[USN-8361-3] Linux kernel vulnerability
[USN-8441-1] Linux kernel vulnerabilities
[USN-8390-2] Linux kernel vulnerability
[USN-8447-1] Go Cryptography vulnerabilities
[USN-8445-1] Config-IniFiles vulnerability
[USN-8446-1] GStreamer Bad Plugins vulnerabilities
[USN-8443-1] web.py vulnerability
[USN-8444-1] Graphite vulnerability
[USN-8425-1] njs vulnerability
[USN-8448-1] Dolibarr vulnerability
[USN-8442-1] kitty vulnerabilities
[USN-8361-3] Linux kernel vulnerability
==========================================================================
Ubuntu Security Notice USN-8361-3
June 17, 2026
linux, linux-aws, linux-kvm vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
The system could be compromised under certain conditions.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
Details:
A security issue was discovered in the Linux kernel.
An attacker could possibly use this to compromise the system.
This update corrects flaws in the following subsystem:
- Packet sockets;
(CVE-2026-31504)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.4.0-1156-kvm 4.4.0-1156.167
Available with Ubuntu Pro
linux-image-4.4.0-1193-aws 4.4.0-1193.208
Available with Ubuntu Pro
linux-image-4.4.0-281-generic 4.4.0-281.315
Available with Ubuntu Pro
linux-image-4.4.0-281-lowlatency 4.4.0-281.315
Available with Ubuntu Pro
linux-image-aws 4.4.0.1193.197
Available with Ubuntu Pro
linux-image-generic 4.4.0.281.287
Available with Ubuntu Pro
linux-image-generic-lts-xenial 4.4.0.281.287
Available with Ubuntu Pro
linux-image-kvm 4.4.0.1156.153
Available with Ubuntu Pro
linux-image-lowlatency 4.4.0.281.287
Available with Ubuntu Pro
linux-image-lowlatency-lts-xenial 4.4.0.281.287
Available with Ubuntu Pro
linux-image-virtual 4.4.0.281.287
Available with Ubuntu Pro
linux-image-virtual-lts-xenial 4.4.0.281.287
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8361-3
https://ubuntu.com/security/notices/USN-8361-2
https://ubuntu.com/security/notices/USN-8361-1
CVE-2026-31504
[USN-8441-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8441-1
June 17, 2026
linux-aws-hwe, linux-azure, linux-gcp, linux-hwe, linux-oracle
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-oracle: Linux kernel for Oracle Cloud systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Packet sockets;
(CVE-2026-31504, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078,
CVE-2026-46028)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.15.0-1154-oracle 4.15.0-1154.165~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1185-gcp 4.15.0-1185.202~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1192-aws 4.15.0-1192.205~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1201-azure 4.15.0-1201.216~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-250-generic 4.15.0-250.262~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-250-lowlatency 4.15.0-250.262~16.04.1
Available with Ubuntu Pro
linux-image-aws-hwe 4.15.0.1192.205~16.04.1
Available with Ubuntu Pro
linux-image-azure 4.15.0.1201.216~16.04.1
Available with Ubuntu Pro
linux-image-gcp 4.15.0.1185.202~16.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-16.04 4.15.0.250.262~16.04.1
Available with Ubuntu Pro
linux-image-gke 4.15.0.1185.202~16.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-16.04 4.15.0.250.262~16.04.1
Available with Ubuntu Pro
linux-image-oem 4.15.0.250.262~16.04.1
Available with Ubuntu Pro
linux-image-oracle 4.15.0.1154.165~16.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-16.04 4.15.0.250.262~16.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8441-1
CVE-2026-31431, CVE-2026-31504, CVE-2026-43033, CVE-2026-43077,
CVE-2026-43078, CVE-2026-46028
[USN-8390-2] Linux kernel vulnerability
==========================================================================
Ubuntu Security Notice USN-8390-2
June 17, 2026
linux-azure, linux-gcp, linux-hwe, linux-oracle vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
The system could be made to run programs as an administrator.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-oracle: Linux kernel for Oracle Cloud systems
Details:
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the
RxRPC networking subsystem when processing paged fragments. A local
attacker could use this to escalate privileges, or possibly escape a
container.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.15.0-1155-oracle 4.15.0-1155.166~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1186-gcp 4.15.0-1186.203~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1202-azure 4.15.0-1202.217~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-251-generic 4.15.0-251.263~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-251-lowlatency 4.15.0-251.263~16.04.1
Available with Ubuntu Pro
linux-image-azure 4.15.0.1202.217~16.04.1
Available with Ubuntu Pro
linux-image-gcp 4.15.0.1186.203~16.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-16.04 4.15.0.251.263~16.04.1
Available with Ubuntu Pro
linux-image-gke 4.15.0.1186.203~16.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-16.04 4.15.0.251.263~16.04.1
Available with Ubuntu Pro
linux-image-oem 4.15.0.251.263~16.04.1
Available with Ubuntu Pro
linux-image-oracle 4.15.0.1155.166~16.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-16.04 4.15.0.251.263~16.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8390-2
https://ubuntu.com/security/notices/USN-8390-1
CVE-2026-43284
[USN-8447-1] Go Cryptography vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8447-1
June 17, 2026
golang-go.crypto vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Go Cryptography.
Software Description:
- golang-go.crypto: Supplementary Go cryptography libraries
Details:
It was discovered that Go Cryptography did not properly handle SSH global
request responses. A remote attacker could possibly use this issue to cause
a denial of service. (CVE-2026-39830)
It was discovered that Go Cryptography did not properly verify user
presence when using FIDO/U2F security keys. An attacker could possibly use
this issue to bypass user presence verification for hardware security keys.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04
LTS, and Ubuntu 26.04 LTS. (CVE-2026-39831)
It was discovered that Go Cryptography did not properly serialize SSH agent
key constraint extensions. An attacker could possibly use this issue to
bypass intended key usage restrictions. This issue only affected Ubuntu
20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS.
(CVE-2026-39832)
It was discovered that Go Cryptography did not properly enforce the
confirm-before-use constraint in the SSH agent keyring. An attacker could
possibly use this issue to use SSH keys without the required user
confirmation. (CVE-2026-39833)
It was discovered that Go Cryptography had an integer overflow when
handling large SSH channel writes. A remote attacker could possibly use
this issue to cause a denial of service. (CVE-2026-39834)
It was discovered that Go Cryptography did not properly check certificate
authority key revocation. An attacker could possibly use this issue to
bypass certificate authority revocation checks. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and
Ubuntu 26.04 LTS. (CVE-2026-42508)
It was discovered that Go Cryptography did not properly enforce the source-
address critical option for all SSH server callback types. An attacker
could possibly use this issue to bypass source address authorization
restrictions. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-46595)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
golang-golang-x-crypto-dev 1:0.47.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 24.04 LTS
golang-golang-x-crypto-dev 1:0.19.0-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
golang-golang-x-crypto-dev 1:0.0~git20211202.5770296-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 20.04 LTS
golang-golang-x-crypto-dev 1:0.0~git20200221.2aa609c-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
golang-go.crypto-dev 1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm2
Available with Ubuntu Pro
golang-golang-x-crypto-dev 1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
golang-go.crypto-dev 1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm2
Available with Ubuntu Pro
golang-golang-x-crypto-dev 1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8447-1
CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833,
CVE-2026-39834, CVE-2026-42508, CVE-2026-46595
[USN-8445-1] Config-IniFiles vulnerability
==========================================================================
Ubuntu Security Notice USN-8445-1
June 17, 2026
libconfig-inifiles-perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Config-IniFiles could be made to run commands or overwrite files if it
received specially crafted input.
Software Description:
- libconfig-inifiles-perl: Perl module for working with INI configuration files
Details:
It was discovered that Config-IniFiles incorrectly handled the -file
argument in certain situations. An attacker could possibly use this issue
to execute arbitrary commands or overwrite arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libconfig-inifiles-perl 3.000003-4ubuntu0.1
Ubuntu 25.10
libconfig-inifiles-perl 3.000003-3ubuntu0.1
Ubuntu 24.04 LTS
libconfig-inifiles-perl 3.000003-2ubuntu0.1
Ubuntu 22.04 LTS
libconfig-inifiles-perl 3.000003-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8445-1
CVE-2026-11527
Package Information:
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-4ubuntu0.1
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-3ubuntu0.1
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-1ubuntu0.1
[USN-8446-1] GStreamer Bad Plugins vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8446-1
June 17, 2026
gst-plugins-bad1.0 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
Summary:
Several security issues were fixed in GStreamer Bad Plugins.
Software Description:
- gst-plugins-bad1.0: GStreamer plugins
Details:
It was discovered that GStreamer Bad Plugins incorrectly handled parsing
H.266/VVC picture partition data. An attacker could use this issue to cause
GStreamer Bad Plugins to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2026-53701)
It was discovered that GStreamer Bad Plugins incorrectly handled parsing
H.265 buffering period metadata. An attacker could use this issue to cause
GStreamer Bad Plugins to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2026-53702)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
gstreamer1.0-plugins-bad 1.28.2-1ubuntu1.1
libgstreamer-plugins-bad1.0-0 1.28.2-1ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8446-1
CVE-2026-53701, CVE-2026-53702
Package Information:
https://launchpad.net/ubuntu/+source/gst-plugins-bad1.0/1.28.2-1ubuntu1.1
[USN-8443-1] web.py vulnerability
==========================================================================
Ubuntu Security Notice USN-8443-1
June 17, 2026
webpy vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
web.py could be made to alter or expose database information over the
network.
Software Description:
- webpy: web framework for Python
Details:
It was discovered that web.py incorrectly handled sequence names in
PostgreSQL insert queries. An attacker could possibly use this issue
to perform SQL injection attacks, resulting in the alteration or exposure
of database information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
python3-webpy 1:0.62-4ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
python3-webpy 1:0.61-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
python3-webpy 1:0.40-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
python-webpy 1:0.38+20170615-1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-webpy 1:0.38+20170615-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
python-webpy 1:0.37+20120626-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8443-1
CVE-2025-3818
[USN-8444-1] Graphite vulnerability
==========================================================================
Ubuntu Security Notice USN-8444-1
June 17, 2026
graphite2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
graphite2 could be made to crash or run programs if it opened a specially
crafted file.
Software Description:
- graphite2: Font rendering engine for Complex Scripts
Details:
It was discovered that Graphite incorrectly handled memory when running
certain actions. An attacker could use this issue to cause Graphite to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libgraphite2-3 1.3.14-11ubuntu1.1
Ubuntu 25.10
libgraphite2-3 1.3.14-2ubuntu1.3
Ubuntu 24.04 LTS
libgraphite2-3 1.3.14-2ubuntu0.24.04.1
Ubuntu 22.04 LTS
libgraphite2-3 1.3.14-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8444-1
CVE-2026-50593
Package Information:
https://launchpad.net/ubuntu/+source/graphite2/1.3.14-11ubuntu1.1
https://launchpad.net/ubuntu/+source/graphite2/1.3.14-2ubuntu1.3
https://launchpad.net/ubuntu/+source/graphite2/1.3.14-2ubuntu0.24.04.1
https://launchpad.net/ubuntu/+source/graphite2/1.3.14-1ubuntu0.1
[USN-8425-1] njs vulnerability
==========================================================================
Ubuntu Security Notice USN-8425-1
June 11, 2026
libnginx-mod-js vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
Summary:
njs could be made to crash or run programs if it received a specially
crafted input.
Software Description:
- libnginx-mod-js: A subset of JavaScript language to use in nginx
Details:
It was discovered that njs did not properly handle certain client-
controlled variables when processing ngx.fetch() requests. An attacker
could possibly use this issue to trigger a heap buffer overflow, resulting
in arbitrary code execution or a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libnginx-mod-http-js 0.9.4-1ubuntu0.1~esm1
Available with Ubuntu Pro
libnginx-mod-stream-js 0.9.4-1ubuntu0.1~esm1
Available with Ubuntu Pro
njs 0.9.4-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8425-1
CVE-2026-8711
[USN-8448-1] Dolibarr vulnerability
==========================================================================
Ubuntu Security Notice USN-8448-1
June 17, 2026
dolibarr vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Dolibarr could be made to run programs if it received specially crafted
network traffic.
Software Description:
- dolibarr: Open Source ERP & CRM for business
Details:
It was discovered that Dolibarr incorrectly handled user-supplied
database name values during installation. A remote attacker could
possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
dolibarr 3.5.8+dfsg1-1ubuntu1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8448-1
CVE-2018-25357
[USN-8442-1] kitty vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8442-1
June 17, 2026
kitty vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in kitty.
Software Description:
- kitty: The fast, feature-rich, GPU based terminal emulator
Details:
It was discovered that kitty incorrectly handled certain image data. An
attacker able to write to the terminal's input could possibly use this
issue to cause kitty to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2026-33633)
It was discovered that kitty incorrectly handled certain graphics commands.
An attacker able to write escape sequences to a kitty terminal could
possibly use this issue to cause kitty to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2026-33642)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
kitty 0.45.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kitty-shell-integration 0.45.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 25.10
kitty 0.41.1-2+deb13u1build0.25.10.1
kitty-shell-integration 0.41.1-2+deb13u1build0.25.10.1
Ubuntu 24.04 LTS
kitty 0.32.2-1ubuntu0.4+esm1
Available with Ubuntu Pro
kitty-shell-integration 0.32.2-1ubuntu0.4+esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
kitty 0.21.2-1ubuntu0.22.04.1+esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
kitty 0.15.0-1ubuntu0.2+esm1
Available with Ubuntu Pro
After a standard system update you need to restart kitty to make all the
necessary changes.
References:
https://ubuntu.com/security/notices/USN-8442-1
CVE-2026-33633, CVE-2026-33642
Package Information:
https://launchpad.net/ubuntu/+source/kitty/0.41.1-2+deb13u1build0.25.10.1
