<?xml version='1.0' encoding='UTF-8'?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0"><channel><title>Ubuntu security notices</title><link>https://ubuntu.com/security/notices/rss.xml</link><description>Recent content on Ubuntu security notices</description><atom:link href="https://ubuntu.com/security/notices/rss.xml" rel="self"/><copyright>2026 Canonical Ltd. Ubuntu and Canonical are registered trademarks of Canonical Ltd.</copyright><docs>http://www.rssboard.org/rss-specification</docs><generator>Feedgen</generator><lastBuildDate>Fri, 17 Jul 2026 02:37:23 +0000</lastBuildDate><item><title>USN-8477-2: tar regression</title><link>https://ubuntu.com/security/notices/USN-8477-2</link><description>USN-8477-1 fixed a vulnerability in tar. The update introduced a regression
that could cause tar to fail to extract certain valid files.
This update fixes the problem.

Original advisory details:

 It was discovered that tar incorrectly handled certain crafted archive files.
 An attacker could possibly use this to inject hidden files with
 attacker-controlled content, bypassing pre-extraction inspection mechanisms.</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8477-2</guid><pubDate>Thu, 16 Jul 2026 20:05:33 +0000</pubDate></item><item><title>USN-8557-1: Authlib vulnerabilities</title><link>https://ubuntu.com/security/notices/USN-8557-1</link><description>Jay Neiva and Mauro Carrillo discovered that Authlib did not properly
validate cryptographic keys embedded in JWT headers. An attacker could
possibly use this issue to forge trusted tokens, resulting in
authentication and authorization bypass. (CVE-2026-27962)

Jay Neiva and Mauro Carrillo discovered that Authlib incorrectly handled
RSA1_5 encrypted tokens. An attacker could possibly use this issue to
recover sensitive encrypted information, resulting in information
disclosure. (CVE-2026-28490)

Jay Neiva and Mauro Carrillo discovered that Authlib did not properly
reject unsupported cryptographic algorithms when validating OpenID
Connect ID tokens. An attacker could possibly use this issue to bypass
token integrity checks, resulting in authentication bypass.
(CVE-2026-28498)

Johnny Deuss discovered that Authlib did not provide cross-site request
forgery protection for the OAuth cache feature in its Starlette
integration. An attacker could possibly use this issue to perform
unauthorized OAuth actions, resulting in cross-site request forgery.
This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS.
(CVE-2026-41425)</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8557-1</guid><pubDate>Thu, 16 Jul 2026 17:44:41 +0000</pubDate></item><item><title>USN-8556-1: Ruby vulnerabilities</title><link>https://ubuntu.com/security/notices/USN-8556-1</link><description>It was discovered that the Net::IMAP client in Ruby did not properly
sanitize Symbol arguments passed to IMAP commands. A remote attacker
controlling a malicious IMAP server, or able to influence command
arguments, could use this to inject arbitrary IMAP commands via CRLF
sequences. (CVE-2026-42258)

It was discovered that the Zlib::GzipReader in Ruby did not correctly
ensure sufficient buffer capacity in the zstream_buffer_ungets function.
An attacker could use this to craft a gzip stream that, when processed,
could cause a buffer overflow, resulting in memory corruption and possibly
arbitrary code execution. (CVE-2026-27820)</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8556-1</guid><pubDate>Thu, 16 Jul 2026 13:54:42 +0000</pubDate></item><item><title>USN-8555-1: Ubuntu Advantage Tools (pro client) vulnerabilities</title><link>https://ubuntu.com/security/notices/USN-8555-1</link><description>Bilal Teke discovered that Ubuntu Advantage Tools exposed the Pro bearer
token in command-line arguments when validating APT credentials. A local
attacker could possibly use this issue to obtain sensitive information
and gain unauthorized access to Ubuntu Pro repositories. (CVE-2026-9494)

Frederick Jerusha discovered that Ubuntu Advantage Tools did not properly
validate data received from the contract server when writing APT source
files. An attacker could possibly use this issue to inject arbitrary APT
configuration and execute arbitrary code. (CVE-2026-11386)

Mateusz Gierblinski discovered that Ubuntu Advantage Tools did not
properly handle symbolic links when collecting diagnostic logs. A local
attacker could possibly use this issue to obtain sensitive information
from files owned by the administrator. This issue only affected Ubuntu
16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-12391)</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8555-1</guid><pubDate>Thu, 16 Jul 2026 12:59:08 +0000</pubDate></item><item><title>USN-8554-1: NTFS-3G vulnerabilities</title><link>https://ubuntu.com/security/notices/USN-8554-1</link><description>It was discovered that NTFS-3G had a heap buffer overflow when reading
certain NTFS images. A local attacker could possibly use this issue to
execute arbitrary code. (CVE-2026-42616)

It was discovered that NTFS-3G had multiple heap buffer overflows when
processing certain NTFS images. A local attacker could possibly use these
issues to execute arbitrary code. (CVE-2026-42617, CVE-2026-42618,
CVE-2026-46569, CVE-2026-46570, CVE-2026-46572, CVE-2026-56135)

It was discovered that NTFS-3G had out-of-bounds reads when processing
certain NTFS images. A local attacker could possibly use these issues to
obtain sensitive information. (CVE-2026-46571, CVE-2026-56136)</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8554-1</guid><pubDate>Thu, 16 Jul 2026 11:44:54 +0000</pubDate></item><item><title>USN-8553-1: .NET vulnerabilities</title><link>https://ubuntu.com/security/notices/USN-8553-1</link><description>Artur Stetsko discovered that the .NET did not properly validate
authentication data. An attacker could possibly use this issue to elevate
privileges. (CVE-2026-47300)

Levi Broderick discovered that .NET did not properly handle XML encryption
during parsing. An attacker could possibly use this issue to consume
excessive resources, resulting in a denial of service. (CVE-2026-47302)

Pham Quang Minh discovered that .NET did not properly parse
authentication data. An attacker could possibly use this issue to bypass
authentication and elevate privileges. (CVE-2026-47303)

Levi Broderick discovered that .NET did not properly verify cryptographic
signatures during XML encryption. An attacker could possibly use this issue
to bypass security features over a network and access encrypted data.
(CVE-2026-47304)

It was discovered that .NET did not properly validate input during TLS
handshakes. An attacker could possibly use this issue to cause .NET to
crash, resulting in a denial of service. (CVE-2026-50524)

Levi Broderick discovered that .NET did not properly handle resource
allocation during XML encryption. An attacker could possibly use this issue
to consume excessive resources, resulting in a denial of service.
(CVE-2026-50525)

Siwei Li discovered that .NET did not properly handle link resolution
before file access during the container image build process. A local
attacker could possibly use this issue to inject resources that could be
incorporated into container images built by other users on the same
machine. (CVE-2026-50526)

Levi Broderick discovered that .NET did not properly handle memory while
performing XML encryption. An attacker could possibly use this issue to
cause .NET to crash, resulting in a denial of service. (CVE-2026-50527)

Henrique Pereira discovered that .NET did not properly handle
authorization checks during TLS/SSL connections. An attacker could
possibly use this issue to bypass authorization checks during secure
communications. (CVE-2026-50528)

It was discovered that .NET did not properly handle resource allocation
during XML encryption. An attacker could possibly use this issue to
consume excessive resources, resulting in a denial of service.
(CVE-2026-50648)

Miha Zupan discovered that .NET did not properly limit resource
allocation when handling HTTP/2 requests. An attacker could possibly use
this issue to consume excessive resources, resulting in a denial of
service. (CVE-2026-50651)

It was discovered that the .NET SMTP client did not properly handle the
encoding or escaping of output. An attacker could possibly use this issue
to spoof messages during message routing. (CVE-2026-50659)

It was discovered that .NET did not properly validate resource types when
parsing X.509 certificates. An attacker could possibly use this issue to
cause .NET to crash, resulting in a denial of service. (CVE-2026-57108)</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8553-1</guid><pubDate>Wed, 15 Jul 2026 17:13:59 +0000</pubDate></item><item><title>USN-8552-1: Sympa vulnerability</title><link>https://ubuntu.com/security/notices/USN-8552-1</link><description>It was discovered that Sympa did not properly validate input on the
generic SSO login. A remote attacker could possibly use this issue to
perform a path traversal attack and gain unintended access.</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8552-1</guid><pubDate>Wed, 15 Jul 2026 14:50:01 +0000</pubDate></item><item><title>USN-8551-1: Tomcat vulnerabilities</title><link>https://ubuntu.com/security/notices/USN-8551-1</link><description>It was discovered that Tomcat incorrectly handled authorization when
multiple method constraints defined the same HTTP method. A remote
attacker could possibly use this issue to bypass authorization
restrictions. (CVE-2026-43515)

It was discovered that the Tomcat number guess example application did
not properly sanitize user-supplied input. An attacker could possibly
use this issue to inject malicious scripts, resulting in cross-site
scripting. (CVE-2026-50229)

It was discovered that Tomcat incorrectly evaluated rewrite valve
conditions in certain configurations. An attacker could possibly use
this issue to bypass rewrite rules, resulting in unauthorized access.
(CVE-2026-53404)

It was discovered that Tomcat incorrectly omitted certain authorization
information when logging the effective web.xml configuration. An
attacker could possibly use this issue to hide authorization
constraints, resulting in reduced auditability. (CVE-2026-55276)</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8551-1</guid><pubDate>Wed, 15 Jul 2026 14:15:28 +0000</pubDate></item><item><title>USN-8550-1: libslirp vulnerability</title><link>https://ubuntu.com/security/notices/USN-8550-1</link><description>It was discovered that libslirp incorrectly handled TCP urgent data. A
privileged attacker inside a guest VM could possibly use this issue to
obtain sensitive information from the host process memory.</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8550-1</guid><pubDate>Wed, 15 Jul 2026 13:59:22 +0000</pubDate></item><item><title>USN-8549-1: idna vulnerability</title><link>https://ubuntu.com/security/notices/USN-8549-1</link><description>It was discovered that idna did not properly reject oversized inputs before
performing expensive processing. An attacker could possibly use this issue
to cause idna to consume significant resources, leading to a denial of
service.</description><guid isPermaLink="false">https://ubuntu.com/security/notices/USN-8549-1</guid><pubDate>Wed, 15 Jul 2026 13:46:50 +0000</pubDate></item></channel></rss>