Here is a roundup of this week's security updates, including Open-VM-Tools, Kernel, GnuTLS, Dovecot, FreeIPA, Git, and others. These updates aim to patch vulnerabilities and prevent potential security risks such as arbitrary code execution or denial of service across different versions of various Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. The severity of the kernel updates is classified as moderate in some cases, while others have been rated as having an important or critical security impact by the respective distribution's product security teams.

Here is a roundup of last week's security updates for multiple Linux distributions to address vulnerabilities in various packages. These updates include fixes for potential crashes, use-after-free bugs, integer buffer overflows, denial-of-service issues, and privilege escalation in distributions such as AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. The updates aim to improve system security and stability by addressing vulnerabilities in browsers, databases, file systems, HTTP servers, kernel modules, libraries, and other components. Users are advised to upgrade their packages to the latest versions to ensure the security and stability of their systems.

The OWASP CRS 4.19.0 has been released, providing enhanced protection against a wide array of web attacks through its integration with ModSecurity or compatible web application firewalls. This update includes several new features and detections to improve the system's security capabilities, as well as fixes to address issues with LFI rules, generic SQLSTATE error codes, and false positives. The release also includes adjustments to enhance the efficiency of regex cleanup and reduce false positives triggered by PHP response rules.

IPFire 2.29 - Core Update 198 has been released for testing, bringing significant improvements to the IPFire Intrusion Prevention System (IPS) and an upgraded toolchain. The enhanced IPS now offers advanced reporting capabilities, including real-time email notifications, scheduled PDF reports, and remote syslog forwarding, which dramatically enhance its auditability and accountability. Additionally, the update includes an upgrade to Suricata 8.0.1, caching for compiled rules, sturdier memory handling, and expanded protocol support. The update also fixes several security issues, including those resolved by Intel's new microcode and updates made to GRUB, which makes IPFire's defenses against possible threats even stronger.

Here is a roundup of Linux distributions' security updates from last week, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux (RHEL), Slackware Linux, and SUSE Linux, with Ubuntu also releasing multiple security notices. The updates address various vulnerabilities, including denial-of-service attacks, privilege escalation, SQL injection, and heap buffer overflows in packages such as kernel, Firefox, Thunderbird, Chromium, and more. Many of the updates aim to improve the overall security and stability of the respective distributions by fixing issues like memory leaks, out-of-bounds reads, and side-channel information leakage. The severity ratings for these vulnerabilities range from moderate to critical, indicating potential risks if not patched, and users are advised to update their systems as soon as possible to ensure protection against potential attacks.

Here is a roundup of last week's security updates for Linux distributions that address various vulnerabilities across their systems, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates cover multiple components such as kernel fixes, container tools, and packages like Python-cryptography, GnuTLS, OpenTelemetry-collector, MySQL, and Firefox to improve the overall security of the systems. The vulnerabilities addressed range from potential denial-of-service attacks to arbitrary code execution, with some identified in critical components like the Linux kernel. 

IPFire 2.29 - Core Update 197 has been released, marking a significant milestone for this professional-grade open-source firewall and security platform. The update includes a comprehensive overhaul of OpenVPN to version 2.6, bringing improved security, client compatibility, and codebase modernization, as well as fine-tuned system performance to reduce energy consumption while maintaining lightning-fast speed. Additionally, IPFire has been rebased on Linux 6.12.41, features new mitigations against Transient Scheduler Attacks, and includes numerous package upgrades and add-on updates. 

Here is a roundup of last week's security updates for AlmaLinux, Debian, Fedora, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates cover multiple components such as kernels, OpenSSL, MySQL, PHP, Python, and more, with some addressing critical vulnerabilities that could lead to denial-of-service attacks, privilege escalation, or arbitrary code execution. The severity of the updates varies, with some classified as important, moderate, or critical, depending on the potential impact and risk posed by the vulnerabilities. Overall, these security updates aim to enhance the overall security and stability of the Linux distributions across different versions, mitigating potential threats and protecting users from exploitation.

Here is a roundup of last week's security updates for various packages, including PostgreSQL, Python, HTTPD, OpenVPN, Libcommons-Lang-Java, and others. The distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux. The updates address various issues, such as memory leaks, out-of-bounds reads, low-severity CVEs, denial-of-service, or arbitrary code execution issues, to ensure the security and stability of the operating system.

The OWASP Community Repository (CRS) has released version 4.18.0, featuring enhanced security features and threat detection capabilities. The update includes new rules to detect malicious attacks on web applications protected by ModSecurity or similar firewalls, such as SSH command detection and support for 'application/reports+json' content-type headers. Additionally, fixes have been implemented to remove unnecessary patterns, prevent false positives, and improve overall system accuracy. 

Here is a roundup of last week's security updates for various packages, including kernel, Firefox, Thunderbird, and PostgreSQL. These updates aim to fix issues such as memory leaks, denial-of-service attacks, arbitrary code execution, and use-after-free flaws to ensure system stability and prevent potential security risks. The distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.

Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.

Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Qubes OS, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux.

IPFire 2.29 - Core Update 197 is now available for testing, featuring a comprehensive update of OpenVPN, which has been upgraded to version 2.6. This update brings enhanced security, increased client compatibility, and a refined codebase. The update encompasses package enhancements aimed at bolstering system security and reliability. Significant updates encompass a consolidated client configuration export, cipher negotiation between the server and client, and the assignment of a unique IP address for each client. The web UI has been refined to enhance the configuration experience, and the code has been optimized for improved maintainability.

IPFire now sets its CPUs to default clock speeds to minimize power consumption and heat emission. Additional features encompass the capability to import configuration files utilizing Windows line breaks, the SSL fingerprint list sourced from abuse.ch, backup functionalities, a race condition, and a translation in Chinese. The IPFire kernel has been updated to Linux 6.12.41, incorporating new mitigations for Transient Scheduler Attacks. We invite contributions to support the development team and assist IPFire in its ongoing efforts to enhance security and functionality.

Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux.

A new version of OWASP CRS has been released, featuring a set of rules designed for detecting attacks through ModSecurity or comparable web application firewalls. This update includes notable changes, such as the removal of detection for LaTeX injection and the elimination of dot star.

Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, SUSE Linux, and Ubuntu Linux.

OWASP CRS 4.17.0, a collection of general rules for spotting attacks that work with ModSecurity or similar web application firewalls, has been released and features important updates, such as the removal of PCI DSS tags and the introduction of new features and detection methods. These include detection for ASP.NET errors, RCE via the Referer header, LaTeX injection, and Ruby errors. Other changes include fixing dot stars, using word boundaries, updating java-classes.data, and updating file uris.

Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.

IPFire 2.29 - Core Update 196 is now available, following the introduction of WireGuard. The update includes improvements to the IPFire kernel, updated toolchain, a modernised console, and bug and security fixes. The kernel has been rebased to Linux 6.12.34, bringing improved hardware support, performance, and security enhancements. GCC, IPFire's main compiler suite, has been updated to version 15. WireGuard connections are now displayed on the dashboard of the web user interface, making it easier to monitor VPN connections. Performance improvements from Linux 6.13 have been backported to IPFire's kernel, increasing TCP throughput over WireGuard tunnels. Researchers from Italy have also removed bottlenecks in the kernel that have limited throughput over multiple WireGuard tunnels. The text console has been modernized by migrating it to use the Linux Direct Rendering Manager (DRM), providing faster mode-setting, improved performance, and better support for multi-GPU and embedded graphics environments.