ubuntu jammy v1.1028

Metadata:

BOSH Agent Version: 2.799.0
Kernel Version: 5.15.0.164.159

What Changed?

Full Changelog: ubuntu-jammy/v1.1018...ubuntu-jammy/v1.1028

USNs:

Title: USN-7951-1 -- Python vulnerability
URL: https://ubuntu.com/security/notices/USN-7951-1
Priorities: medium
Description:
It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP responses. A malicious server could exploit this to cause Python to allocate excessive memory, leading to a denial of service. Update Instructions: Run sudo pro fix USN-7951-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.10 - 3.10.12-122.04.13 libpython3.10 - 3.10.12-122.04.13 libpython3.10-dev - 3.10.12-122.04.13 libpython3.10-minimal - 3.10.12-122.04.13 libpython3.10-stdlib - 3.10.12-122.04.13 libpython3.10-testsuite - 3.10.12-122.04.13 python3.10 - 3.10.12-122.04.13 python3.10-dev - 3.10.12-122.04.13 python3.10-doc - 3.10.12-122.04.13 python3.10-examples - 3.10.12-122.04.13 python3.10-full - 3.10.12-122.04.13 python3.10-minimal - 3.10.12-122.04.13 python3.10-nopie - 3.10.12-122.04.13 python3.10-venv - 3.10.12-122.04.13 No subscription required idle-python3.11 - 3.11.0rc1-122.04.1esm7 libpython3.11 - 3.11.0rc1-122.04.1esm7 libpython3.11-dev - 3.11.0rc1-122.04.1esm7 libpython3.11-minimal - 3.11.0rc1-122.04.1esm7 libpython3.11-stdlib - 3.11.0rc1-122.04.1esm7 libpython3.11-testsuite - 3.11.0rc1-122.04.1esm7 python3.11 - 3.11.0rc1-122.04.1esm7 python3.11-dev - 3.11.0rc1-122.04.1esm7 python3.11-doc - 3.11.0rc1-122.04.1esm7 python3.11-examples - 3.11.0rc1-122.04.1esm7 python3.11-full - 3.11.0rc1-122.04.1esm7 python3.11-minimal - 3.11.0rc1-122.04.1esm7 python3.11-nopie - 3.11.0rc1-122.04.1esm7 python3.11-venv - 3.11.0rc1-122.04.1esm7 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2025-13836

Title: USN-7954-1 -- Libtasn1 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7954-1
Priorities: low,medium
Description:
It was discovered that Libtasn1 incorrectly handled decoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. (CVE-2025-13151) It was discovered that Libtasn1 incorrectly handled encoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-46848) Update Instructions: Run sudo pro fix USN-7954-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtasn1-6 - 4.18.0-4ubuntu0.2 libtasn1-6-dev - 4.18.0-4ubuntu0.2 libtasn1-bin - 4.18.0-4ubuntu0.2 libtasn1-doc - 4.18.0-4ubuntu0.2 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2021-46848
• https://ubuntu.com/security/CVE-2025-13151

Title: USN-7959-1 -- klibc vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7959-1
Priorities: low
Description:
It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Update Instructions: Run sudo pro fix USN-7959-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: klibc-utils - 2.0.10-4ubuntu0.2 libklibc - 2.0.10-4ubuntu0.2 libklibc-dev - 2.0.10-4ubuntu0.2 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2016-9843

Title: USN-7963-1 -- libpng vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7963-1
Priorities: medium
Description:
It was discovered that the libpng simplified API incorrectly processed palette PNG images with partial transparency and gamma correction. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service. (CVE-2025-66293) Petr Simecek, Stanislav Fort and Pavel Kohout discovered that the libpng simplified API incorrectly processed interlaced 16-bit PNGs with 8-bit output format and non-minimal row strides. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service. (CVE-2026-22695) Cosmin Truta discovered that the libpng simplified API incorrectly handled invalid row strides. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service. (CVE-2026-22801) Update Instructions: Run sudo pro fix USN-7963-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpng-dev - 1.6.37-3ubuntu0.3 libpng-tools - 1.6.37-3ubuntu0.3 libpng16-16 - 1.6.37-3ubuntu0.3 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2026-22695
• https://ubuntu.com/security/CVE-2025-66293
• https://ubuntu.com/security/CVE-2026-22801