MySQL, libxml2, Perl, FFmpeg updates for Ubuntu

Ubuntu 7130 Published by

Ubuntu released security updates for MySQL, libxml2, Perl, and FFmpeg. These fixes address serious bugs that let unauthenticated attackers crash databases or run malicious code by exploiting TLS handling, XML parsing errors, symlink manipulation, and memory management issues across multiple affected packages. libxml2 crashes remain a risk on 22.04 and 24.04 systems, where that DTD parsing bug might feel buried in the logs but can still let code slip through. Older Perl installations still need the Archive::Tar and regex patches to prevent file overwrites or heap overflows, and running a standard system update now closes these doors before remote exploitation becomes possible.

[USN-8457-2] MySQL vulnerabilities
[USN-8456-1] libxml2 vulnerability
[USN-8467-1] Perl vulnerabilities
[USN-8466-1] Perl DBI module vulnerabilities
[USN-8469-1] FFmpeg vulnerabilities




[USN-8457-2] MySQL vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8457-2
June 24, 2026

mysql-8.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in MySQL.

Software Description:
- mysql-8.0: MySQL database

Details:

USN-8457-1 fixed several vulnerabilities in MySQL. This update
provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS

Original advisory details:

It was discovered that MySQL Router incorrectly handled repeated TLS
protocol upgrade requests. An unauthenticated remote attacker could
possibly use this issue to cause MySQL Router to crash, resulting in a
denial of service. (CVE-2026-46862)

It was discovered that MySQL Server incorrectly handled connection
authentication. An unauthenticated remote attacker could possibly use this
issue to cause MySQL to crash, resulting in a denial of service.
(CVE-2026-46863)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
mysql-router 8.0.46-0ubuntu0.20.04.1+esm3
Available with Ubuntu Pro
mysql-server 8.0.46-0ubuntu0.20.04.1+esm3
Available with Ubuntu Pro
mysql-server-8.0 8.0.46-0ubuntu0.20.04.1+esm3
Available with Ubuntu Pro
mysql-server-core-8.0 8.0.46-0ubuntu0.20.04.1+esm3
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8457-2
https://ubuntu.com/security/notices/USN-8457-1
CVE-2026-46862, CVE-2026-46863



[USN-8456-1] libxml2 vulnerability


==========================================================================
Ubuntu Security Notice USN-8456-1
June 22, 2026

libxml2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

libxml2 could be made to crash or run programs if it received specially
crafted input.

Software Description:
- libxml2: GNOME XML library

Details:

Geoffrey Humphreys discovered that libxml2 had a use after free when
parsing the internal subset of a DTD. A remote attacker could possibly use
this issue to cause a denial of service or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
libxml2 2.9.14+dfsg-1.3ubuntu3.8
libxml2-dev 2.9.14+dfsg-1.3ubuntu3.8
libxml2-utils 2.9.14+dfsg-1.3ubuntu3.8
python3-libxml2 2.9.14+dfsg-1.3ubuntu3.8

Ubuntu 22.04 LTS
libxml2 2.9.13+dfsg-1ubuntu0.12
libxml2-dev 2.9.13+dfsg-1ubuntu0.12
libxml2-utils 2.9.13+dfsg-1ubuntu0.12
python3-libxml2 2.9.13+dfsg-1ubuntu0.12

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8456-1
CVE-2026-6653

Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.9.14+dfsg-1.3ubuntu3.8
https://launchpad.net/ubuntu/+source/libxml2/2.9.13+dfsg-1ubuntu0.12



[USN-8467-1] Perl vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8467-1
June 24, 2026

perl vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Perl.

Software Description:
- perl: Practical Extraction and Report Language

Details:

It was discovered that Perl's Archive::Tar module incorrectly handled
symlink and hardlink targets during extraction. An attacker could use this
issue to read or overwrite arbitrary files outside the extraction
directory. (CVE-2026-42496)

It was discovered that Perl had a heap buffer overflow when compiling
regular expressions with a repeated fixed string on 32-bit builds. An
attacker could use this issue to cause a denial of service or possibly
execute arbitrary code. (CVE-2026-8376)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
libperl-dev 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro
libperl5.30 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro
perl 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro
perl-base 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro
perl-debug 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro
perl-doc 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro
perl-modules-5.30 5.30.0-9ubuntu0.5+esm2
Available with Ubuntu Pro

Ubuntu 18.04 LTS
libperl-dev 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro
libperl5.26 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro
perl 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro
perl-base 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro
perl-debug 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro
perl-doc 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro
perl-modules-5.26 5.26.1-6ubuntu0.7+esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
libperl-dev 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro
libperl5.22 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro
perl 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro
perl-base 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro
perl-debug 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro
perl-doc 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro
perl-modules-5.22 5.22.1-9ubuntu0.9+esm2
Available with Ubuntu Pro

Ubuntu 14.04 LTS
libperl-dev 5.18.2-2ubuntu1.7+esm7
Available with Ubuntu Pro
perl 5.18.2-2ubuntu1.7+esm7
Available with Ubuntu Pro
perl-base 5.18.2-2ubuntu1.7+esm7
Available with Ubuntu Pro
perl-debug 5.18.2-2ubuntu1.7+esm7
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8467-1
CVE-2026-8376



[USN-8466-1] Perl DBI module vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8466-1
June 24, 2026

libdbi-perl vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Perl DBI module.

Software Description:
- libdbi-perl: Perl Database Interface (DBI)

Details:

It was discovered that the Perl DBI module incorrectly handled certain
error messages. An attacker could use this issue to cause applications
using the Perl DBI module to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2026-9698)

It was discovered that the Perl DBI module incorrectly handled memory when
preparsing SQL statements that included more than nine binders. An attacker
could use this issue to cause applications using the Perl DBI module to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2026-10879)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libdbi-perl 1.647-1ubuntu0.26.04.1

Ubuntu 25.10
libdbi-perl 1.647-1ubuntu0.25.10.1

Ubuntu 24.04 LTS
libdbi-perl 1.643-4ubuntu0.1

Ubuntu 22.04 LTS
libdbi-perl 1.643-3ubuntu0.1

Ubuntu 20.04 LTS
libdbi-perl 1.643-1ubuntu0.1+esm1
Available with Ubuntu Pro

Ubuntu 18.04 LTS
libdbi-perl 1.640-1ubuntu0.3+esm1
Available with Ubuntu Pro

Ubuntu 16.04 LTS
libdbi-perl 1.634-1ubuntu0.2+esm2
Available with Ubuntu Pro

Ubuntu 14.04 LTS
libdbi-perl 1.630-1ubuntu0.1~esm6
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8466-1
CVE-2026-10879, CVE-2026-9698

Package Information:
https://launchpad.net/ubuntu/+source/libdbi-perl/1.647-1ubuntu0.26.04.1
https://launchpad.net/ubuntu/+source/libdbi-perl/1.647-1ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/libdbi-perl/1.643-4ubuntu0.1
https://launchpad.net/ubuntu/+source/libdbi-perl/1.643-3ubuntu0.1



[USN-8469-1] FFmpeg vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8469-1
June 24, 2026

ffmpeg vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in FFmpeg.

Software Description:
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files

Details:

Jiasheng Jiang discovered that FFmpeg incorrectly handled memory in
certain error-handling paths of its TensorFlow DNN backend. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 24.04 LTS. (CVE-2025-12343)

Quang Luong discovered that FFmpeg incorrectly handled certain subsample
data. An attacker could possibly use this issue to cause a denial of
service or possibly execute arbitrary code. (CVE-2026-40962)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
ffmpeg 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavcodec-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavcodec-extra 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavcodec-extra62 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavcodec62 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavdevice-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavdevice62 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavfilter-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavfilter-extra 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavfilter-extra11 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavfilter11 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavformat-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavformat-extra 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavformat-extra62 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavformat62 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavutil-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libavutil60 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libswresample-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libswresample6 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libswscale-dev 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro
libswscale9 7:8.0.1-3ubuntu2+esm1
Available with Ubuntu Pro

Ubuntu 24.04 LTS
ffmpeg 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavcodec-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavcodec-extra 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavcodec-extra60 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavcodec60 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavdevice-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavdevice60 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavfilter-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavfilter-extra 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavfilter-extra9 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavfilter9 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavformat-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavformat-extra 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavformat-extra60 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavformat60 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavutil-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libavutil58 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libpostproc-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libpostproc57 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libswresample-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libswresample4 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libswscale-dev 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro
libswscale7 7:6.1.1-3ubuntu5+esm10
Available with Ubuntu Pro

Ubuntu 22.04 LTS
ffmpeg 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavcodec-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavcodec-extra 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavcodec-extra58 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavcodec58 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavdevice-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavdevice58 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavfilter-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavfilter-extra 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavfilter-extra7 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavfilter7 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavformat-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavformat-extra 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavformat-extra58 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavformat58 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavutil-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libavutil56 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libpostproc-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libpostproc55 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libswresample-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libswresample3 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libswscale-dev 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro
libswscale5 7:4.4.2-0ubuntu0.22.04.1+esm12
Available with Ubuntu Pro

Ubuntu 20.04 LTS
ffmpeg 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavcodec-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavcodec-extra 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavcodec-extra58 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavcodec58 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavdevice-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavdevice58 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavfilter-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavfilter-extra 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavfilter-extra7 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavfilter7 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavformat-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavformat58 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavresample-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavresample4 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavutil-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libavutil56 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libpostproc-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libpostproc55 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libswresample-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libswresample3 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libswscale-dev 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro
libswscale5 7:4.2.7-0ubuntu0.1+esm13
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8469-1
CVE-2025-12343, CVE-2026-40962


Kernel Live Patches, Apptainer, BIND, and OpenSSL updates for SUSE

Liquorix Kernel 7.0.15 Released: Freeze Fix, Scheduler Swaps, and Lower Latency

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...