USN-6744-3: Pillow vulnerability ›
29 April 2024
Pillow could be made to crash or run programs as an administrator if it opened a specially crafted file.
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
29 April 2024
Pillow could be made to crash or run programs as an administrator if it opened a specially crafted file.
29 April 2024
Several security issues were fixed in libvirt.
29 April 2024
Several security issues were fixed in GnuTLS.
29 April 2024
Several security issues were fixed in curl.
29 April 2024
Several security issues were fixed in Apache HTTP Server.
29 April 2024
GNU C Library could be made to crash or run programs if it processed specially crafted data.
29 April 2024
GNU cpio could be made to write files outside the target directory.
29 April 2024
less could be made run programs as your login if it opened a specially crafted file.
25 April 2024
Several security issues were fixed in nghttp2.
CVE-2024-28182 , CVE-2019-9511 , CVE-2019-9513 , and 1 other
25 April 2024
CryptoJS could be made to expose sensitive information.