========================================================================== Ubuntu Security Notice USN-8019-1 February 05, 2026
tracker-miners vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: tracker-miners could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - tracker-miners: Metadata database, indexer and search tool Details: Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 tracker-extract 3.8.2-4ubuntu2.1 Ubuntu 24.04 LTS tracker-extract 3.7.1-1ubuntu0.1 Ubuntu 22.04 LTS tracker-extract 3.3.3-0ubuntu0.20.04.4 After a standard system update you need to restart your session to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8019-1 CVE-2026-1764, CVE-2026-1765, CVE-2026-1766, CVE-2026-1767 Package Information: https://launchpad.net/ubuntu/+source/tracker-miners/3.8.2-4ubuntu2.1 https://launchpad.net/ubuntu/+source/tracker-miners/3.7.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/tracker-miners/3.3.3-0ubuntu0.20.04.4
signature.asc
Description: OpenPGP digital signature
