlatency dirmngr gnupg-agent gnupg2 gpgsm gpgv2 scdaemon linux-buildinfo-4.4.0-281-tuxcare.els51-generic linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency linux-cloud-tools-4.4.0-281-tuxcare.els51 linux-cloud-tools-4.4.0-281-tuxcare.els51-generic linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency linux-headers-4.4.0-281-tuxcare.els51 linux-headers-4.4.0-281-tuxcare.els51-generic linux-headers-4.4.0-281-tuxcare.els51-lowlatency linux-image-unsigned-4.4.0-281-tuxcare.els51-generic linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency linux-modules-4.4.0-281-tuxcare.els51-generic linux-modules-4.4.0-281-tuxcare.els51-lowlatency linux-modules-extra-4.4.0-281-tuxcare.els51-generic linux-tools-4.4.0-281-tuxcare.els51 linux-tools-4.4.0-281-tuxcare.els51-generic linux-tools-4.4.0-281-tuxcare.els51-lowlatency amd64 0:2.1.0-7ubuntu0.16.04.5+tuxcare.els2 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els31 3:7.4.1689-3ubuntu1.5+tuxcare.els31 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els2 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els2 amd64 0:3.11.0-1ubuntu1.5+tuxcare.els2 0:3.11.0-1ubuntu1.5+tuxcare.els2 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els2 0:3.5.12-1ubuntu7.17+tuxcare.els2 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els32 3:7.4.1689-3ubuntu1.5+tuxcare.els32 amd64 0:3.9.1-1ubuntu0.16.04.2+tuxcare.els1 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els4 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els4 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els3 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els3 amd64 0:2.1.0-7ubuntu0.16.04.5+tuxcare.els3 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els6 0:7.47.0-1ubuntu2.23+tuxcare.els6 amd64 1:2.6.10-0ubuntu1+tuxcare.els2 amd64 0:5.22.1-9ubuntu0.9+tuxcare.els1 0:5.22.1-9ubuntu0.9+tuxcare.els1 amd64 0:3.11.0-1ubuntu1.5+tuxcare.els3 0:3.11.0-1ubuntu1.5+tuxcare.els3 0:1.10.3-0ubuntu0.16.04.8+tuxcare.els3 amd64 0:1.10.3-0ubuntu0.16.04.8+tuxcare.els3 amd64 0:5.7.40-0ubuntu0.16.04.1+tuxcare.els1 0:5.7.40-0ubuntu0.16.04.1+tuxcare.els1 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els5 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els5 amd64 0:1.10.6-1ubuntu3.6+tuxcare.els1 0:1.10.6-1ubuntu3.6+tuxcare.els1 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els7 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els7 amd64 0:4.3.3-5ubuntu12.11+tuxcare.els2 amd64 0:322-1ubuntu1.2+tuxcare.els1 amd64 0:8u352-ga-0ubuntu1~16.04+tuxcare.els1 0:8u352-ga-0ubuntu1~16.04+tuxcare.els1 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els33 3:7.4.1689-3ubuntu1.5+tuxcare.els33 amd64 1:4.2-3.1ubuntu5.5+tuxcare.els2 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[4-9][0-9]|23[6-9])\-tuxcare\.els(\d{2,}|[7-9])(\-\w*)?$) amd64 0:4.4.0-236.270 0:4.4.0-236.270 amd64 0:4.4.0.236.270 0:4.4.0.236.270 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els5 8:6.8.9.9-7ubuntu5.17+tuxcare.els5 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els5 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els5 0:7.0.68-1ubuntu0.4+tuxcare.els2 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els34 3:7.4.1689-3ubuntu1.5+tuxcare.els34 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els4 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els4 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els35 3:7.4.1689-3ubuntu1.5+tuxcare.els35 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els36 3:7.4.1689-3ubuntu1.5+tuxcare.els36 0:2.23-0ubuntu11.5+tuxcare.els5 amd64 0:2.23-0ubuntu11.5+tuxcare.els5 amd64 1:2.27.1-6ubuntu3.10+tuxcare.els1 amd64 0:2.27.1-6ubuntu3.10+tuxcare.els1 0:2.27.1-6ubuntu3.10+tuxcare.els1 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2 amd64 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els1 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els1 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els37 3:7.4.1689-3ubuntu1.5+tuxcare.els37 amd64 0:1.1.8-3.2ubuntu2.3+tuxcare.els1 0:1.1.8-3.2ubuntu2.3+tuxcare.els1 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els8 1:2.4.18-2ubuntu3.17+tuxcare.els8 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els38 3:7.4.1689-3ubuntu1.5+tuxcare.els38 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3 amd64 0:5.7.41-0ubuntu0.16.04.1+tuxcare.els1 0:5.7.41-0ubuntu0.16.04.1+tuxcare.els1 amd64 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els2 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els2 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els9 1:2.4.18-2ubuntu3.17+tuxcare.els9 amd64 0:1.8.16-0ubuntu1.11+tuxcare.els1 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els5 0:1.0.2g-1ubuntu4.21+tuxcare.els5 amd64 0:5.4.0-6ubuntu1~16.04.12+tuxcare.els1 0:5.4.0-6ubuntu1~16.04.12+tuxcare.els1 amd64 1:5.4.0-6ubuntu1~16.04.12+tuxcare.els1 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els1 1:2.7.4-0ubuntu1.10+tuxcare.els1 amd64 2:3.28.4-0ubuntu0.16.04.14+tuxcare.els4 2:3.28.4-0ubuntu0.16.04.14+tuxcare.els4 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els4 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els4 amd64 0:1.28-2.1ubuntu0.2+tuxcare.els1 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els6 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els6 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els8 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els8 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els39 3:7.4.1689-3ubuntu1.5+tuxcare.els39 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els7 0:7.47.0-1ubuntu2.23+tuxcare.els7 amd64 0:3.20230214.0ubuntu0.16.04.1+tuxcare.els1 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4 amd64 0:229-4ubuntu21.33+tuxcare.els1 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els40 3:7.4.1689-3ubuntu1.5+tuxcare.els40 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els10 1:2.4.18-2ubuntu3.17+tuxcare.els10 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els5 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els5 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els41 3:7.4.1689-3ubuntu1.5+tuxcare.els41 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els2 1:2.7.4-0ubuntu1.10+tuxcare.els2 amd64 0:3.7.6-1ubuntu1+tuxcare.els1 amd64 2:3.28.4-0ubuntu0.16.04.14+tuxcare.els5 2:3.28.4-0ubuntu0.16.04.14+tuxcare.els5 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els8 0:7.47.0-1ubuntu2.23+tuxcare.els8 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els6 8:6.8.9.9-7ubuntu5.17+tuxcare.els6 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[4-9][0-9]|23[8-9])\-tuxcare\.els(\d{2,}|9)(\-\w*)?$) amd64 0:4.4.0-238.272 0:4.4.0-238.272 amd64 0:4.4.0.238.272 0:4.4.0.238.272 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els6 0:1.0.2g-1ubuntu4.21+tuxcare.els6 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els3 1:2.7.4-0ubuntu1.10+tuxcare.els3 amd64 0:5.7.42-0ubuntu0.16.04.1+tuxcare.els1 0:5.7.42-0ubuntu0.16.04.1+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[0-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[1-9])(\-\w*)?$) amd64 0:4.4.0-240.274 0:4.4.0-240.274 0:11.2.0-1ubuntu0.3+tuxcare.els1 amd64 0:11.2.0-1ubuntu0.3+tuxcare.els1 0:11.2.0-1ubuntu0.3+tuxcare.els2 amd64 0:11.2.0-1ubuntu0.3+tuxcare.els2 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els42 3:7.4.1689-3ubuntu1.5+tuxcare.els42 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els43 3:7.4.1689-3ubuntu1.5+tuxcare.els43 amd64 0:5.22.1-9ubuntu0.9+tuxcare.els2 0:5.22.1-9ubuntu0.9+tuxcare.els2 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els7 0:1.0.2g-1ubuntu4.21+tuxcare.els7 amd64 0:1.4.20-1ubuntu3.3+tuxcare.els1 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els6 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els6 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els9 0:7.47.0-1ubuntu2.23+tuxcare.els9 0:4.86.2-2ubuntu2.6+tuxcare.els3 amd64 0:4.86.2-2ubuntu2.6+tuxcare.els3 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[1-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[2-9])(\-\w*)?$) amd64 0:4.4.0-241.275 0:4.4.0-241.275 amd64 1:2.24-12+tuxcare.els1 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els11 1:2.4.18-2ubuntu3.17+tuxcare.els11 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els2 0:2.1.3-4ubuntu0.11+tuxcare.els2 amd64 0:8u372-ga-0ubuntu1~16.04+tuxcare.els1 0:8u372-ga-0ubuntu1~16.04+tuxcare.els1 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els7 8:6.8.9.9-7ubuntu5.17+tuxcare.els7 amd64 0:1.8.16-0ubuntu1.11+tuxcare.els2 amd64 0:2.4.42+dfsg-2ubuntu3.13.tuxcare.els2 amd64 0:5.22.1-9ubuntu0.9+tuxcare.els3 0:5.22.1-9ubuntu0.9+tuxcare.els3 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els7 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els7 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els9 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els9 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[2-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[3-9])(\-\w*)?$) amd64 0:4.4.0-242.276 0:4.4.0-242.276 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els3 0:2.1.3-4ubuntu0.11+tuxcare.els3 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5 amd64 2:7.2p2-4ubuntu2.10+tuxcare.els2 2:7.2p2-4ubuntu2.10+tuxcare.els2 amd64 0:3.20230719.1ubuntu0.16.04.2+tuxcare.els1 amd64 0:2.3.1-4.1+tuxcare.els1 amd64 1:3.3.6-4.1+tuxcare.els1 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els6 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els6 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[3-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[4-9])(\-\w*)?$) amd64 0:4.4.0-243.277 0:4.4.0-243.277 amd64 0:3.20230808.0ubuntu0.16.04.1+tuxcare.els1 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els8 0:1.0.2g-1ubuntu4.21+tuxcare.els8 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[4-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[5-9])(\-\w*)?$) amd64 0:4.4.0-244.278 0:4.4.0-244.278 amd64 2:1.22.0-15ubuntu1.4+tuxcare.els4 2:1.22.0-15ubuntu1.4+tuxcare.els4 amd64 0:3.20230808.1ubuntu0.16.04.2+tuxcare.els1 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els8 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els8 amd64 0:8u372-ga-0ubuntu1~16.04+tuxcare.els2 0:8u372-ga-0ubuntu1~16.04+tuxcare.els2 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els8 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els8 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els10 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els10 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[5-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[6-9])(\-\w*)?$) amd64 0:4.4.0-245.279 0:4.4.0-245.279 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els44 3:7.4.1689-3ubuntu1.5+tuxcare.els44 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els5 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els5 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els46 3:7.4.1689-3ubuntu1.5+tuxcare.els46 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els9 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els9 amd64 0:1.5.0-2ubuntu0.1+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[6-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[7-9])(\-\w*)?$) amd64 0:4.4.0-246.280 0:4.4.0-246.280 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els10 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els10 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els9 8:6.8.9.9-7ubuntu5.17+tuxcare.els9 amd64 0:1.4.25-2ubuntu1.5+tuxcare.els1 amd64 0:0.4.4-1+tuxcare.els1 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els11 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els11 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els10 0:7.47.0-1ubuntu2.23+tuxcare.els10 0:4.86.2-2ubuntu2.6+tuxcare.els4 amd64 0:4.86.2-2ubuntu2.6+tuxcare.els4 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els9 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els9 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els12 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els12 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els4 0:2.1.3-4ubuntu0.11+tuxcare.els4 amd64 0:2.48.2-0ubuntu4.8+tuxcare.els2 0:2.48.2-0ubuntu4.8+tuxcare.els2 0:1.10.3-0ubuntu0.16.04.8+tuxcare.els4 amd64 0:1.10.3-0ubuntu0.16.04.8+tuxcare.els4 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[7-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|1[8-9])(\-\w*)?$) amd64 0:4.4.0-247.281 0:4.4.0-247.281 amd64 0:0.99.24.1-2ubuntu1.4+tuxcare.els1 0:0.99.24.1-2ubuntu1.4+tuxcare.els1 amd64 1:1.2.8.dfsg-2ubuntu4.3+tuxcare.els3 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|24[8-9])\-tuxcare\.els(\d{3,}|[2-9][0-9]|19)(\-\w*)?$) amd64 0:4.4.0-248.282 0:4.4.0-248.282 amd64 0:1.10.6-1ubuntu3.6+tuxcare.els2 0:1.10.6-1ubuntu3.6+tuxcare.els2 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els47 3:7.4.1689-3ubuntu1.5+tuxcare.els47 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els12 1:2.4.18-2ubuntu3.17+tuxcare.els12 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els12 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els12 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els11 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els11 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els48 3:7.4.1689-3ubuntu1.5+tuxcare.els48 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els5 0:2.1.3-4ubuntu0.11+tuxcare.els5 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els7 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els7 0:4.86.2-2ubuntu2.6+tuxcare.els5 amd64 0:4.86.2-2ubuntu2.6+tuxcare.els5 amd64 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els3 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els3 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els3 0:3.5.12-1ubuntu7.17+tuxcare.els3 amd64 0:8u382-ga-0ubuntu1~16.04+tuxcare.els1 0:8u382-ga-0ubuntu1~16.04+tuxcare.els1 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els9 0:1.0.2g-1ubuntu4.21+tuxcare.els9 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6 0:1.157.23+tuxcare.els1 amd64 0:1.3.3-1ubuntu0.16.04.1+tuxcare.els1 amd64 2:3.3.10-4ubuntu2.5+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[5-9][0-9]|249)\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[0-9])(\-\w*)?$) amd64 0:4.4.0-249.283 0:4.4.0-249.283 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els10 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els10 amd64 0:3.20231114.0ubuntu0.16.04.1+tuxcare.els1 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els4 0:3.5.12-1ubuntu7.17+tuxcare.els4 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els11 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els11 amd64 0:5.7.44-0ubuntu0.16.04.1+tuxcare.els1 0:5.7.44-0ubuntu0.16.04.1+tuxcare.els1 amd64 0:1.6.3-1ubuntu0.3+tuxcare.els1 0:1.6.3-1ubuntu0.3+tuxcare.els1 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els5 0:3.5.12-1ubuntu7.17+tuxcare.els5 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els13 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els13 amd64 2:7.2p2-4ubuntu2.10+tuxcare.els4 2:7.2p2-4ubuntu2.10+tuxcare.els4 amd64 0:8u392-ga-0ubuntu1~16.04+tuxcare.els1 0:8u392-ga-0ubuntu1~16.04+tuxcare.els1 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els49 3:7.4.1689-3ubuntu1.5+tuxcare.els49 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[0-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[1-9])(\-\w*)?$) amd64 0:4.4.0-250.284 0:4.4.0-250.284 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els6 0:3.5.12-1ubuntu7.17+tuxcare.els6 amd64 0:1.28-2.1ubuntu0.2+tuxcare.els2 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[1-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[2-9])(\-\w*)?$) amd64 0:4.4.0-251.285 0:4.4.0-251.285 amd64 2:7.2p2-4ubuntu2.10+tuxcare.els5 2:7.2p2-4ubuntu2.10+tuxcare.els5 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els6 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els6 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7 0:4.86.2-2ubuntu2.6+tuxcare.els6 amd64 0:4.86.2-2ubuntu2.6+tuxcare.els6 0:2.23-0ubuntu11.5+tuxcare.els6 amd64 0:2.23-0ubuntu11.5+tuxcare.els6 amd64 0:0.6.3-4.3ubuntu0.6+tuxcare.els1 0:0.6.3-4.3ubuntu0.6+tuxcare.els1 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els10 8:6.8.9.9-7ubuntu5.17+tuxcare.els10 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els10 0:1.0.2g-1ubuntu4.21+tuxcare.els10 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els7 0:3.5.12-1ubuntu7.17+tuxcare.els7 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els50 3:7.4.1689-3ubuntu1.5+tuxcare.els50 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els11 0:7.47.0-1ubuntu2.23+tuxcare.els11 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els11 0:1.0.2g-1ubuntu4.21+tuxcare.els11 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[3-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[4-9])(\-\w*)?$) amd64 0:4.4.0-253.287 0:4.4.0-253.287 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els7 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els7 amd64 0:1.1.8-3.2ubuntu2.3+tuxcare.els2 0:1.1.8-3.2ubuntu2.3+tuxcare.els2 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els12 0:7.47.0-1ubuntu2.23+tuxcare.els12 amd64 0:2.3.1-4.1+tuxcare.els2 amd64 0:481-2.1ubuntu0.2+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[4-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[5-9])(\-\w*)?$) amd64 0:4.4.0-254.288 0:4.4.0-254.288 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els8 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els8 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[5-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[6-9])(\-\w*)?$) amd64 0:4.4.0-255.289 0:4.4.0-255.289 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els9 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els9 amd64 0:481-2.1ubuntu0.2+tuxcare.els2 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[6-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[7-9])(\-\w*)?$) amd64 0:4.4.0-256.290 0:4.4.0-256.290 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els8 0:3.5.12-1ubuntu7.17+tuxcare.els8 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[7-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|2[8-9])(\-\w*)?$) amd64 0:4.4.0-257.291 0:4.4.0-257.291 0:2.23-0ubuntu11.5+tuxcare.els7 amd64 0:2.23-0ubuntu11.5+tuxcare.els7 amd64 2:3.3.10-4ubuntu2.5+tuxcare.els2 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els10 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els10 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|25[8-9])\-tuxcare\.els(\d{3,}|[3-9][0-9]|29)(\-\w*)?$) amd64 0:4.4.0-258.292 0:4.4.0-258.292 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[6-9][0-9]|259)\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[0-9])(\-\w*)?$) amd64 0:4.4.0-259.293 0:4.4.0-259.293 0:2.23-0ubuntu11.5+tuxcare.els8 amd64 0:2.23-0ubuntu11.5+tuxcare.els8 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els12 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els12 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[0-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[1-9])(\-\w*)?$) amd64 0:4.4.0-260.294 0:4.4.0-260.294 amd64 0:7.11.1-0ubuntu1~16.5+tuxcare.els1 0:7.11.1-0ubuntu1~16.5+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[1-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[2-9])(\-\w*)?$) amd64 0:4.4.0-261.295 0:4.4.0-261.295 amd64 0:3.20240514.0ubuntu0.16.04.1+tuxcare.els1 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els13 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els13 amd64 0:1.17.1-1ubuntu1.5+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[2-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[3-9])(\-\w*)?$) amd64 0:4.4.0-262.296 0:4.4.0-262.296 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[3-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[4-9])(\-\w*)?$) amd64 0:4.4.0-263.297 0:4.4.0-263.297 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els14 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els14 0:8.0.32-1ubuntu1.13+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[4-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[5-9])(\-\w*)?$) amd64 0:4.4.0-264.298 0:4.4.0-264.298 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els15 1:2.4.18-2ubuntu3.17+tuxcare.els15 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els9 0:3.5.12-1ubuntu7.17+tuxcare.els9 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els4 1:2.7.4-0ubuntu1.10+tuxcare.els4 amd64 0:7.47.0-1ubuntu2.23+tuxcare.els13 0:7.47.0-1ubuntu2.23+tuxcare.els13 amd64 0:2.1.0-7ubuntu0.16.04.5+tuxcare.els5 amd64 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els4 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els4 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[5-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[6-9])(\-\w*)?$) amd64 0:4.4.0-265.299 0:4.4.0-265.299 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els14 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els14 amd64 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9 2:9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els8 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els8 amd64 0:3.20240811.1ubuntu0.16.04.2+tuxcare.els1 amd64 0:3.20240813.0ubuntu0.16.04.1+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[6-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[7-9])(\-\w*)?$) amd64 0:4.4.0-266.300 0:4.4.0-266.300 amd64 0:3.20240910.0ubuntu0.16.04.1+tuxcare.els1 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els51 3:7.4.1689-3ubuntu1.5+tuxcare.els51 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els11 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els11 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els15 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els15 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els15 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els15 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els52 3:7.4.1689-3ubuntu1.5+tuxcare.els52 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els12 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els12 0:1.10.3-0ubuntu0.16.04.8+tuxcare.els5 amd64 0:1.10.3-0ubuntu0.16.04.8+tuxcare.els5 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els11 8:6.8.9.9-7ubuntu5.17+tuxcare.els11 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els12 8:6.8.9.9-7ubuntu5.17+tuxcare.els12 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els13 8:6.8.9.9-7ubuntu5.17+tuxcare.els13 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els14 8:6.8.9.9-7ubuntu5.17+tuxcare.els14 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els5 1:2.7.4-0ubuntu1.10+tuxcare.els5 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els6 1:2.7.4-0ubuntu1.10+tuxcare.els6 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els15 8:6.8.9.9-7ubuntu5.17+tuxcare.els15 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els16 8:6.8.9.9-7ubuntu5.17+tuxcare.els16 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els7 1:2.7.4-0ubuntu1.10+tuxcare.els7 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[7-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|3[8-9])(\-\w*)?$) amd64 0:4.4.0-267.301 0:4.4.0-267.301 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els17 8:6.8.9.9-7ubuntu5.17+tuxcare.els17 amd64 0:2.48.2-0ubuntu4.8+tuxcare.els3 0:2.48.2-0ubuntu4.8+tuxcare.els3 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els18 8:6.8.9.9-7ubuntu5.17+tuxcare.els18 amd64 0:8u432-ga-0ubuntu1~16.04+tuxcare.els1 0:8u432-ga-0ubuntu1~16.04+tuxcare.els1 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els20 8:6.8.9.9-7ubuntu5.17+tuxcare.els20 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els10 0:3.5.12-1ubuntu7.17+tuxcare.els10 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|26[8-9])\-tuxcare\.els(\d{3,}|[4-9][0-9]|39)(\-\w*)?$) amd64 0:4.4.0-268.302 0:4.4.0-268.302 amd64 0:1.6.3-1ubuntu0.3+tuxcare.els2 0:1.6.3-1ubuntu0.3+tuxcare.els2 0:2.6-1+tuxcare.els1 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els16 amd64 0:2.7.12-1ubuntu0~16.04.18+tuxcare.els16 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els13 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els13 0:1.157.23+tuxcare.els2 amd64 0:2.1.0-7ubuntu0.16.04.5+tuxcare.els6 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els14 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els14 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[7-9][0-9]|269)\-tuxcare\.els(\d{3,}|[5-9][0-9]|4[0-9])(\-\w*)?$) amd64 0:4.4.0-269.303 0:4.4.0-269.303 amd64 0:4.4.0.269.303 0:4.4.0.269.303 amd64 0:3.20241112.0ubuntu0.16.04.1+tuxcare.els1 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els53 3:7.4.1689-3ubuntu1.5+tuxcare.els53 amd64 0:3.1.1-3ubuntu1.3+tuxcare.els5 amd64 0:3.1.1-3ubuntu1.3+tuxcare.els6 amd64 0:3.1.1-3ubuntu1.3+tuxcare.els7 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[8-9][0-9]|27[0-9])\-tuxcare\.els(\d{3,}|[5-9][0-9]|4[1-9])(\-\w*)?$) amd64 0:4.4.0-270.304 0:4.4.0-270.304 amd64 0:4.4.0.270.304 0:4.4.0.270.304 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[8-9][0-9]|27[1-9])\-tuxcare\.els(\d{3,}|[5-9][0-9]|4[2-9])(\-\w*)?$) amd64 0:4.4.0-271.305 0:4.4.0-271.305 amd64 0:4.4.0.271.305 0:4.4.0.271.305 amd64 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els5 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els5 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els16 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els16 0:2.23-0ubuntu11.5+tuxcare.els9 amd64 0:2.23-0ubuntu11.5+tuxcare.els9 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els17 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els17 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els6 0:2.1.3-4ubuntu0.11+tuxcare.els6 amd64 0:3.20250211.0ubuntu0.16.04.1+tuxcare.els1 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8 (^4\.4\.0\-(\d{4,}|[3-9][0-9][0-9]|2[8-9][0-9]|27[2-9])\-tuxcare\.els(\d{3,}|[5-9][0-9]|4[3-9])(\-\w*)?$) amd64 0:4.4.0-272.306 0:4.4.0-272.306 amd64 0:4.4.0.272.306 0:4.4.0.272.306 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els13 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els13 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els18 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els18 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els9 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els9 amd64 2:7.2p2-4ubuntu2.10+tuxcare.els7 2:7.2p2-4ubuntu2.10+tuxcare.els7 amd64 0:2.3.10-1ubuntu2.2+tuxcare.els2 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els1 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els2 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|27[3-9])\-tuxcare\.els(\d{3,}|[5-9]\d|4[4-9])(\-\w*)?$) amd64 0:4.4.0-273.307 0:4.4.0-273.307 amd64 0:4.4.0.273.307 0:4.4.0.273.307 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els4 amd64 0:2.3.10-1ubuntu2.2+tuxcare.els3 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els20 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els20 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els5 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|27[4-9])\-tuxcare\.els(\d{3,}|[5-9]\d|4[5-9])(\-\w*)?$) amd64 0:4.4.0-274.308 0:4.4.0-274.308 amd64 0:4.4.0.274.308 0:4.4.0.274.308 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els10 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els10 amd64 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els12 0:9.5.25-0ubuntu0.16.04.1+tuxcare.els12 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els8 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els11 0:2.1.1.0-1~ubuntu16.04.1+tuxcare.els12 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|27[5-9])\-tuxcare\.els(\d{3,}|[5-9]\d|4[6-9])(\-\w*)?$) amd64 0:4.4.0-275.309 0:4.4.0-275.309 amd64 0:8u452-ga-0ubuntu1~16.04+tuxcare.els1 0:8u452-ga-0ubuntu1~16.04+tuxcare.els1 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|27[6-9])\-tuxcare\.els(\d{3,}|[5-9]\d|4[7-9])(\-\w*)?$) amd64 0:4.4.0-276.310 0:4.4.0-276.310 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els8 1:2.7.4-0ubuntu1.10+tuxcare.els8 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10 amd64 0:1.8.16-0ubuntu1.11+tuxcare.els3 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|27[7-9])\-tuxcare\.els(\d{3,}|[5-9]\d|4[8-9])(\-\w*)?$) amd64 0:4.4.0-277.311 0:4.4.0-277.311 amd64 0:3.11.0-1ubuntu1.5+tuxcare.els4 0:3.11.0-1ubuntu1.5+tuxcare.els4 amd64 0:3.20250512.0ubuntu0.16.04.1+tuxcare.els1 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els9 1:2.7.4-0ubuntu1.10+tuxcare.els9 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els10 1:2.7.4-0ubuntu1.10+tuxcare.els10 amd64 0:1.9.3-2ubuntu1.3+tuxcare.els2 0:1.9.3-2ubuntu1.3+tuxcare.els2 amd64 0:8u462-ga-0ubuntu1~16.04+tuxcare.els1 0:8u462-ga-0ubuntu1~16.04+tuxcare.els1 amd64 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els6 0:1.13.2+dfsg-5ubuntu2.2+tuxcare.els6 amd64 0:3.11.0-1ubuntu1.5+tuxcare.els5 0:3.11.0-1ubuntu1.5+tuxcare.els5 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els54 3:7.4.1689-3ubuntu1.5+tuxcare.els54 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els18 1:2.4.18-2ubuntu3.17+tuxcare.els18 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els14 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els14 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els15 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els15 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els11 0:3.5.12-1ubuntu7.17+tuxcare.els11 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els21 8:6.8.9.9-7ubuntu5.17+tuxcare.els21 amd64 1:2.4.18-2ubuntu3.17+tuxcare.els16 1:2.4.18-2ubuntu3.17+tuxcare.els16 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els16 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els16 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|27[8-9])\-tuxcare\.els(\d{3,}|[5-9]\d|49)(\-\w*)?$) amd64 0:4.4.0-278.312 0:4.4.0-278.312 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els21 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els21 amd64 0:3.0-2ubuntu0.2+tuxcare.els1 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els22 8:6.8.9.9-7ubuntu5.17+tuxcare.els22 amd64 0:0.6.3-4.3ubuntu0.6+tuxcare.els2 0:0.6.3-4.3ubuntu0.6+tuxcare.els2 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els23 8:6.8.9.9-7ubuntu5.17+tuxcare.els23 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7 amd64 0:3.4.10-4ubuntu1.9+tuxcare.els1 0:3.4.10-4ubuntu1.9+tuxcare.els1 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els8 0:2.1.3-4ubuntu0.11+tuxcare.els8 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els24 8:6.8.9.9-7ubuntu5.17+tuxcare.els24 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els9 0:2.1.3-4ubuntu0.11+tuxcare.els9 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els25 8:6.8.9.9-7ubuntu5.17+tuxcare.els25 amd64 0:1.1.8-3.2ubuntu2.3+tuxcare.els3 0:1.1.8-3.2ubuntu2.3+tuxcare.els3 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els17 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els17 amd64 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13 0:2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els15 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els15 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els28 8:6.8.9.9-7ubuntu5.17+tuxcare.els28 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|2[8-9]\d|279)\-tuxcare\.els(\d{3,}|[6-9]\d|5[0-9])(\-\w*)?$) amd64 0:4.4.0-279.313 0:4.4.0-279.313 amd64 0:4.4.0.279.313 0:4.4.0.279.313 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els16 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els16 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els55 3:7.4.1689-3ubuntu1.5+tuxcare.els55 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els12 0:3.5.12-1ubuntu7.17+tuxcare.els12 (^4\.4\.0\-(\d{4,}|[3-9]\d{2}|29\d|28[0-9])\-tuxcare\.els(\d{3,}|[6-9]\d|5[1-9])(\-\w*)?$) amd64 0:4.4.0-280.314 0:4.4.0-280.314 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els29 8:6.8.9.9-7ubuntu5.17+tuxcare.els29 0:2.6-1+tuxcare.els2 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els17 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els17 amd64 0:8u472-ga-0ubuntu1~16.04+tuxcare.els1 0:8u472-ga-0ubuntu1~16.04+tuxcare.els1 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els18 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els18 amd64 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els19 0:7.0.33-0ubuntu0.16.04.17+tuxcare.els19 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els19 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els19 amd64 0:2.1.3-4ubuntu0.11+tuxcare.els10 0:2.1.3-4ubuntu0.11+tuxcare.els10 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els11 1:2.7.4-0ubuntu1.10+tuxcare.els11 amd64 0:2.1.11-6ubuntu2.1+tuxcare.els2 amd64 1:2.7.4-0ubuntu1.10+tuxcare.els12 1:2.7.4-0ubuntu1.10+tuxcare.els12 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els12 0:1.0.2g-1ubuntu4.21+tuxcare.els12 amd64 0:2.1.0-7ubuntu0.16.04.5+tuxcare.els7 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els30 8:6.8.9.9-7ubuntu5.17+tuxcare.els30 amd64 0:1.0.2g-1ubuntu4.21+tuxcare.els13 0:1.0.2g-1ubuntu4.21+tuxcare.els13 amd64 0:1.4.20-1ubuntu3.3+tuxcare.els2 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els31 8:6.8.9.9-7ubuntu5.17+tuxcare.els31 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els22 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els22 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els23 amd64 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els23 amd64 0:8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1 0:8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1 amd64 0:2.48.2-0ubuntu4.8+tuxcare.els5 0:2.48.2-0ubuntu4.8+tuxcare.els5 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els32 8:6.8.9.9-7ubuntu5.17+tuxcare.els32 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els58 3:7.4.1689-3ubuntu1.5+tuxcare.els58 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9 2:4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els33 8:6.8.9.9-7ubuntu5.17+tuxcare.els33 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els34 8:6.8.9.9-7ubuntu5.17+tuxcare.els34 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els35 8:6.8.9.9-7ubuntu5.17+tuxcare.els35 amd64 0:0.6.3-4.3ubuntu0.6+tuxcare.els3 0:0.6.3-4.3ubuntu0.6+tuxcare.els3 amd64 0:2.1.0-7ubuntu0.16.04.5+tuxcare.els8 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els38 8:6.8.9.9-7ubuntu5.17+tuxcare.els38 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els39 8:6.8.9.9-7ubuntu5.17+tuxcare.els39 amd64 3:7.4.1689-3ubuntu1.5+tuxcare.els61 3:7.4.1689-3ubuntu1.5+tuxcare.els61 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els40 8:6.8.9.9-7ubuntu5.17+tuxcare.els40 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els41 8:6.8.9.9-7ubuntu5.17+tuxcare.els41 amd64 8:6.8.9.9-7ubuntu5.17+tuxcare.els42 8:6.8.9.9-7ubuntu5.17+tuxcare.els42 amd64 0:3.5.12-1ubuntu7.17+tuxcare.els13 0:3.5.12-1ubuntu7.17+tuxcare.els13 (^4\.4\.0\-(?:\d{4,}|[3-9]\d{2}|29\d|28[1-9])\-tuxcare\.els(?:\d{3,}|[6-9]\d|5[1-9])(\-\w*)?$) amd64 0:4.4.0-281.315 0:4.4.0-281.315 amd64 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els20 0:2.26.1-1ubuntu1~16.04.10+tuxcare.els20 amd64 0:0.6.3-4.3ubuntu0.6+tuxcare.els4 0:0.6.3-4.3ubuntu0.6+tuxcare.els4