=========================================================================
Ubuntu Security Notice USN-7486-1
May 06, 2025

libfcgi vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

FastCGI could be made to crash or execute arbitrary code.

Software Description:
- libfcgi: FastCGI bridge from CGI

Details:

It was discovered that FastCGI incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libfcgi0t64                     2.4.2-2.1ubuntu0.25.04.1

Ubuntu 24.10
  libfcgi0t64                     2.4.2-2.1ubuntu0.24.10.1

Ubuntu 24.04 LTS
  libfcgi0t64                     2.4.2-2.1ubuntu0.24.04.1

Ubuntu 22.04 LTS
  libfcgi0ldbl                    2.4.2-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7486-1
  CVE-2025-23016

Package Information:
  https://launchpad.net/ubuntu/+source/libfcgi/2.4.2-2.1ubuntu0.25.04.1
  https://launchpad.net/ubuntu/+source/libfcgi/2.4.2-2.1ubuntu0.24.10.1
  https://launchpad.net/ubuntu/+source/libfcgi/2.4.2-2.1ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/libfcgi/2.4.2-2ubuntu0.1