USN-5760-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2022-40303) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-40304)

This update fixes two file format vulnerabilities in giflib. CVE-2018-11490

A distrusted certificate authority has been removed from ca-certificates.

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. (CVE-2022-2309) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2022-40303) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-40304)

Several security issues were fixed in libxml2.

Several security issues were fixed in libxml2.

It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.10. (CVE-2021-45940, CVE-2021-45941, CVE-2022-3533) It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606)

FreeCAD: a general purpose parametric 3D modeller for CAD

The 6.0.11 stable kernel update contains a number of important fixes across the tree.

The 6.0.11 stable kernel update contains a number of important fixes across the tree.

The 6.0.11 stable kernel update contains a number of important fixes across the tree.

IceWM: an X Window manager that emulates the looks of Motif, OS/2 and Windows

ranjit-git discovered an information leak vulnerability in node-fetch, a Node.js module exposing a window.fetch compatible API on Node.js runtime: the module was not honoring the same-origin-policy and upon following a redirect would leak cookies to the the target URL.

Cristian-Alexandru Staicu discovered a prototype pollution vulnerability in inode-cached-path-relative, a Node.js module used to cache (memoize) the result of path.relative.

ClamAV, an anti-virus utility for Unix, v0.103.7 is a critical patch release with the following fixes: * Fix logical signature "Intermediates" feature.