A security vulnerability was discovered in Ubuntu versions 20.04, 18.04, and 16.04 that affects Dungeon Crawl Stone Soup. The game could be made to execute arbitrary code by opening a specially crafted file due to incorrect handling of Lua bytecode. David Mendenhall discovered the issue, which could potentially allow an attacker to run malicious software. To fix the problem, users can update their system to the latest package versions using a standard system update.
[USN-7969-1] Dungeon Crawl Stone Stoup vulnerability
Ubuntu Linux has released several security updates to address various vulnerabilities. The updates include fixes for Snowflake and Telegraf, as well as Avahi and Apache HTTP Server issues. In addition, a regression in urllib3 has also been addressed with the latest update.
[USN-7966-1] Snowflake vulnerabilities
[USN-7966-2] Telegraf vulnerabilities
[USN-7967-1] Avahi vulnerabilities
[USN-7955-2] urllib3 regression
[USN-7968-1] Apache HTTP Server vulnerabilities
Steven Barrett has released Liquorix Linux kernel 6.18-6, which is based on the standard Linux Kernel 6.18 and designed to optimize desktop performance for multimedia and gaming workloads. The new kernel has many upgrades, like better Zen Interactive Tuning, improved I/O and memory management, quicker CPUFreq control, and extra features for better performance, such as high-resolution scheduling and real-time system handling. Liquorix is a custom-built kernel that can be used as a direct replacement for the standard kernel on Debian, Ubuntu, or Arch Linux systems, with binary builds available through their PPA. Users can easily try out the new kernel by running a script on the Liquorix website, which will handle the installation automatically via curl and bash.
Steven Barrett has released Liquorix Linux kernel 6.18-5, a custom-built kernel designed to optimize desktop experiences for multimedia and gaming workloads by tapping into performance capabilities that may not be fully utilized in default kernels. This kernel brings several notable improvements, including interactive tuning, optimized I/O and memory management, and features like high-resolution scheduling, real-time system handling, and support for Budget Fair Queue (BFQ) to manage disk I/O and keep latency in check. Liquorix 6.18-5 also includes performance enhancements such as TCP BBR2 Congestion Control and Compressed Swap using LZ4 compression to reduce memory requirements for swap. The kernel is available for Debian, Ubuntu, and Arch Linux, with binary builds tailored for stable, testing, and unstable releases, making it easy to install and use as a direct replacement for the standard kernel.
Multiple security notices have been issued for various Ubuntu releases, including USN-7960-1 for ruby-rack vulnerabilities and USN-7962-1 for cpp-httplib vulnerabilities. The issues include denial-of-service (DoS) attacks, memory exhaustion, unauthorized access to network services, and bypassing proxy access restrictions. Updates are available for affected systems, which can be installed through a standard system update or by updating specific packages.
[USN-7960-1] Rack vulnerabilities
[USN-7962-1] cpp-httplib vulnerability
[USN-7916-2] python-apt regression
[USN-7964-1] Git vulnerabilities
[USN-7965-1] SimGear vulnerability
Ubuntu has released several security notices (USN) to address vulnerabilities in various packages. The affected releases include Ubuntu 25.04, 24.04 LTS, 22.04 LTS, and others. Multiple vulnerabilities were found in AngularJS, Erlang, klibc, and libpng1.6, which could lead to issues such as cross-site scripting, denial of service, and unintended access to network services. Users are advised to update their systems to the latest package versions through a standard system update to fix these vulnerabilities.
[USN-7958-1] AngularJS vulnerabilities
[USN-7961-1] Erlang vulnerability
[USN-7959-1] klibc vulnerabilities
[USN-7963-1] libpng vulnerabilities
Three Ubuntu Security Notices have been issued: USN-7956-1, USN-7957-1, and USN-7927-3. These notices address vulnerabilities in Google Guest Agent (USN-7956-1), WebKitGTK (USN-7957-1), and urllib3 (USN-7927-3). The fixes for these vulnerabilities involve updating the affected packages to new versions, which can be done through a standard system update. Users who rely on applications that use WebKitGTK, such as Epiphany, may need to restart them after updating to ensure all necessary changes are made.
[USN-7956-1] Google Guest Agent vulnerability
[USN-7957-1] WebKitGTK vulnerabilities
[USN-7927-3] urllib3 regression
Ubuntu Linux has released several security updates to address various vulnerabilities. These updates include fixes for Libtasn1, Python, PHP, and the Linux kernel (IoT), as well as a regression in urllib3. Additionally, there is also a separate update addressing another urllib3 vulnerability.
[USN-7954-1] Libtasn1 vulnerabilities
[USN-7951-1] Python vulnerability
[USN-7953-1] PHP vulnerabilities
[USN-7927-2] urllib3 regression
[USN-7922-5] Linux kernel (IoT) vulnerabilities
[USN-7955-1] urllib3 vulnerability
A security issue was discovered in libheif, a library used to decode and encode HEIF and AVIF file formats. The vulnerability allowed an attacker to cause a denial of service or potentially execute arbitrary code on Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS systems. Aldo Ristori discovered another issue that also caused a denial of service on affected Ubuntu versions. To fix the issues, users can update their systems to the recommended package versions, which are available through standard system updates or Ubuntu Pro for certain releases.
[USN-7952-1] libheif vulnerabilities
Ubuntu has released three security notices for Linux kernel vulnerabilities affecting various releases, including Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. The issues were discovered in the Linux kernel, specifically in subsystems such as cryptographic API, media drivers, network drivers, file systems, and tracing infrastructure. Multiple security issues have been discovered in the Linux kernel that could potentially be used by an attacker to compromise a system. Two of these vulnerabilities are specific to the Azure and N-Series environments (USN-7940-2), while another two notices focus on Raspberry Pi (USN-7931-5) and Azure/N-Series systems (USN-7940-2):
[USN-7931-5] Linux kernel (Raspberry Pi) vulnerabilities
[USN-7940-2] Linux kernel (Azure, N-Series) vulnerabilities
[USN-7928-5] Linux kernel (KVM) vulnerabilities
Liquorix Linux Kernel 6.18-4 has been released by Steven Barrett, based on the standard Linux Kernel 6.18, and designed to optimize desktop performance for multimedia and gaming workloads. The new kernel includes notable improvements such as Zen Interactive Tuning, which prioritizes responsiveness over power saving, and optimizes I/O and memory management through tweaks to the Block Layer.
Ubuntu Linux has released several security updates to address various vulnerabilities. These include issues in libvirt, Tornado, GnuPG, Sodium, and GPSd. The updates aim to improve the security of Ubuntu systems by patching these vulnerabilities.
[USN-7047-1] libvirt vulnerabilities
[USN-7950-1] Tornado vulnerabilities
[USN-7946-2] GnuPG vulnerability
[USN-7946-1] GnuPG vulnerability
[USN-7949-1] Sodium vulnerability
[USN-7948-1] GPSd vulnerabilities
Ubuntu has released security notices for three vulnerabilities affecting various versions of its operating system. The first vulnerability, in libcaca, could cause a denial of service if a specially crafted file was opened. The second vulnerability, in Libxslt, could crash or exhibit undefined behavior when performing XML transformations on malicious input. The third vulnerability, in Net-SNMP, allows an attacker to potentially cause a denial of service by tricking a user into opening a specially crafted input file.
[USN-7943-1] libcaca vulnerability
[USN-7945-1] Libxslt vulnerability
[USN-7944-1] Net-SNMP vulnerability
Ubuntu has released security notices for two vulnerabilities: USN-7942-1 affects GLib libraries in Ubuntu 25.10, 25.04, 24.04 LTS, and 22.04 LTS, while USN-7922-4 affects Linux kernel versions in Ubuntu 20.04 LTS and 18.04 LTS. The GLib vulnerabilities could cause a denial of service or allow execution of arbitrary code if exploited, while the Linux kernel issues may compromise system security.
[USN-7942-1] GLib vulnerabilities
[USN-7922-4] Linux kernel (Raspberry Pi) vulnerabilities
Ubuntu 25.04 (Plucky Puffin) will reach its end of life on January 15, 2026, marking the date when no further updates or support will be available. This includes security patches, bug fixes, and other essential updates that are crucial to keeping systems secure. Users running Ubuntu 25.04 are highly recommended to upgrade to the latest supported version, Ubuntu 25.10, for continued stability and security.
A security notice (USN-7941-1) has been issued for Ubuntu and its derivatives, affecting systems including Ubuntu 25.10, 25.04, 24.04 LTS, and 22.04 LTS. Several vulnerabilities have been discovered in WebKitGTK, a library for web content, which could allow remote attackers to exploit cross-site scripting attacks, denial of service attacks, and arbitrary code execution. To fix these issues, users need to update their systems to the latest package versions, which include new upstream releases with additional bug fixes. After updating, applications that use WebKitGTK, such as Epiphany, may require a restart to apply the necessary changes.
[USN-7941-1] WebKitGTK vulnerabilities
A new version of the Liquorix Linux kernel, 6.18-3, has been released by Steven Barrett, which is designed to optimize desktop experiences for multimedia and gaming workloads. This custom-built kernel includes several notable improvements, such as Zen Interactive Tuning, optimized I/O and memory management, and faster responsiveness through tweaks like adjusted CPUFreq control. The Liquorix 6.18-3 also includes additional performance features like high-resolution scheduling, real-time system handling, and support for Budget Fair Queue (BFQ) to manage disk I/O and latency. Users can easily deploy the kernel on Debian, Ubuntu, or Arch Linux by downloading binary builds from the Liquorix website or using a simple installation script.
Steven Barrett has released Liquorix Linux kernel 6.18-2, which offers several improvements to optimize desktop performance for multimedia and gaming workloads. The new kernel includes features that help improve how the system responds quickly while still being stable, such as better management of input/output, memory, and CPU speed control.
Steven Barrett has released the first Liquorix Linux kernel based on the 6.18 series, designed to optimize desktop experience for multimedia and gaming workloads by tapping into underutilized performance capabilities. The kernel includes various improvements, such as Zen Interactive Tuning, which prioritizes responsiveness over power saving, as well as optimized I/O and memory management through tweaks like background reclaim for hugepages and minimum cache TTL timings. Liquorix 6.18-1 also features other technical enhancements, including high-resolution scheduling, real-time system handling, Budget Fair Queue (BFQ) support, and TCP BBR2 Congestion Control to improve data transfer speed during network congestion. The kernel provides binary builds for Debian, Ubuntu, and Arch Linux through their PPA, making it easy to install and use as a direct replacement for the standard kernel.
Ubuntu Linux has released security updates to address several vulnerabilities in the Linux kernel. Specifically, updates have been issued for Raspberry Pi, Real-time, Oracle, and Xilinx variants of the Linux kernel.
[USN-7928-4] Linux kernel (Raspberry Pi) vulnerabilities
[USN-7921-2] Linux kernel (Real-time) vulnerabilities
[USN-7922-3] Linux kernel (Oracle) vulnerabilities
[USN-7931-4] Linux kernel (Xilinx) vulnerabilities
