Ubuntu 7134 Published by

Ubuntu released security patches to address critical flaws in Roundcube Webmail, libyang, HPLIP, libssh2, GD.pm, tar, Ruby, and curl. Attackers could exploit these bugs to run unauthorized commands, steal session cookies, bypass TLS encryption, or crash services through specially crafted files and network traffic. The updates cover Ubuntu releases from 14.04 LTS all the way to 26.04 LTS, with Extended Security Maintenance packages handling older versions.

[USN-8482-1] Roundcube Webmail vulnerability
[USN-8485-1] libyang vulnerability
[USN-8483-1] HPLIP vulnerabilities
[USN-8486-1] libssh2 vulnerabilities
[USN-8484-1] GD.pm vulnerability
[USN-8477-1] tar vulnerability
[USN-8478-1] Ruby vulnerabilities
[USN-8487-1] curl vulnerabilities




[USN-8482-1] Roundcube Webmail vulnerability


==========================================================================
Ubuntu Security Notice USN-8482-1
June 30, 2026

roundcube vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS

Summary:

Roundcube Webmail could be made to run programs as your login if it opened
a malicious website.

Software Description:
- roundcube: skinnable AJAX based webmail solution for IMAP servers - metapack

Details:

It was discovered that Roundcube Webmail was prone to a Cross-Site-Scripting
(XSS) vulnerability via the animate tag in an SVG document. An attacker
could use this issue to execute arbitrary web script in the context of an
affected user's session.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
roundcube 1.6.11+dfsg-1ubuntu0.26.04.1~esm1
Available with Ubuntu Pro
roundcube-core 1.6.11+dfsg-1ubuntu0.26.04.1~esm1
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8482-1
CVE-2025-68461



[USN-8485-1] libyang vulnerability


==========================================================================
Ubuntu Security Notice USN-8485-1
June 30, 2026

libyang vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10

Summary:

libyang could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- libyang: parser toolkit for IETF YANG data modeling

Details:

It was discovered that libyang incorrectly handled certain metadata list
pointers. An attacker could use this issue to cause libyang to crash,
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libyang3 3.13.6-1ubuntu0.1

Ubuntu 25.10
libyang3 3.13.5-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8485-1
CVE-2026-41401

Package Information:
https://launchpad.net/ubuntu/+source/libyang/3.13.6-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libyang/3.13.5-2ubuntu0.1



[USN-8483-1] HPLIP vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8483-1
June 30, 2026

hplip vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in HPLIP.

Software Description:
- hplip: HP Linux Printing and Imaging System (HPLIP)

Details:

It was discovered that HPLIP incorrectly handled certain print data. An
attacker could possibly use this issue to cause HPLIP to execute arbitrary
code. (CVE-2026-8631)

It was discovered that HPLIP incorrectly handled certain inputs. A local
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-8632)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
hplip 3.24.4+dfsg0-0ubuntu8.1

Ubuntu 25.10
hplip 3.24.4+dfsg0-0ubuntu5.2

Ubuntu 24.04 LTS
hplip 3.23.12+dfsg0-0ubuntu5.1

Ubuntu 22.04 LTS
hplip 3.21.12+dfsg0-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8483-1
CVE-2026-8631, CVE-2026-8632

Package Information:
https://launchpad.net/ubuntu/+source/hplip/3.24.4+dfsg0-0ubuntu8.1
https://launchpad.net/ubuntu/+source/hplip/3.24.4+dfsg0-0ubuntu5.2
https://launchpad.net/ubuntu/+source/hplip/3.23.12+dfsg0-0ubuntu5.1
https://launchpad.net/ubuntu/+source/hplip/3.21.12+dfsg0-1ubuntu0.1



[USN-8486-1] libssh2 vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8486-1
June 30, 2026

libssh2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in libssh2.

Software Description:
- libssh2: Client-side C library implementing the SSH2 protocol

Details:

It was discovered that libssh2 incorrectly handled the sftp_symlink()
function. A malicious SSH server or machine-in-the-middle attacker could
possibly use this issue to obtain sensitive information or cause a denial
of service. (CVE-2025-15661)

It was discovered that libssh2 had a pre-authentication denial of service
vulnerability in the SSH_MSG_EXT_INFO handler. A malicious SSH server could
possibly use this issue to cause a client CPU exhaustion loop, resulting in
a denial of service. (CVE-2026-55199)

It was discovered that libssh2 incorrectly handled packet length fields. A
remote attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.
(CVE-2026-55200)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libssh2-1t64 1.11.1-1ubuntu0.26.04.2

Ubuntu 25.10
libssh2-1t64 1.11.1-1ubuntu0.25.10.2

Ubuntu 24.04 LTS
libssh2-1t64 1.11.0-4.1ubuntu0.24.04.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8486-1
CVE-2025-15661, CVE-2026-55199, CVE-2026-55200

Package Information:
https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.26.04.2
https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.25.10.2
https://launchpad.net/ubuntu/+source/libssh2/1.11.0-4.1ubuntu0.24.04.2



[USN-8484-1] GD.pm vulnerability


==========================================================================
Ubuntu Security Notice USN-8484-1
June 30, 2026

libgd-perl vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

GD.pm could be made to run programs or overwrite files if it opened a
specially crafted file.

Software Description:
- libgd-perl: Perl module wrapper for libgd

Details:

It was discovered that GD.pm incorrectly handled filename arguments. An
attacker could possibly use this issue to execute arbitrary commands or
overwrite files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libgd-perl 2.84-2ubuntu0.1

Ubuntu 25.10
libgd-perl 2.78-1ubuntu0.25.10.1

Ubuntu 24.04 LTS
libgd-perl 2.78-1ubuntu0.24.04.1

Ubuntu 22.04 LTS
libgd-perl 2.76-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8484-1
CVE-2026-11526

Package Information:
https://launchpad.net/ubuntu/+source/libgd-perl/2.84-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libgd-perl/2.78-1ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/libgd-perl/2.78-1ubuntu0.24.04.1
https://launchpad.net/ubuntu/+source/libgd-perl/2.76-2ubuntu0.1



[USN-8477-1] tar vulnerability


==========================================================================
Ubuntu Security Notice USN-8477-1
June 25, 2026

tar vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

tar could be made to overwrite files if it opened a specially crafted
archive.

Software Description:
- tar: GNU tar archive utility

Details:

It was discovered that tar incorrectly handled certain crafted archive files.
An attacker could possibly use this to inject hidden files with
attacker-controlled content, bypassing pre-extraction inspection mechanisms.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
tar 1.35+dfsg-4ubuntu0.1

Ubuntu 24.04 LTS
tar 1.35+dfsg-3ubuntu0.1

Ubuntu 22.04 LTS
tar 1.34+dfsg-1ubuntu0.1.22.04.3

Ubuntu 20.04 LTS
tar 1.30+dfsg-7ubuntu0.20.04.4+esm1
Available with Ubuntu Pro

Ubuntu 18.04 LTS
tar 1.29b-2ubuntu0.4+esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
tar 1.28-2.1ubuntu0.2+esm4
Available with Ubuntu Pro

Ubuntu 14.04 LTS
tar 1.27.1-1ubuntu0.1+esm5
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8477-1
CVE-2026-5704

Package Information:
https://launchpad.net/ubuntu/+source/tar/1.35+dfsg-4ubuntu0.1
https://launchpad.net/ubuntu/+source/tar/1.35+dfsg-3ubuntu0.1
https://launchpad.net/ubuntu/+source/tar/1.34+dfsg-1ubuntu0.1.22.04.3



[USN-8478-1] Ruby vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8478-1
June 29, 2025

ruby2.7, ruby3.0, ruby3.2, ruby3.3 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Ruby could allow unintended access to network services.

Software Description:
- ruby3.3: Object-oriented scripting language
- ruby3.2: Object-oriented scripting language
- ruby3.0: Object-oriented scripting language
- ruby2.7: Object-oriented scripting language

Details:

It was discovered that Ruby's Net::IMAP library did not properly verify
that TLS encryption was started after issuing a STARTTLS command. A remote
attacker could use this to perform a machine-in-the-middle attack and silently
bypass TLS encryption. (CVE-2026-42246)

It was discovered that Ruby's Net::IMAP library did not validate
string arguments passed to certain commands. A remote attacker could use
this to inject arbitrary IMAP commands. (CVE-2026-42257)

It was discovered that Ruby's Net::IMAP library was vulnerable to a
denial of service attack when authenticating with SCRAM-SHA1 or
SCRAM-SHA256. A hostile server could send a very large iteration count
value to cause excessive computation in the client. This issue only
affected ruby3.3. (CVE-2026-42256)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libruby3.3 3.3.8-2ubuntu3.1
ruby3.3 3.3.8-2ubuntu3.1

Ubuntu 24.04 LTS
libruby3.2 3.2.3-1ubuntu0.24.04.8
ruby3.2 3.2.3-1ubuntu0.24.04.8

Ubuntu 22.04 LTS
libruby3.0 3.0.2-7ubuntu2.13
ruby3.0 3.0.2-7ubuntu2.13

Ubuntu 20.04 LTS
libruby2.7 2.7.0-5ubuntu1.18+esm5
Available with Ubuntu Pro
ruby2.7 2.7.0-5ubuntu1.18+esm5
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8478-1
CVE-2026-42246, CVE-2026-42256, CVE-2026-42257

Package Information:
https://launchpad.net/ubuntu/+source/ruby3.3/3.3.8-2ubuntu3.1
https://launchpad.net/ubuntu/+source/ruby3.2/3.2.3-1ubuntu0.24.04.8
https://launchpad.net/ubuntu/+source/ruby3.0/3.0.2-7ubuntu2.13



[USN-8487-1] curl vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8487-1
June 30, 2026

curl vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in curl.

Software Description:
- curl: HTTP, HTTPS, and FTP client and client libraries

Details:

Andrew Nesbitt discovered that curl could reuse an existing live
connection during STARTTLS-based connection upgrades even when the TLS
configuration did not match. A remote attacker could possibly use this
issue to cause curl to use an unintended TLS configuration.
(CVE-2026-8286)

Muhamad Arga Reksapati discovered that curl incorrectly reused
connections for Negotiate-authenticated requests when different services
were involved. A remote attacker could possibly use this issue to access
resources authenticated for another service. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-8458)

It was discovered that curl incorrectly handled cookie parsing in
certain circumstances. A remote attacker could possibly use this issue
to set cookies that would be transmitted to unrelated third-party
domains. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and
Ubuntu 26.04 LTS. (CVE-2026-8924)

Joshua Rogers discovered that curl could double-free a GSASL context
when handling SASL authentication. A remote attacker could possibly use
this issue to cause a denial of service, or execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and
Ubuntu 26.04 LTS. (CVE-2026-8925)

Joshua Rogers discovered that curl could select the wrong password from
a .netrc file when a username was specified in the URL without a
password. A remote attacker could possibly use this issue to obtain
sensitive information. This issue only affected Ubuntu 25.10 and Ubuntu
26.04 LTS. (CVE-2026-8926)

Ady Elouej discovered that curl did not clear proxy authentication
state between requests when reusing a handle with environment-variable
proxy configuration. A remote attacker could possibly use this issue to
obtain sensitive credentials. (CVE-2026-8927)

Guannan Wang, Zhanpeng Liu, Jiashuo Liang, and Guancheng Li discovered
that curl did not properly clear proxy authentication credentials when
instructed to do so. A remote attacker could possibly use this issue to
obtain sensitive credentials. This issue only affected Ubuntu 25.10 and
Ubuntu 26.04 LTS. (CVE-2026-9079)

Joshua Rogers discovered that curl contained a use-after-free when
curl_easy_pause() was called within the event-based socket callback. A
remote attacker could possibly use this issue to cause a denial of service
or possibly execute arbitrary code. This issue only affected Ubuntu 25.10
and Ubuntu 26.04 LTS. (CVE-2026-9080)

Eunsoo Kim discovered that curl could send early data on a resumed TLS
session before enforcing certificate verification failure. A
machine-in-the-middle attacker could possibly use this issue to obtain
sensitive information. This issue only affected Ubuntu 25.10 and Ubuntu
26.04 LTS. (CVE-2026-9545)

Joshua Rogers discovered that curl did not properly reject host key
type mismatches when using the SSH key callback for SCP and SFTP
transfers. A machine-in-the-middle attacker could possibly use this
issue to impersonate a trusted server. This issue only affected Ubuntu
22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS.
(CVE-2026-9547)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
curl 8.18.0-1ubuntu2.2
libcurl3t64-gnutls 8.18.0-1ubuntu2.2
libcurl4-gnutls-dev 8.18.0-1ubuntu2.2
libcurl4-openssl-dev 8.18.0-1ubuntu2.2
libcurl4t64 8.18.0-1ubuntu2.2

Ubuntu 25.10
curl 8.14.1-2ubuntu1.4
libcurl3t64-gnutls 8.14.1-2ubuntu1.4
libcurl4-gnutls-dev 8.14.1-2ubuntu1.4
libcurl4-openssl-dev 8.14.1-2ubuntu1.4
libcurl4t64 8.14.1-2ubuntu1.4

Ubuntu 24.04 LTS
curl 8.5.0-2ubuntu10.10
libcurl3t64-gnutls 8.5.0-2ubuntu10.10
libcurl4-gnutls-dev 8.5.0-2ubuntu10.10
libcurl4-openssl-dev 8.5.0-2ubuntu10.10
libcurl4t64 8.5.0-2ubuntu10.10

Ubuntu 22.04 LTS
curl 7.81.0-1ubuntu1.25
libcurl3-gnutls 7.81.0-1ubuntu1.25
libcurl3-nss 7.81.0-1ubuntu1.25
libcurl4 7.81.0-1ubuntu1.25
libcurl4-gnutls-dev 7.81.0-1ubuntu1.25
libcurl4-nss-dev 7.81.0-1ubuntu1.25
libcurl4-openssl-dev 7.81.0-1ubuntu1.25

Ubuntu 20.04 LTS
curl 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro
libcurl3-gnutls 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro
libcurl3-nss 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro
libcurl4 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro
libcurl4-gnutls-dev 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro
libcurl4-nss-dev 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro
libcurl4-openssl-dev 7.68.0-1ubuntu2.25+esm4
Available with Ubuntu Pro

Ubuntu 18.04 LTS
curl 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro
libcurl3-gnutls 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro
libcurl3-nss 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro
libcurl4 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro
libcurl4-gnutls-dev 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro
libcurl4-nss-dev 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro
libcurl4-openssl-dev 7.58.0-2ubuntu3.24+esm9
Available with Ubuntu Pro

Ubuntu 16.04 LTS
curl 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro
libcurl3 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro
libcurl3-gnutls 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro
libcurl3-nss 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro
libcurl4-gnutls-dev 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro
libcurl4-nss-dev 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro
libcurl4-openssl-dev 7.47.0-1ubuntu2.19+esm16
Available with Ubuntu Pro

Ubuntu 14.04 LTS
curl 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro
libcurl3 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro
libcurl3-gnutls 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro
libcurl3-nss 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro
libcurl4-gnutls-dev 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro
libcurl4-nss-dev 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro
libcurl4-openssl-dev 7.35.0-1ubuntu2.20+esm20
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8487-1
CVE-2026-8286, CVE-2026-8458, CVE-2026-8924, CVE-2026-8925,
CVE-2026-8926, CVE-2026-8927, CVE-2026-9079, CVE-2026-9080,
CVE-2026-9545, CVE-2026-9547

Package Information:
https://launchpad.net/ubuntu/+source/curl/8.18.0-1ubuntu2.2
https://launchpad.net/ubuntu/+source/curl/8.14.1-2ubuntu1.4
https://launchpad.net/ubuntu/+source/curl/8.5.0-2ubuntu10.10
https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.25