Linux Security Roundup for Week 10, 2026: Multiple Distributions Release Critical Updates to Address Vulnerabilities

Security 10933 Published 2026-03-08 09:12 by Philipp Esselbach

News

Multiple Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, and Ubuntu Linux, have released security updates to address vulnerabilities in various packages. The updates include fixes for issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Linux systems. Different versions of each distribution have been updated with patches for CVEs ranging from moderate to important levels of severity. Users are advised to run the appropriate command, such as "sudo apt update" or "sudo dnf upgrade -y," to apply the updates and ensure their systems remain secure.

Linux Security Roundup for Week 10, 2026

A summary of the past week's security patches is provided below, addressing critical issues in major Linux platforms:

AlmaLinux

AlmaLinux has released several security updates to address vulnerabilities in various packages. The updates include fixes for issues such as stack-based buffer overflows and denial-of-service vulnerabilities in packages like gnutls, kernel, libpng, and skopeo. Additionally, multiple important security updates have been released for AlmaLinux 8, 9, and 10, addressing vulnerabilities in packages including container-tools, firefox, nginx, Thunderbird, and Go-rpm-macros. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities and fixing memory safety bugs.

Debian GNU/Linux

Debian has released several security updates to address vulnerabilities in various packages. The updates include fixes for issues such as arbitrary command execution via malformed images in the LXD package, denial of service or memory disclosure in PHP, and access to protected information and arbitrary code execution in the SPIP website engine. Additionally, multiple important security updates have been released for Debian GNU/Linux 12 (Bookworm) and 13 (Trixie), including updates for Firefox ESR and OpenJDK Java runtime. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities.

Fedora Linux

Fedora has released numerous security updates to address vulnerabilities in various packages, including Chromium Embedded Framework (CEF), NextCloud, Python, Erlang, Perl-Crypt-URandom, Keylime, APT, yt-dlp, coturn, and many others. The updates aim to fix issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Fedora systems. Multiple vulnerabilities have been addressed in different versions of Fedora, including 42, 43, and 44, with fixes for CVEs ranging from 2025-11083 to 2026-26331. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities.

Oracle Linux

Oracle Linux has released several security updates to address vulnerabilities in various packages, including golang-github-openprinting-ipp-usb, freerdp, protobuf, munge, grafana-pcp, ipset, 389-ds-base, numpy, buildah, podman, samba, pacemaker, containernetworking-plugins, skopeo, runc, and glibc. The updates aim to fix issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Oracle Linux systems. Multiple vulnerabilities have been addressed in different versions of Oracle Linux, including 10, 9, and 8, with fixes for CVEs ranging from 2025-61729 to others. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities.

Red Hat Enterprise Linux

Red Hat has released several security updates to address vulnerabilities in various packages, including yggdrasil, 389-ds-base, firefox, grafana, kernel, thunderbird, libpng, nginx, and many others. The updates aim to fix issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Red Hat Enterprise Linux systems. Multiple vulnerabilities have been addressed in different versions of RHEL, including 10 and earlier, with fixes for CVEs ranging from various scores to 5 or higher. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities.

Rocky Linux

Rocky Linux has released several important security updates to address vulnerabilities in various packages, including thunderbird, mingw-fontconfig, kernel-rt, gnutls, go-rpm-macros, udisks2, libpng, postgresql16, git-lfs, delve, and PostgreSQL. The updates aim to fix issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Rocky Linux systems. Multiple vulnerabilities have been addressed in different versions of Rocky Linux, including 10 and 8, with fixes for CVEs ranging from various scores to 5 or higher.

Slackware Linux

Slackware has released security updates to address vulnerabilities in python3 and nvi. The updates include a new version of python3 (version 3.9.25) with fixes for unknown issues, as well as an update for nvi which addresses heap-based buffer overflows and other security issues. These updates are designed to improve the overall security of Slackware systems by patching known vulnerabilities.

SUSE Linux

SUSE has released several security updates to address vulnerabilities in various packages. These updates include fixes for the Linux kernel, fluidsynth, libsoup, govulncheck-vulndb, busybox, freerdp, python311, postgresql15, and many others. The updates aim to fix issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of SUSE Linux systems. Multiple vulnerabilities have been addressed in different versions of SUSE, including openSUSE Leap 15 and other products, with fixes for CVEs ranging from moderate to important levels of severity. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities.

Ubuntu Linux

Ubuntu has released several security updates to address vulnerabilities in various packages. These updates include fixes for Mailman and Git, as well as Linux kernel vulnerabilities, curl vulnerabilities, Intel Microcode vulnerability, and other issues affecting ImageMagick, PostgreSQL, NSS, QEMU, GIMP, NSS, Zutty, less, Qt, and Bleach. The updates aim to fix issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Ubuntu systems. Multiple vulnerabilities have been addressed in different versions of Ubuntu, with fixes for various levels of severity. These updates are designed to improve the overall security of the operating system by patching known vulnerabilities.

How to upgrade packages

This quick overview shows exactly what commands you need to run so the latest security patches and bug fixes actually make it onto your system without hunting down individual .deb or .rpm files.

Debian/Ubuntu (apt)

The first thing to do is refresh the local package index; running sudo apt update contacts all configured repositories and pulls in the newest lists of available versions. Skipping this step leaves the system blind to any recent uploads, which explains why “upgrade” sometimes claims there’s nothing to do even after a security advisory has been published. Once the index is current, invoke sudo apt upgrade -y; the -y flag answers every prompt automatically so the process doesn’t pause for user input. This command upgrades all installed packages that have newer versions in the repositories while preserving configuration files.

sudo apt update
sudo apt upgrade -y

Fedora/RedHat/Rocky/Alma/Oracle (dnf or yum)

On modern Fedora and recent Red Hat derivatives, dnf is the package manager; older RHEL releases still rely on yum. Begin with a check‑update operation—sudo dnf check-update or sudo yum check-update—to see exactly which packages are awaiting an upgrade. This preview step can be useful for spotting unexpected kernel bumps before they land. To actually apply the updates, run sudo dnf upgrade -y (or sudo yum update if you prefer the older tool). The upgrade command pulls down the new binaries and runs any necessary post‑install scripts, such as rebuilding initramfs when a kernel changes.

sudo dnf check-update
sudo dnf upgrade -y

or on older releases

sudo yum check-update
sudo yum update

SUSE (zypper)

SUSE’s command line front‑end is called zypper. First execute sudo zypper refresh so that the metadata for all enabled repos gets updated; without this, zypper will happily report “No updates available” even though newer packages sit on the mirror. After a fresh refresh, issue sudo zypper update -y; this upgrades every package to the latest version in the configured repositories and automatically handles service restarts when required.

sudo zypper refresh
sudo zypper update -y

Slackware (slackpkg and pkgtool)

Slackware doesn’t have a single unified updater, but the official way to pull updates is through slackpkg. Start with sudo slackpkg update to download the newest package list from the chosen mirror. Then run sudo slackpkg upgrade-all; this command walks through each installed package and replaces it with the most recent build available in the official repository. For users who prefer a more granular approach, specifying a package name after upgrade limits the operation to that single item. When dealing with community‑maintained repositories, pkgtool takes over: a combined sudo pkgtool update && sudo pkgtool upgrade will sync and apply updates from the mirrors listed in /etc/slackpkg/mirrors.

sudo slackpkg update
sudo slackpkg upgrade-all

NanaZip 6.0 Update 2: Dark‑Mode Crash Fixes, DLL Removal, and Buffer‑Overflow Patch