Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux.

AlmaLinux

• ALSA-2025:3937: kernel security update (Moderate)
• ALSA-2025:4025: libxslt security update (Important)
• ALSA-2025:3845: java-1.8.0-openjdk security update (Moderate)
• ALSA-2025:3845: java-1.8.0-openjdk security update (Moderate)
• ALSA-2025:3997: mod_auth_openidc:2.3 security update (Important)
• ALSA-2025:3974: webkit2gtk3 security update (Important)
• ALSA-2025:3082: postgresql:12 security update (Important)
• ALSA-2025:3913: expat security update (Moderate)
• ALSA-2025:4043: bluez security update (Moderate)
• ALSA-2025:4169: thunderbird security update (Important)
• ALSA-2025:4170: thunderbird security update (Important)

Debian GNU/Linux

• [DSA 5906-1] erlang security update
• [DLA 4132-1] erlang security update
• ELA-1399-1 wget security update
• ELA-1401-1 transfig security update
• ELA-1400-1 fig2dev security update
• [DLA 4134-1] fig2dev security update
• [DLA 4133-1] wget security update
• ELA-1402-1 libxstream-java security update
• ELA-1403-1 libsndfile security update
• ELA-1405-1 erlang security update
• ELA-1404-1 hiredis security update
• [DLA 4135-1] haproxy security update
• [DLA 4136-1] openrazer security update
• [DLA 4137-1] libbpf security update
• ELA-1406-1 distro-info-data database update
• ELA-1407-1 imagemagick security update
• ELA-1408-1 curl security update
• [DLA 4138-1] distro-info-data database update
• [DLA 4139-1] imagemagick security update

Fedora Linux

• Fedora 42 Update: chromium-135.0.7049.95-1.fc42
• Fedora 42 Update: rpki-client-9.5-1.fc42
• Fedora 42 Update: python-notebook-7.4.0-1.fc42
• Fedora 42 Update: prometheus-podman-exporter-1.16.0-1.fc42
• Fedora 42 Update: jupyterlab-4.4.0-1.fc42
• Fedora 40 Update: rpki-client-9.5-1.fc40
• Fedora 40 Update: rust-writeable-0.5.5-3.fc40
• Fedora 40 Update: uv-0.6.14-3.fc40
• Fedora 40 Update: jupyterlab-4.4.0-1.fc40
• Fedora 40 Update: rust-utf16_iter-1.0.5-1.fc40
• Fedora 40 Update: rust-zip-2.6.1-1.fc40
• Fedora 40 Update: rust-tinystr-0.7.6-4.fc40
• Fedora 40 Update: rust-zerovec-0.10.4-4.fc40
• Fedora 40 Update: python-notebook-7.4.0-1.fc40
• Fedora 40 Update: rust-url-2.5.4-1.fc40
• Fedora 40 Update: rust-sequoia-openpgp-2.0.0-2.fc40
• Fedora 40 Update: rust-version-ranges-0.1.1-2.fc40
• Fedora 40 Update: rust-idna_adapter-1.2.0-1.fc40
• Fedora 40 Update: rust-idna-1.0.3-1.fc40
• Fedora 40 Update: rust-icu_normalizer-1.5.0-2.fc40
• Fedora 40 Update: rust-write16-1.0.0-1.fc40
• Fedora 40 Update: rust-icu_properties_data-1.5.1-1.fc40
• Fedora 40 Update: rust-icu_properties-1.5.1-1.fc40
• Fedora 40 Update: rust-sequoia-openpgp1-1.22.0-2.fc40
• Fedora 40 Update: rust-icu_locid-1.5.0-2.fc40
• Fedora 40 Update: rust-ron-0.9.0-1.fc40
• Fedora 40 Update: rust-icu_locid_transform-1.5.0-1.fc40
• Fedora 40 Update: rust-litemap-0.7.3-5.fc40
• Fedora 40 Update: rust-gstreamer-0.23.5-2.fc40
• Fedora 40 Update: rust-icu_collections-1.5.0-3.fc40
• Fedora 40 Update: rust-icu_normalizer_data-1.5.1-1.fc40
• Fedora 40 Update: rust-icu_locid_transform_data-1.5.1-1.fc40
• Fedora 40 Update: rust-gitui-0.26.3-6.fc40
• Fedora 40 Update: rust-icu_provider_macros-1.5.0-1.fc40
• Fedora 40 Update: rust-adblock-0.9.6-1.fc40
• Fedora 40 Update: rust-icu_provider-1.5.0-1.fc40
• Fedora 40 Update: rust-cookie_store-0.21.1-1.fc40
• Fedora 40 Update: python-pydantic-core-2.20.1-3.fc40
• Fedora 41 Update: giflib-5.2.2-6.fc41
• Fedora 41 Update: perl-Devel-Cover-1.44-4.fc41
• Fedora 41 Update: perl-PAR-Packer-1.063-5.fc41
• Fedora 41 Update: perl-5.40.2-515.fc41
• Fedora 41 Update: rpki-client-9.5-1.fc41
• Fedora 41 Update: ruby-3.3.8-19.fc41
• Fedora 41 Update: python-notebook-7.4.0-1.fc41
• Fedora 41 Update: prometheus-podman-exporter-1.16.0-1.fc41
• Fedora 41 Update: jupyterlab-4.4.0-1.fc41
• Fedora 41 Update: rust-zerovec-0.10.4-4.fc41
• Fedora 41 Update: c-ares-1.34.5-1.fc41
• Fedora 41 Update: rust-writeable-0.5.5-3.fc41
• Fedora 41 Update: rust-write16-1.0.0-1.fc41
• Fedora 41 Update: rust-version-ranges-0.1.1-2.fc41
• Fedora 41 Update: rust-url-2.5.4-1.fc41
• Fedora 41 Update: rust-zip-2.6.1-1.fc41
• Fedora 41 Update: uv-0.6.14-3.fc41
• Fedora 41 Update: rust-sequoia-openpgp1-1.22.0-2.fc41
• Fedora 41 Update: rust-utf16_iter-1.0.5-1.fc41
• Fedora 41 Update: rust-idna-1.0.3-1.fc41
• Fedora 41 Update: rust-icu_provider_macros-1.5.0-1.fc41
• Fedora 41 Update: rust-tinystr-0.7.6-4.fc41
• Fedora 41 Update: rust-sequoia-openpgp-2.0.0-2.fc41
• Fedora 41 Update: rust-ron-0.9.0-1.fc41
• Fedora 41 Update: rust-icu_normalizer_data-1.5.1-1.fc41
• Fedora 41 Update: rust-idna_adapter-1.2.0-1.fc41
• Fedora 41 Update: rust-icu_provider-1.5.0-1.fc41
• Fedora 41 Update: rust-litemap-0.7.3-5.fc41
• Fedora 41 Update: rust-icu_locid-1.5.0-2.fc41
• Fedora 41 Update: rust-gstreamer-0.23.5-2.fc41
• Fedora 41 Update: rust-icu_properties_data-1.5.1-1.fc41
• Fedora 41 Update: rust-gitui-0.26.3-6.fc41
• Fedora 41 Update: rust-icu_properties-1.5.1-1.fc41
• Fedora 41 Update: rust-icu_normalizer-1.5.0-2.fc41
• Fedora 41 Update: rust-icu_locid_transform-1.5.0-1.fc41
• Fedora 41 Update: rust-icu_locid_transform_data-1.5.1-1.fc41
• Fedora 41 Update: rust-icu_collections-1.5.0-3.fc41
• Fedora 41 Update: rust-cookie_store-0.21.1-1.fc41
• Fedora 41 Update: rust-adblock-0.9.6-1.fc41
• Fedora 41 Update: python-pydantic-core-2.27.2-5.fc41
• Fedora 42 Update: moodle-4.5.4-1.fc42
• Fedora 42 Update: openiked-7.4-2.fc42
• Fedora 42 Update: trafficserver-10.0.5-1.fc42
• Fedora 42 Update: mingw-poppler-24.08.0-4.fc42
• Fedora 40 Update: mingw-poppler-24.02.0-5.fc40
• Fedora 40 Update: c-ares-1.34.5-1.fc40
• Fedora 41 Update: mingw-poppler-24.02.0-5.fc41
• Fedora 42 Update: pgbouncer-1.24.1-2.fc42
• Fedora 42 Update: mingw-libsoup-2.74.3-11.fc42
• Fedora 40 Update: pgbouncer-1.24.1-2.fc40
• Fedora 40 Update: ImageMagick-7.1.1.47-1.fc40
• Fedora 40 Update: golang-github-openprinting-ipp-usb-0.9.30-4.fc40
• Fedora 40 Update: mingw-libsoup-2.74.3-11.fc40
• Fedora 41 Update: pgbouncer-1.24.1-2.fc41
• Fedora 41 Update: ImageMagick-7.1.1.47-1.fc41
• Fedora 41 Update: mingw-libsoup-2.74.3-11.fc41
• Fedora 40 Update: chromium-135.0.7049.114-1.fc40
• Fedora 42 Update: xz-5.8.1-2.fc42
• Fedora 42 Update: chromium-135.0.7049.114-1.fc42
• Fedora 41 Update: chromium-135.0.7049.114-1.fc41
• Fedora 41 Update: pgadmin4-9.2-1.fc41
• Fedora 41 Update: java-1.8.0-openjdk-portable-1.8.0.452.b06-2.fc39
• Fedora 41 Update: java-17-openjdk-portable-17.0.15.0.6-1.fc40
• Fedora 41 Update: java-1.8.0-openjdk-1.8.0.452.b06-1.fc41
• Fedora 41 Update: java-17-openjdk-17.0.15.0.6-1.fc41
• Fedora 41 Update: java-latest-openjdk-24.0.1.0.9-1.rolling.fc41
• Fedora 40 Update: java-1.8.0-openjdk-1.8.0.452.b06-1.fc40
• Fedora 40 Update: java-latest-openjdk-24.0.1.0.9-1.rolling.fc40
• Fedora 40 Update: thunderbird-128.9.2-1.fc40
• Fedora 42 Update: java-latest-openjdk-24.0.1.0.9-1.rolling.fc42

Oracle Linux

• ELSA-2025-4063 Moderate: Oracle Linux 8 ruby:3.1 security update
• ELSA-2025-4051 Moderate: Oracle Linux 8 gnutls security update
• ELSA-2025-4049 Moderate: Oracle Linux 8 libtasn1 security update
• ELSA-2025-4048 Moderate: Oracle Linux 8 xmlrpc-c security update
• ELSA-2025-3997 Important: Oracle Linux 8 mod_auth_openidc:2.3 security update
• ELSA-2025-3367 Important: Oracle Linux 8 grub2 security update
• ELEA-2025-4058 Oracle Linux 8 gcc-toolset-14-binutils bug fix and enhancement update
• ELBA-2025-4064 Oracle Linux 8 389-ds:1.4 bug fix and enhancement update
• ELBA-2025-4062 Oracle Linux 8 frr bug fix update
• ELBA-2025-4061 Oracle Linux 8 keepalived bug fix update
• ELBA-2025-4060 Oracle Linux 8 tigervnc bug fix and enhancement update
• ELBA-2025-4059 Oracle Linux 8 idm:DL1 bug fix and enhancement update
• ELBA-2025-4057 Oracle Linux 8 vinagre bug fix update
• ELBA-2025-4056 Oracle Linux 8 nodejs:22 bug fix and enhancement update
• ELBA-2025-4055 Oracle Linux 8 nodejs:20 bug fix and enhancement update
• ELBA-2025-4054 Oracle Linux 8 nodejs:18 bug fix and enhancement update
• ELBA-2025-4052 Oracle Linux 8 mod_security_crs bug fix update
• ELBA-2025-4050 Oracle Linux 8 autofs bug fix update
• ELBA-2025-4047 Oracle Linux 8 samba bug fix update
• ELBA-2025-4045 Oracle Linux 8 systemd bug fix update
• ELBA-2025-20281 Oracle Linux 8 libcgroup-original bug fix update
• ELBA-2025-4044 Oracle Linux 8 device-mapper-multipath bug fix update
• ELBA-2025-20280 Oracle Linux 8 crash bug fix update
• ELSA-2025-3628 Important: Oracle Linux 7 firefox security update
• ELSA-2025-4170 Important: Oracle Linux 8 thunderbird security update
• ELSA-2025-4043 Moderate: Oracle Linux 8 bluez security update
• ELBA-2025-4071 Oracle Linux 9 osbuild-composer bug fix and enhancement update
• ELBA-2025-20279 Oracle Linux 9 iscsi-initiator-utils bug fix update
• ELSA-2025-4025 Important: Oracle Linux 9 libxslt security update
• ELBA-2025-20277 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
• ELBA-2025-20277 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update
• ELBA-2025-20277 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update
• ELSA-2025-4169 Important: Oracle Linux 9 thunderbird security update
• ELBA-2025-20280 Oracle Linux 9 crash bug fix update
• ELBA-2025-4033 Oracle Linux 9 nbdkit bug fix update
• ELBA-2025-20282 Oracle Linux 9 oracle-database-preinstall-23ai bug fix update

Red Hat Enterprise Linux

• RHSA-2025:4018: Important: OpenShift Container Platform 4.18.10 security and extras update
• RHSA-2025:4019: Important: OpenShift Container Platform 4.18.10 bug fix and security update
• RHSA-2025:4063: Moderate: ruby:3.1 security update
• RHSA-2025:4098: Important: libxslt security update
• RHSA-2025:4128: Important: mod_auth_openidc:2.3 security update
• RHSA-2025:4027: Important: thunderbird security update
• RHSA-2025:4031: Important: thunderbird security update
• RHSA-2025:4028: Important: thunderbird security update
• RHSA-2025:4008: Important: OpenShift Container Platform 4.16.39 bug fix and security update
• RHSA-2025:4007: Important: OpenShift Container Platform 4.16.39 security and extras update
• RHSA-2025:4012: Important: OpenShift Container Platform 4.17.26 bug fix and security update
• RHSA-2025:3997: Important: mod_auth_openidc:2.3 security update
• RHSA-2025:4025: Important: libxslt security update
• RHSA-2025:4049: Moderate: libtasn1 security update
• RHSA-2025:4048: Moderate: xmlrpc-c security update
• RHSA-2025:4043: Moderate: bluez security update
• RHSA-2025:4051: Moderate: gnutls security update
• RHSA-2025:4029: Important: thunderbird security update
• RHSA-2025:4026: Important: thunderbird security update
• RHSA-2025:4030: Important: thunderbird security update
• RHSA-2025:4032: Important: thunderbird security update
• RHSA-2025:4039: Important: virtuoso-opensource security update
• RHSA-2025:4170: Important: thunderbird security update
• RHSA-2025:4169: Important: thunderbird security update
• RHSA-2025:4192: Important: mod_auth_openidc:2.3 security update
• RHSA-2025:4187: Moderate: Red Hat OpenStack Platform 17.1 (python-django) security update

SUSE Linux

• openSUSE-SU-2025:0133-1: important: Security update for chromium
• SUSE-SU-2025:1356-1: critical: Security update for erlang26
• SUSE-SU-2025:1357-1: critical: Security update for erlang
• SUSE-SU-2025:1359-1: moderate: Security update for govulncheck-vulndb
• openSUSE-SU-2025:15012-1: moderate: ffmpeg-6-6.1.2-4.1 on GA media
• openSUSE-SU-2025:15011-1: moderate: epiphany-48.1-1.1 on GA media
• openSUSE-SU-2025:15013-1: moderate: gopass-1.15.16-1.1 on GA media
• openSUSE-SU-2025:15015-1: moderate: libsoup-3_0-0-3.6.5-2.1 on GA media
• openSUSE-SU-2025:15018-1: moderate: libsoup-2_4-1-2.74.3-8.1 on GA media
• openSUSE-SU-2025:15019-1: moderate: libxml2-2-2.13.8-1.1 on GA media
• openSUSE-SU-2025:15017-1: moderate: govulncheck-vulndb-0.0.20250422T181640-1.1 on GA media
• SUSE-SU-2025:1366-1: important: Security update for MozillaThunderbird
• SUSE-SU-2025:1367-1: moderate: Security update for glib2
• SUSE-SU-2025:1365-1: moderate: Security update for mozjs60
• SUSE-SU-2025:1369-1: important: Security update for ruby2.5
• SUSE-SU-2025:1370-1: important: Security update for govulncheck-vulndb
• openSUSE-SU-2025:15022-1: moderate: java-11-openjdk-11.0.27.0-1.1 on GA media
• openSUSE-SU-2025:15024-1: moderate: java-21-openjdk-21.0.7.0-1.1 on GA media
• openSUSE-SU-2025:15021-1: moderate: augeas-1.14.1-2.1 on GA media
• openSUSE-SU-2025:15030-1: moderate: opentofu-1.9.1-1.1 on GA media
• openSUSE-SU-2025:15029-1: moderate: kyverno-1.14.0-1.1 on GA media
• openSUSE-SU-2025:15027-1: moderate: chromedriver-135.0.7049.95-1.1 on GA media

Ubuntu Linux

• [USN-7440-1] ImageMagick regression
• [USN-7441-1] Eclipse Mosquitto vulnerabilities
• [USN-7444-1] Synapse vulnerabilities
• [USN-7402-5] Linux kernel (GCP) vulnerabilities
• [USN-7445-1] Linux kernel vulnerabilities
• [USN-7431-2] HAProxy vulnerability
• [USN-7443-2] Erlang vulnerability
• [USN-7447-1] Yelp vulnerability
• [USN-7434-2] Perl vulnerability
• [USN-7449-1] Linux kernel vulnerabilities
• [USN-7448-1] Linux kernel vulnerabilities
• [USN-7454-1] libarchive vulnerabilities
• [USN-7453-1] Linux kernel (Real-time) vulnerabilities
• [USN-7446-1] mod_auth_openidc vulnerability
• [USN-7452-1] Linux kernel vulnerabilities
• [USN-7451-1] Linux kernel vulnerabilities
• [USN-7455-3] Linux kernel (Real-time) vulnerabilities
• [USN-7455-2] Linux kernel (FIPS) vulnerabilities
• [USN-7455-1] Linux kernel vulnerabilities
• [USN-7461-1] Linux kernel vulnerabilities
• [USN-7457-1] OpenSSH vulnerability
• [USN-7460-1] Linux kernel (Azure FIPS) vulnerabilities
• [USN-7459-1] Linux kernel (Intel IoTG) vulnerabilities
• [USN-7449-2] Linux kernel (HWE) vulnerabilities
• [USN-7462-2] Linux kernel (AWS FIPS) vulnerabilities
• [USN-7456-1] Twig vulnerabilities
• [USN-7455-4] Linux kernel (Oracle) vulnerabilities