Vulnerabilities
Canonical issues Ubuntu security updates for key vulnerabilities
Canonical has released several security updates for Ubuntu, addressing flaws in fetchmail, Go cryptography libraries, and Linux kernels used in Oracle Cloud and AWS environments. These patches, issued between October 23 and 24, 2025, fix issues that could lead to denial-of-service attacks, unauthorized access, and information leaks. The updates target critical components to enhance system stability and security.
CISA adds Oracle and other flaws to exploited vulnerabilities catalog
AI द्वारा रिपोर्ट किया गया
The U.S. Cybersecurity and Infrastructure Security Agency has added vulnerabilities from Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft Internet Explorer to its Known Exploited Vulnerabilities catalog. This action requires federal agencies to address these flaws by October 27, 2025, to mitigate risks from ongoing exploits. Among the additions is a critical Oracle vulnerability recently patched after exploitation by ransomware actors.
Canonical issues Ubuntu security updates for MuPDF, Redis, Samba, and more
Canonical has released several Ubuntu Security Notices addressing critical vulnerabilities in key open-source packages such as MuPDF, Redis, Samba, and Apache Subversion. These updates fix issues that could lead to denial-of-service attacks, data leaks, and remote code execution across multiple long-term support releases. The patches reinforce Ubuntu's commitment to system stability and security.
BIND and Unbound DNS resolvers disclose cache poisoning vulnerabilities
Developers of the widely used BIND DNS software have warned of two high-severity vulnerabilities that could enable cache poisoning attacks, similar to those revealed in 2008. Unbound, another DNS resolver, faces a related flaw reported by the same researchers. Patches for all issues became available on October 22, 2025.