Security teams across major distributions including RHEL, Ubuntu, Debian, Fedora, and SUSE released a massive wave of patches this week targeting critical flaws in the Linux kernel, web stacks, and databases. The updates address dangerous vulnerabilities such as buffer overflows in PHP 8.2 and 8.4, arbitrary code execution in ImageMagick, and SQL injection in Sogo, with several advisories officially rated as critical. While Slackware kept the patch count lean with just three fixes, the broader ecosystem is pushing routine maintenance for container runtimes like Podman and runc alongside database engines like MariaDB and PostgreSQL. Administrators should prioritize applying kernel and glibc updates immediately, as these core components underpin most of the affected services across all distributions.
Weekly Linux Security Roundup: Critical Flaws Hit Kernels, Web Stacks, and Databases Across the Board
If your servers haven't run a package manager in the last seven days, stop what you're doing and apply the patch. Security teams at AlmaLinux, Debian, Fedora, Oracle, RHEL, Rocky, SUSE, Slackware, and Ubuntu all dropped critical advisories this week. The targets cover everything from the Linux kernel to container runtimes, and if you're running any modern production stack, you're probably in the crosshairs.
Ubuntu alone published advisories covering the standard kernel, the Low Latency variant, Raspberry Pi, NVIDIA Tegra, Xilinx, and Oracle hardware builds. That's six separate kernel updates in a single week. AlmaLinux and RHEL followed with their own rounds, while Fedora shipped kernel 7.0.14 across both Fedora 43 and 44. The kernel remains the most frequently patched component, and for good reason.
Beyond the kernel, the web stack is getting hammered. PHP 8.2 and 8.4 land buffer overflow fixes on Debian. RHEL and AlmaLinux push updates for older PHP 7.4 and 8.x branches. Apache httpd, Nginx, and Caddy all receive security patches. And for whatever reason, ImageMagick is having a rough year. Debian, RHEL, Oracle, and SUSE all shipped fixes for arbitrary code execution vulnerabilities in the image processing library. If you run anything that accepts user-uploaded images, apply this immediately.
Databases and container runtimes round out the biggest vulnerabilities. MariaDB 10.11 and 11.8 show up on almost every RPM-based distro. PostgreSQL 15 and 16 get patched across the board. Sogo lands a SQL injection fix on Debian, while PowerDNS and NSD on Fedora address cache poisoning. Podman, Buildah, runc, and skopeo all receive updates for RHEL and Fedora, pointing to the usual container runtime maintenance cycle.

What Actually Needs Your Attention Right Now
Keep in mind that not every advisory carries the same urgency. Most of these sit at "Important" severity. A handful hit "Critical" status. SUSE marked a Thunderbird update, an mbedTLS patch, and a perl-Cpanel-JSON-XS fix as critical. RHEL flagged RHSA-2026:33486 as critical. Debian listed PHP 8.4 as important but the rest as moderate to important. Slackware kept things lean with just three advisories for libevent, Thunderbird, and libseccomp.
If you're running a PHP-heavy production environment, prioritize the Apache/httpd, PHP, and glibc patches first. Those stack together. The glibc and gnutls updates that RHEL and Oracle published also deserve early attention, since they're used by just about everything else on the system.
Ruby developers shouldn't sleep on this week's updates either. AlmaLinux, RHEL, and Rocky all shipped security fixes for Ruby 2.5, 3.3, and 4.0. If you're still on Ruby 2.5, the 2026 advisories are officially past end-of-life territory for many upstream projects, though the distros are keeping the security patches flowing.
The Cross-Distro Pattern
Tracking these across distributions reveals a predictable rhythm. The RHEL family (AlmaLinux, Rocky, Oracle, RHEL itself) all patch the exact same RPM packages: perl-IO-Compress, perl-Archive-Tar, git-lfs, python3.12-urllib3, giflib, and container-tools. You'll see identical advisory titles with different numbering. It's a sign of a healthy upstream development model, though it does mean you're essentially mirroring upstream fixes rather than writing custom security code.
The Debian track operates similarly but with its own advisory numbering scheme. Debian uses DLA and DSA prefixes for standard and extended support branches respectively. SUSE splits things between openSUSE-SU and SUSE-SU advisories, usually grouping multiple packages into single releases. Ubuntu tends to stack multiple kernel variants into one notice, while SUSE and Debian prefer granular per-package advisories.
The volume here is staggering. However, at the same time, the underlying mechanics haven't changed. Distributions are still backporting upstream fixes rather than rewriting critical infrastructure from scratch. The patching cadence is the real differentiator, and this week shows why automated update pipelines exist.
Head here to your distribution's security portal for the full advisory text and CVE cross-references. AlmaLinux and RHEL post theirs at access.redhat.com/security, Debian uses security.debian.org, Fedora publishes at admin.fedoraproject.org, and Ubuntu hosts everything at ubuntu.com/security. SUSE maintains theirs at suse.com/security.
Apply the patches. Reboot if the kernel or glibc updates land. Monitor your services for the usual post-update startup hiccups, though most of these are straightforward replacements. If you're managing dozens of servers, ansible and puppet are already waiting to apply these RPM and deb updates in bulk.
Latest Security Updates by Distribution
Here’s a complete breakdown of the security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
AlmaLinux
AlmaLinux issued a series of security advisories for operating system versions 8, 9, and 10. The updates address critical vulnerabilities in widely deployed software including the Linux kernel, Apache httpd, PHP, MariaDB, PostgreSQL, Ruby, TigerVNC, and Go. These patches fix stack buffer overflows, IMAP command injection flaws, use-after-free errors, and denial-of-service risks that could expose servers to unauthorized access or service disruption.
- ALSA-2026:29844: tigervnc security update (Important)
- ALSA-2026:29703: containernetworking-plugins security update (Important)
- ALSA-2026:29981: golang security, bug fix, and enhancement update (Moderate)
- ALSA-2026:30859: perl-IO-Compress security update (Important)
- ALSA-2026:29702: runc security update (Important)
- ALSA-2026:30852: perl-Archive-Tar security update (Important)
- ALSA-2026:32992: python3.12-urllib3 security update (Important)
- ALSA-2026:30858: perl-IO-Compress security update (Important)
- ALSA-2026:30853: git-lfs security update (Important)
- ALSA-2026:30855: git-lfs security update (Important)
- ALSA-2026:30857: perl-Archive-Tar security update (Important)
- ALSA-2026:33092: glibc security, bug fix, and enhancement update (Moderate)
- ALSA-2026:33093: mariadb10.11 security, bug fix, and enhancement update (Important)
- ALSA-2026:30845: mod_md security update (Moderate)
- ALSA-2026:33124: coreutils security update (Moderate)
- ALSA-2026:30860: perl-IO-Compress security update (Important)
- ALSA-2026:20597: glibc security update (Moderate)
- ALSA-2026:33412: galera and mariadb11.8 security, bug fix, and enhancement update (Important)
- ALSA-2026:30856: perl-Archive-Tar security update (Important)
- ALSA-2026:30846: thunderbird security update (Important)
- ALSA-2026:30844: mod_md security update (Moderate)
- ALSA-2026:30854: git-lfs security update (Important)
- ALSA-2026:33226: glibc security, bug fix, and enhancement update (Moderate)
- ALSA-2026:30848: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:30851: perl:5.32 security update (Important)
- ALSA-2026:33126: glibc security update (Moderate)
- ALSA-2026:33445: thunderbird security update (Important)
- ALSA-2026:34109: httpd security, bug fix, and enhancement update (Important)
- ALSA-2026:33565: ruby security update (Important)
- ALSA-2026:33731: rrdtool security update (Moderate)
- ALSA-2026:33502: giflib security update (Important)
- ALSA-2026:33540: ruby4.0 security update (Important)
- ALSA-2026:33464: mariadb:10.11 security, bug fix, and enhancement update (Important)
- ALSA-2026:33503: giflib security update (Important)
- ALSA-2026:34155: rrdtool security update (Moderate)
- ALSA-2026:33743: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:33577: ruby:4.0 security update (Important)
- ALSA-2026:33449: php security update (Important)
- ALSA-2026:33501: giflib security update (Important)
- ALSA-2026:33285: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:33512: ruby security update (Important)
- ALSA-2026:34156: rrdtool security update (Moderate)
- ALSA-2026:34355: mod_http2 security, bug fix, and enhancement update (Moderate)
- ALSA-2026:33685: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:24370: frr10 security update (Important)
- ALSA-2026:24371: frr security update (Important)
- ALSA-2026:24368: bind9.18 security update (Important)
- ALSA-2026:25925: valkey security update (Important)
- ALSA-2026:26297: hplip security update (Important)
- ALSA-2026:26203: postgresql:16 security update (Important)
- ALSA-2026:27819: evince security update (Important)
- ALSA-2026:26455: 389-ds-base security, bug fix, and enhancement update (Important)
- ALSA-2026:26610: xorg-x11-server security, bug fix, and enhancement update (Important)
- ALSA-2026:26590: xorg-x11-server-Xwayland security, bug fix, and enhancement update (Important)
- ALSA-2026:20612: gnutls security update (Important)
- ALSA-2026:33481: mariadb:11.8 security, bug fix, and enhancement update (Important)
- ALSA-2026:28037: postgresql:15 security update (Important)
- ALSA-2026:34354: php:7.4 security update (Important)
- ALSA-2026:20568: jmc security update (Important)
- ALSA-2026:25052: mysql:8.4 security update (Moderate)
- ALSA-2026:26206: fence-agents security update (Important)
- ALSA-2026:19362: gimp security update (Important)
- ALSA-2026:22304: postgresql-jdbc security update (Important)
- ALSA-2026:19358: freerdp security update (Moderate)
- ALSA-2026:33514: ruby:2.5 security update (Important)
- ALSA-2026:33515: ruby:3.3 security update (Important)
- ALSA-2026:33722: container-tools:rhel8 security, bug fix, and enhancement update (Important)
Debian GNU/Linux
Debian released a wave of security advisories to fix critical flaws across dozens of widely used packages. The patches target the Linux kernel, Nginx, OpenVPN, PHP, Apache2, ImageMagick, librabbitmq, jq, Sogo, and several other tools running on standard and extended support branches. Operators will find resolutions for dangerous issues including SQL injection in Sogo, buffer overflows in PHP 8.2 and 8.4, arbitrary code execution in ImageMagick, and memory corruption in multiple core libraries.
- [DLA 4655-1] libhtml-parser-perl security update
- [DSA 6373-1] lxd security update
- [DSA 6372-1] tor security update
- ELA-1763-1 libhtml-parser-perl security update
- [DLA 4656-1] tor security update
- [DLA 4657-1] sogo security update
- ELA-1760-1 yelp security update
- [DLA 4660-1] nginx security update
- [DLA 4659-1] debian-security-support update
- [DLA 4658-1] librabbitmq security update
- [DSA 6374-1] nginx security update
- [DLA 4661-1] jq security update
- ELA-1764-1 librabbitmq security update
- [DLA 4662-1] jq security update
- [DLA 4663-1] node-lodash security update
- ELA-1765-1 apache2 security update
- ELA-1766-1 imagemagick security update (by )
- [DSA 6375-1] fastnetmon security update
- [DLA 4664-1] linux security update
- [DLA 4665-1] linux security update
- [DLA 4667-1] nginx security update
- [DLA 4666-1] openvpn security update
- [DSA 6376-1] openvpn security update
- [DLA 4669-1] php8.2 security update
- [DLA 4668-1] sympa security update
- [DSA 6377-1] php8.4 security update
- [DLA 4670-1] php-phpseclib security update
Fedora Linux
The Fedora Project issued a series of security advisories for both Fedora 43 and Fedora 44, addressing critical vulnerabilities across numerous commonly installed software packages. Major updates target database systems like MariaDB and MySQL, web browsers including Chromium and Nextcloud, and container tools such as Podman and Buildah. Developers patched dangerous flaws like buffer overflows in Perl-DBI, memory corruption issues in FreeRDP, and cache poisoning vulnerabilities in PowerDNS and NSD.
- Fedora 43 Update: mariadb10.11-10.11.18-2.fc43
- Fedora 43 Update: python-pydantic-settings-2.14.2-1.fc43
- Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43
- Fedora 43 Update: podman-tui-1.11.2-1.fc43
- Fedora 44 Update: chromium-149.0.7827.200-1.fc44
- Fedora 44 Update: mariadb11.8-11.8.8-3.fc44
- Fedora 44 Update: libssh2-1.11.1-9.fc44
- Fedora 44 Update: podman-tui-1.11.2-1.fc44
- Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44
- Fedora 43 Update: perl-DBI-1.648-1.fc43
- Fedora 43 Update: perl-Socket-2.041-1.fc43
- Fedora 43 Update: chromium-149.0.7827.200-1.fc43
- Fedora 43 Update: collectd-5.12.0-57.fc43
- Fedora 43 Update: python-jupytext-1.19.4-1.fc43
- Fedora 43 Update: python-django-haystack-3.4.0-1.fc43
- Fedora 43 Update: varnish-modules-0.26.0-4.fc43
- Fedora 43 Update: vmod-querystring-2.0.3-11.fc43
- Fedora 43 Update: varnish-7.7.3-2.fc43
- Fedora 44 Update: python-jupytext-1.19.4-1.fc44
- Fedora 44 Update: python-django-haystack-3.4.0-1.fc44
- Fedora 44 Update: maradns-3.5.0037-1.fc44
- Fedora 43 Update: kernel-7.0.14-101.fc43
- Fedora 43 Update: transmission-4.1.3-1.fc43
- Fedora 43 Update: thunderbird-152.0-2.fc43
- Fedora 43 Update: caddy-2.10.2-9.fc43
- Fedora 43 Update: rclone-1.74.3-1.fc43
- Fedora 43 Update: opkssh-0.14.0-3.fc43
- Fedora 44 Update: kernel-7.0.14-201.fc44
- Fedora 43 Update: hut-0.8.0-1.fc43
- Fedora 44 Update: transmission-4.1.3-1.fc44
- Fedora 44 Update: ipp-usb-0.9.34-2.fc44
- Fedora 44 Update: caddy-2.10.2-9.fc44
- Fedora 44 Update: rclone-1.74.3-1.fc44
- Fedora 44 Update: opkssh-0.14.0-3.fc44
- Fedora 44 Update: hut-0.8.0-1.fc44
- Fedora 43 Update: cpp-httplib-0.48.0-1.fc43
- Fedora 43 Update: apptainer-1.5.2-1.fc43
- Fedora 43 Update: mysql8.4-8.4.10-1.fc43
- Fedora 44 Update: 7zip-26.02-1.fc44
- Fedora 44 Update: nmap-7.92-11.fc44
- Fedora 44 Update: apptainer-1.5.2-1.fc44
- Fedora 44 Update: cpp-httplib-0.48.0-1.fc44
- Fedora 44 Update: mysql8.4-8.4.10-1.fc44
- Fedora 43 Update: openvpn-2.6.21-1.fc43
- Fedora 43 Update: 7zip-26.02-1.fc43
- Fedora 43 Update: pdns-recursor-5.2.11-1.fc43
- Fedora 43 Update: pdns-5.0.6-1.fc43
- Fedora 43 Update: buildah-1.43.2-1.fc43
- Fedora 43 Update: podman-5.8.3-1.fc43
- Fedora 43 Update: freerdp-3.27.1-1.fc43
- Fedora 44 Update: openvpn-2.7.5-1.fc44
- Fedora 44 Update: pdns-recursor-5.4.3-1.fc44
- Fedora 44 Update: pdns-5.0.6-1.fc44
- Fedora 44 Update: openqa-5^20260604git6376095-3.fc44
- Fedora 44 Update: os-autoinst-5^20260601git6ee8da2-1.fc44
- Fedora 44 Update: leptonica-1.87.0-4.fc44
- Fedora 44 Update: chromium-150.0.7871.46-1.fc44
- Fedora 44 Update: clamav-1.4.5-1.fc44
- Fedora 44 Update: perl-Crypt-ScryptKDF-0.011-1.fc44
- Fedora 44 Update: nextcloud-33.0.6-1.fc44
- Fedora 44 Update: mariadb10.11-10.11.18-2.fc44
- Fedora 44 Update: python-jupyter-server-2.20.0-1.fc44
- Fedora 44 Update: nsd-4.14.3-1.fc44
- Fedora 44 Update: python-streamlink-8.4.0-1.fc44
- Fedora 43 Update: chromium-150.0.7871.46-1.fc43
- Fedora 43 Update: nextcloud-33.0.6-1.fc43
- Fedora 43 Update: python-jupyter-server-2.20.0-1.fc43
- Fedora 43 Update: mariadb11.8-11.8.8-1.fc43
- Fedora 43 Update: python-streamlink-8.4.0-1.fc43
- Fedora 43 Update: nsd-4.14.3-1.fc43
Oracle Linux
Oracle released a coordinated series of security and maintenance updates for Oracle Linux 7, 8, and 9. The patches address dozens of CVE identifiers and routine bugs across widely deployed components including OpenSSL, Nginx, the Unbreakable Enterprise Kernel, and major database engines like PostgreSQL and MariaDB. System operators will find corrected RPMs for web servers, runtime environments, desktop libraries, and container tools in these advisories.
- ELBA-2026-6837 Oracle Linux 9 mdadm bug fix and enhancement update
- ELSA-2026-29981 Moderate: Oracle Linux 9 golang security, bug fix, and enhancement update
- ELSA-2026-25239 Important: Oracle Linux 9 openssl security update
- ELBA-2026-25055 Oracle Linux 9 python3.11 bug fix and enhancement update
- ELSA-2026-19372 Critical: Oracle Linux 9 nginx:1.26 security update
- ELSA-2026-18722 Important: Oracle Linux 9 podman security update
- ELBA-2026-25056 Oracle Linux 9 aide bug fix and enhancement update
- ELBA-2026-28242 Oracle Linux 9 gdm bug fix and enhancement update
- ELSA-2026-21297 Important: Oracle Linux 9 .NET 10.0 security update
- ELSA-2026-22717 Moderate: Oracle Linux 9 vim security update
- ELSA-2026-28244 Moderate: Oracle Linux 9 libpng15 security update
- ELSA-2026-22304 Important: Oracle Linux 9 postgresql-jdbc security update
- ELSA-2026-24370 Important: Oracle Linux 9 frr10 security update
- ELSA-2026-23332 Moderate: Oracle Linux 9 mysql security update
- ELSA-2026-19349 Important: Oracle Linux 9 freerdp security update
- ELSA-2026-19348 Important: Oracle Linux 9 thunderbird security update
- ELSA-2026-19344 Important: Oracle Linux 9 xorg-x11-server-Xwayland security update
- ELBA-2026-19347 Oracle Linux 9 opencryptoki bug fix and enhancement update
- ELBA-2026-21387 Oracle Linux 9 cockpit bug fix and enhancement update
- ELBA-2026-50344 Oracle Linux 9 sos bug fix update
- ELSA-2026-22420 Moderate: Oracle Linux 7 libxml2 security update
- ELSA-2026-24722 Moderate: Oracle Linux 7 libsoup security update
- ELSA-2026-19589 Important: Oracle Linux 7 python security update
- ELSA-2026-32992 Important: Oracle Linux 8 python3.12-urllib3 security update
- ELSA-2026-30858 Important: Oracle Linux 8 perl-IO-Compress security update
- ELSA-2026-30853 Important: Oracle Linux 8 git-lfs security update
- ELSA-2026-30852 Important: Oracle Linux 8 perl-Archive-Tar security update
- ELSA-2026-30844 Moderate: Oracle Linux 9 mod_md security update
- ELSA-2026-20574 Important: Oracle Linux 9 firefox security update
- ELSA-2026-21378 Important: Oracle Linux 9 firefox security update
- ELSA-2026-19370 Important: Oracle Linux 9 firefox security update
- ELSA-2026-19368 Important: Oracle Linux 9 rsync security update
- ELSA-2026-19343 Important: Oracle Linux 9 xorg-x11-server security update
- ELSA-2026-18916 Important: Oracle Linux 9 tomcat security update
- ELSA-2026-50351 Important: Unbreakable Enterprise kernel security update
- ELSA-2026-50351 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-50352 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-30859 Important: Oracle Linux 9 perl-IO-Compress security update
- ELSA-2026-28212 Important: Oracle Linux 9 nginx:1.24 security update
- ELSA-2026-30856 Important: Oracle Linux 9 perl-Archive-Tar security update
- ELSA-2026-25217 Important: Oracle Linux 9 kernel security update
- ELSA-2026-24381 Important: Oracle Linux 9 kernel security update
- ELSA-2026-30854 Important: Oracle Linux 9 git-lfs security update
- ELSA-2026-22312 Moderate: Oracle Linux 9 openssl security update
- ELBA-2026-28248 Oracle Linux 9 passt bug fix and enhancement update
- ELSA-2026-50352 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-50352 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-50353 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-50353 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-50353 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
- ELSA-2026-26551 Important: Oracle Linux 7 firefox security update
- ELSA-2026-24983 Important: Oracle Linux 7 firefox security update
- ELSA-2026-20546 Moderate: Oracle Linux 7 freerdp security update
- ELSA-2026-19566 Moderate: Oracle Linux 7 glib2 security update
- ELSA-2026-33503 Important: Oracle Linux 8 giflib security update
- ELSA-2026-33464 Important: Oracle Linux 8 mariadb:10.11 security, bug fix, and enhancement update
- ELSA-2026-33445 Important: Oracle Linux 8 thunderbird security update
- ELSA-2026-34156 Moderate: Oracle Linux 9 rrdtool security update
- ELSA-2026-33501 Important: Oracle Linux 9 giflib security update
- ELSA-2026-33226 Moderate: Oracle Linux 9 glibc security, bug fix, and enhancement update
- ELSA-2026-28290 Moderate: Oracle Linux 9 libreoffice security update
- ELSA-2026-21556 Important: Oracle Linux 9 kernel security update
- ELSA-2026-27741 Important: Oracle Linux 9 postgresql security update
- ELSA-2026-19568 Important: Oracle Linux 9 kernel security update
- ELSA-2026-18958 Moderate: Oracle Linux 9 python3.12 security update
- ELSA-2026-18957 Moderate: Oracle Linux 9 python3.11 security update
- ELSA-2026-18587 Moderate: Oracle Linux 9 kernel security update
- ELSA-2026-18748 Moderate: Oracle Linux 9 libvirt security update
- ELBA-2026-33434 Oracle Linux 9 dracut bug fix and enhancement update
Red Hat Enterprise Linux
Red Hat issued a series of security advisories that patch vulnerabilities across Red Hat Enterprise Linux versions 7 through 10. The updates target core system components like the Linux kernel, glibc, gnutls, and httpd alongside enterprise tools including OpenShift, Satellite, and Ansible. Administrators managing database servers such as PostgreSQL, MariaDB, Redis, and Streams for Apache Kafka must apply the latest fixes to meet critical and important compliance standards.
- RHSA-2026:30858: Important: perl-IO-Compress security update
- RHSA-2026:30847: Moderate: libxslt security update
- RHSA-2026:30843: Important: perl-IO-Compress security update
- RHSA-2026:32962: Important: gnutls security update
- RHSA-2026:32961: Important: ImageMagick security update
- RHSA-2026:30901: Important: flatpak security update
- RHSA-2026:30848: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:30854: Important: git-lfs security update
- RHSA-2026:30859: Important: perl-IO-Compress security update
- RHSA-2026:30851: Important: perl:5.32 security update
- RHSA-2026:30856: Important: perl-Archive-Tar security update
- RHSA-2026:30844: Moderate: mod_md security update
- RHSA-2026:30849: Important: gnutls and libtasn1 security update
- RHSA-2026:30853: Important: git-lfs security update
- RHSA-2026:30850: Important: gnutls and libtasn1 security update
- RHSA-2026:30852: Important: perl-Archive-Tar security update
- RHSA-2026:32991: Important: osbuild-composer security update
- RHSA-2026:32983: Important: postgresql:15 security update
- RHSA-2026:32992: Important: python3.12-urllib3 security update
- RHSA-2026:32994: Important: postgresql:13 security update
- RHSA-2026:30900: Important: vim security update
- RHSA-2026:33227: Moderate: glibc security update
- RHSA-2026:33219: Important: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_143_1, and kpatch-patch-4_18_0-477_97_1 s ...
- RHSA-2026:30846: Important: thunderbird security update
- RHSA-2026:30855: Important: git-lfs security update
- RHSA-2026:30860: Important: perl-IO-Compress security update
- RHSA-2026:33169: Important: evince security update
- RHSA-2026:33126: Moderate: glibc security update
- RHSA-2026:33285: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:33371: Important: Red Hat JBoss Enterprise Application Platform 7.3.18 security update
- RHSA-2026:33372: Important: Red Hat JBoss Enterprise Application Platform 7.1.15 security update
- RHSA-2026:33092: Moderate: glibc security, bug fix, and enhancement update
- RHSA-2026:32990: Important: cifs-utils security update
- RHSA-2026:33093: Important: mariadb10.11 security, bug fix, and enhancement update
- RHSA-2026:33226: Moderate: glibc security, bug fix, and enhancement update
- RHSA-2026:33225: Important: kpatch-patch-6_12_0-211_16_1 security update
- RHSA-2026:33230: Moderate: glibc security update
- RHSA-2026:33229: Moderate: glibc security update
- RHSA-2026:33228: Moderate: glibc security update
- RHSA-2026:33231: Moderate: glibc security, bug fix, and enhancement update
- RHSA-2026:33224: Important: kpatch-patch-5_14_0-687_10_1 security update
- RHSA-2026:33223: Important: kpatch-patch-5_14_0-570_116_1, kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 secu ...
- RHSA-2026:33220: Important: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 sec ...
- RHSA-2026:33215: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:33222: Important: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_113_1, kpatch-patch-5_14_0-427_126_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 se ...
- RHSA-2026:33221: Important: kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, kpatch-patch-5_14_0-284_158_1, and kpatch-patch-5_14_0-284_172_1 ...
- RHSA-2026:30845: Moderate: mod_md security update
- RHSA-2026:30857: Important: perl-Archive-Tar security update
- RHSA-2026:28051: Important: .NET 9.0 security update
- RHSA-2026:33170: Moderate: glibc security update
- RHSA-2026:33124: Moderate: coreutils security update
- RHSA-2026:33125: Important: gnutls and libtasn1 security update
- RHSA-2026:33412: Important: galera and mariadb11.8 security, bug fix, and enhancement update
- RHSA-2026:33427: Important: redis:6 security update
- RHSA-2026:33464: Important: mariadb:10.11 security, bug fix, and enhancement update
- RHSA-2026:29833: Important: OpenShift Container Platform 4.21.22 bug fix and security update
- RHSA-2026:33462: Important: ruby security update
- RHSA-2026:33456: Important: giflib security update
- RHSA-2026:33452: Important: giflib security update
- RHSA-2026:33453: Important: vim security update
- RHSA-2026:33445: Important: thunderbird security update
- RHSA-2026:33455: Important: giflib security update
- RHSA-2026:33444: Important: redis:7 security update
- RHSA-2026:33441: Important: postgresql:15 security update
- RHSA-2026:33416: Important: evince security update
- RHSA-2026:33478: Important: ruby security update
- RHSA-2026:33482: Important: mariadb:10.11 security, bug fix, and enhancement update
- RHSA-2026:33503: Important: giflib security update
- RHSA-2026:33509: Important: giflib security update
- RHSA-2026:33497: Important: postgresql:15 security update
- RHSA-2026:33481: Important: mariadb:11.8 security, bug fix, and enhancement update
- RHSA-2026:33633: Low: libxml2 security update
- RHSA-2026:33635: Low: libxml2 security update
- RHSA-2026:33515: Important: ruby:3.3 security update
- RHSA-2026:33565: Important: ruby security update
- RHSA-2026:33512: Important: ruby security update
- RHSA-2026:29794: Important: OpenShift Container Platform 4.22.3 bug fix and security update
- RHSA-2026:33514: Important: ruby:2.5 security update
- RHSA-2026:33540: Important: ruby4.0 security update
- RHSA-2026:33519: Moderate: opencryptoki security update
- RHSA-2026:29799: Important: OpenShift Container Platform 4.20.27 bug fix and security update
- RHSA-2026:33486: Critical: kernel security, bug fix, and enhancement update
- RHSA-2026:33449: Important: php security update
- RHSA-2026:33451: Important: giflib security update
- RHSA-2026:33450: Important: giflib security update
- RHSA-2026:33447: Important: giflib security update
- RHSA-2026:33632: Low: libxml2 security update
- RHSA-2026:33634: Low: libxml2 security update
- RHSA-2026:33899: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:33900: Important: kernel-rt security, bug fix, and enhancement update
- RHSA-2026:33502: Important: giflib security update
- RHSA-2026:33743: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:33731: Moderate: rrdtool security update
- RHSA-2026:33722: Important: container-tools:rhel8 security, bug fix, and enhancement update
- RHSA-2026:33685: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:33577: Important: ruby:4.0 security update
- RHSA-2026:33666: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:33576: Important: ruby:3.3 security update
- RHSA-2026:33630: Important: ruby security update
- RHSA-2026:34043: Important: postgresql:12 security update
- RHSA-2026:33501: Important: giflib security update
- RHSA-2026:29079: Important: OpenShift Container Platform 4.16.65 packages and security update
- RHSA-2026:34211: Moderate: glibc security update
- RHSA-2026:34156: Moderate: rrdtool security update
- RHSA-2026:34192: Important: buildah security, bug fix, and enhancement update
- RHSA-2026:34155: Moderate: rrdtool security update
- RHSA-2026:34160: Important: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
- RHSA-2026:34094: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:34109: Important: httpd security, bug fix, and enhancement update
- RHSA-2026:29080: Important: OpenShift Container Platform 4.16.65 bug fix and security update
- RHSA-2026:34095: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:34076: Important: ruby:2.5 security update
- RHSA-2026:34476: Important: vim security update
- RHSA-2026:34443: Important: kernel security update
- RHSA-2026:34372: Important: gnutls security update
- RHSA-2026:34367: Important: Satellite 6.16.10 Async Update
- RHSA-2026:34368: Important: Satellite 6.18.7 Async Update
- RHSA-2026:34354: Important: php:7.4 security update
- RHSA-2026:34355: Moderate: mod_http2 security, bug fix, and enhancement update
- RHSA-2026:34196: Important: podman security update
- RHSA-2026:34197: Important: skopeo security update
- RHSA-2026:29856: Important: OpenShift Container Platform 4.18.46 bug fix and security update
- RHSA-2026:28886: Important: OpenShift Container Platform 4.14.68 packages and security update
- RHSA-2026:28887: Critical: OpenShift Container Platform 4.14.68 bug fix and security update
- RHSA-2026:34508: Important: dnsmasq security update
- RHSA-2026:34477: Important: vim security update
- RHSA-2026:34359: Important: opentelemetry-collector security update
- RHSA-2026:34357: Important: opentelemetry-collector security update
- RHSA-2026:34362: Important: postgresql:12 security update
- RHSA-2026:34363: Important: postgresql:13 security update
- RHSA-2026:34365: Important: Satellite 6.19.2 Async Update
- RHSA-2026:34366: Important: Satellite 6.17.9 Async Update
- RHSA-2026:29863: Important: OpenShift Container Platform 4.19.36 bug fix and security update
- RHSA-2026:34911: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:34927: Important: kernel security update
- RHSA-2026:34608: Important: Streams for Apache Kafka 2.9.4 release and security update
Rocky Linux
Rocky Linux issued multiple security advisories for versions 8 and 9, distributing patches across dozens of core packages including Perl 5.32, MariaDB 10.11, Ruby 2.5, Ruby 3.3, and PHP 7.4. The updates resolve reported vulnerabilities, correct runtime bugs, and apply performance adjustments to components like container-tools, glibc, Thunderbird, and rrdtool. Most advisories carry an Important severity rating, though certain PHP and container-related fixes address higher-priority flaws.
- RLSA-2026:30851: Important: perl:5.32 security update
- RLSA-2026:33464: Important: mariadb:10.11 security, bug fix, and enhancement update
- RLSA-2026:33514: Important: ruby:2.5 security update
- RLSA-2026:33515: Important: ruby:3.3 security update
- RLSA-2026:33577: Important: ruby:4.0 security update
- RLSA-2026:33576: Important: ruby:3.3 security update
- RLSA-2026:32992: Important: python3.12-urllib3 security update
- RLSA-2026:30853: Important: git-lfs security update
- RLSA-2026:33722: Important: container-tools:rhel8 security, bug fix, and enhancement update
- RLSA-2026:33503: Important: giflib security update
- RLSA-2026:33126: Moderate: glibc security update
- RLSA-2023:3087: Important: mysql:8.0 security, bug fix, and enhancement update
- RLSA-2026:30856: Important: perl-Archive-Tar security update
- RLSA-2026:30854: Important: git-lfs security update
- RLSA-2026:30844: Moderate: mod_md security update
- RLSA-2026:33226: Moderate: glibc security, bug fix, and enhancement update
- RLSA-2026:33501: Important: giflib security update
- RLSA-2026:30859: Important: perl-IO-Compress security update
- RLSA-2026:34354: Important: php:7.4 security update
- RLSA-2026:34155: Moderate: rrdtool security update
- RLSA-2026:33445: Important: thunderbird security update
- RLSA-2026:34354: Important: php:7.4 security update
- RLSA-2026:33722: Important: container-tools:rhel8 security, bug fix, and enhancement update
- RLSA-2026:33514: Important: ruby:2.5 security update
- RLSA-2026:33515: Important: ruby:3.3 security update
- RLSA-2026:33464: Important: mariadb:10.11 security, bug fix, and enhancement update
Slackware Linux
The Slackware Linux Security Team issued three new package upgrades to resolve active security flaws across Slackware 15. These patches directly target libevent, Mozilla Thunderbird, and libseccomp to stop exploitation before it reaches production servers. Operators can match each fix to its official advisory, SSA:2026-182-01, SSA:2026-182-02, and SSA:2026-183-01, for straightforward tracking.
SUSE Linux
SUSE issued a wide series of security advisories to patch recently discovered flaws across their Linux distributions. The updates target widely deployed software including Python, Apache2, Docker, ImageMagick, Thunderbird, glibc, systemd, and jq. Several vulnerabilities carry CVSS scores above 8, ranging from moderate to critical severity levels.
- openSUSE-SU-2026:11129-1: moderate: assimp-devel-6.0.5-4.1 on GA media
- openSUSE-SU-2026:11131-1: moderate: hydra-9.7+git20.gbccaea1-1.1 on GA media
- openSUSE-SU-2026:11130-1: moderate: calibre-9.10.0-1.1 on GA media
- openSUSE-SU-2026:11123-1: moderate: jupyter-nbclassic-1.3.3-2.1 on GA media
- openSUSE-SU-2026:11128-1: moderate: agama-web-ui-22+143.ee15dea20-46.1 on GA media
- openSUSE-SU-2026:11125-1: moderate: tar-1.35-8.1 on GA media
- openSUSE-SU-2026:11124-1: moderate: python311-pdm-2.28.0-1.1 on GA media
- openSUSE-SU-2026:11127-1: moderate: ImageMagick-7.1.2.25-3.1 on GA media
- openSUSE-SU-2026:11122-1: moderate: glances-common-4.5.5-1.1 on GA media
- openSUSE-SU-2026:0221-1: moderate: Security update for xtrabackup
- SUSE-SU-2026:2669-1: moderate: Security update for libsoup
- SUSE-SU-2026:2670-1: moderate: Security update for libsoup2
- openSUSE-SU-2026:0223-1: important: Security update for assimp
- openSUSE-SU-2026:11141-1: moderate: istioctl-1.30.2-1.1 on GA media
- openSUSE-SU-2026:11139-1: moderate: chromedriver-149.0.7827.200-1.1 on GA media
- openSUSE-SU-2026:11138-1: moderate: jupyter-jupyterlab-templates-0.5.3-2.1 on GA media
- openSUSE-SU-2026:11135-1: moderate: logback-1.5.36-1.1 on GA media
- openSUSE-SU-2026:11134-1: moderate: libslirp-devel-4.9.3+4-1.1 on GA media
- openSUSE-SU-2026:11133-1: moderate: jq-1.8.2-1.1 on GA media
- openSUSE-SU-2026:11136-1: moderate: ocaml-4.14.4-1.1 on GA media
- openSUSE-SU-2026:11137-1: moderate: python311-jupyter-ydoc-3.5.0-1.1 on GA media
- openSUSE-SU-2026:11140-1: moderate: glibc-2.43-4.1 on GA media
- openSUSE-SU-2026:11132-1: moderate: jackson-databind-2.18.8-2.1 on GA media
- SUSE-SU-2026:2680-1: important: Security update for ansible-core
- SUSE-SU-2026:2681-1: moderate: Security update for libheif
- SUSE-SU-2026:2674-1: important: Security update for libsolv, libzypp, zypper
- SUSE-SU-2026:2676-1: important: Security update for bind
- openSUSE-SU-2026:21173-1: important: Security update for python-pydata-sphinx-theme
- openSUSE-SU-2026:21169-1: moderate: Security update for python-biopython
- openSUSE-SU-2026:21171-1: important: Security update for gimp
- openSUSE-SU-2026:21163-1: important: Security update for yt-dlp
- openSUSE-SU-2026:21157-1: important: Security update for golang-github-prometheus-alertmanager
- openSUSE-SU-2026:21155-1: moderate: Security update for hamlib
- openSUSE-SU-2026:21154-1: important: Security update for ofono
- openSUSE-SU-2026:21153-1: moderate: Security update for xar
- openSUSE-SU-2026:21168-1: critical: Security update for MozillaThunderbird
- openSUSE-SU-2026:21166-1: moderate: Security update for nano
- openSUSE-SU-2026:21159-1: important: Security update for python-py7zr
- openSUSE-SU-2026:21161-1: moderate: Security update for python-pdm
- openSUSE-SU-2026:21144-1: critical: Security update for mbedtls
- openSUSE-SU-2026:21142-1: critical: Security update for perl-Compress-Raw-Zlib
- openSUSE-SU-2026:21152-1: important: Security update for atril
- openSUSE-SU-2026:21146-1: moderate: Security update for lldpd
- openSUSE-SU-2026:21149-1: important: Security update for bitcoin
- openSUSE-SU-2026:21151-1: important: Security update for warewulf4
- openSUSE-SU-2026:21143-1: moderate: Security update for gleam
- openSUSE-SU-2026:21140-1: critical: Security update for perl-Cpanel-JSON-XS
- openSUSE-SU-2026:21145-1: moderate: Security update for mbedtls-2
- openSUSE-SU-2026:21137-1: important: Security update for perl-Crypt-PasswdMD5
- openSUSE-SU-2026:21136-1: moderate: Security update for golang-github-prometheus-alertmanager
- openSUSE-SU-2026:21134-1: moderate: Security update for glycin-loaders
- openSUSE-SU-2026:21129-1: important: Security update for webkit2gtk3
- openSUSE-SU-2026:21135-1: important: Security update for chromium
- openSUSE-SU-2026:21130-1: moderate: Security update for glib-networking
- openSUSE-SU-2026:21127-1: moderate: Security update for python-paramiko
- openSUSE-SU-2026:21126-1: moderate: Security update for perl-HTML-Parser
- openSUSE-SU-2026:21123-1: important: Security update for bind
- openSUSE-SU-2026:21125-1: important: Security update for perl-Protocol-HTTP2
- openSUSE-SU-2026:21124-1: important: Security update for graphite2
- openSUSE-SU-2026:21120-1: important: Security update for mcphost
- openSUSE-SU-2026:21122-1: important: Security update for tomcat10
- openSUSE-SU-2026:21119-1: important: Security update for perl-HTTP-Daemon
- openSUSE-SU-2026:21117-1: important: Security update for tomcat
- openSUSE-SU-2026:21121-1: important: Security update for tomcat11
- openSUSE-SU-2026:21115-1: important: Security update for apache2
- openSUSE-SU-2026:21114-1: important: Security update for mozjs128
- openSUSE-SU-2026:21118-1: important: Security update for LibVNCServer
- openSUSE-SU-2026:21116-1: important: Security update for freerdp
- openSUSE-SU-2026:21113-1: important: Security update for libyang
- openSUSE-SU-2026:21059-1: important: Security update for openCryptoki
- openSUSE-SU-2026:21111-1: important: Security update for himmelblau
- openSUSE-SU-2026:21112-1: important: Security update for xwayland
- openSUSE-SU-2026:21108-1: important: Security update for ignition
- openSUSE-SU-2026:21109-1: important: Security update for dovecot24
- openSUSE-SU-2026:21101-1: important: Security update for libcaca
- openSUSE-SU-2026:21106-1: important: Security update for papers
- openSUSE-SU-2026:21104-1: important: Security update for postgresql16
- openSUSE-SU-2026:21025-1: moderate: Security update for keylime
- openSUSE-SU-2026:21098-1: important: Security update for python-aiohttp
- openSUSE-SU-2026:21096-1: important: Security update for zypper, libzypp, libsolv
- openSUSE-SU-2026:21102-1: important: Security update for postgresql14
- openSUSE-SU-2026:21107-1: important: Security update for nginx
- openSUSE-SU-2026:21103-1: important: Security update for postgresql15
- openSUSE-SU-2026:21100-1: important: Security update for libjxl
- openSUSE-SU-2026:21092-1: important: Security update for strongswan
- openSUSE-SU-2026:21095-1: important: Security update for python-PyJWT
- openSUSE-SU-2026:21097-1: important: Security update for ansible-core
- openSUSE-SU-2026:21078-1: moderate: Security update for python-ecdsa
- openSUSE-SU-2026:21093-1: important: Security update for ldns
- openSUSE-SU-2026:21088-1: important: Security update for freeipmi
- openSUSE-SU-2026:21091-1: important: Security update for libinput
- openSUSE-SU-2026:21090-1: important: Security update for sqlite3
- openSUSE-SU-2026:21083-1: important: Security update for unbound
- openSUSE-SU-2026:21084-1: important: Security update for distribution
- openSUSE-SU-2026:21075-1: moderate: Security update for alsa
- openSUSE-SU-2026:21074-1: low: Security update for loupe
- openSUSE-SU-2026:21067-1: important: Security update for python-tornado6
- openSUSE-SU-2026:21076-1: important: Security update for giflib
- openSUSE-SU-2026:21079-1: important: Security update for amazon-ssm-agent
- openSUSE-SU-2026:21072-1: important: Security update for trivy
- openSUSE-SU-2026:21070-1: important: Security update for tar
- openSUSE-SU-2026:21069-1: important: Security update for google-guest-agent
- openSUSE-SU-2026:21071-1: important: Security update for ImageMagick
- openSUSE-SU-2026:21063-1: important: Security update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve
- openSUSE-SU-2026:21061-1: important: Security update for libaom
- openSUSE-SU-2026:21062-1: moderate: Security update for capnproto
- openSUSE-SU-2026:21066-1: important: Security update for python-python-multipart
- openSUSE-SU-2026:21054-1: important: Security update for dracut
- openSUSE-SU-2026:21053-1: important: Security update for python-starlette
- openSUSE-SU-2026:21055-1: important: Security update for libnfs
- openSUSE-SU-2026:21057-1: important: Security update for libssh2_org
- openSUSE-SU-2026:21047-1: low: Security update for libgcrypt
- openSUSE-SU-2026:21045-1: moderate: Security update for perl-libwww-perl
- openSUSE-SU-2026:21048-1: moderate: Security update for python-idna
- openSUSE-SU-2026:21043-1: important: Security update for MozillaFirefox
- openSUSE-SU-2026:21044-1: moderate: Security update for openssh
- openSUSE-SU-2026:21040-1: important: Security update for sg3_utils
- openSUSE-SU-2026:21038-1: important: Security update for 7zip
- openSUSE-SU-2026:21032-1: moderate: Security update for firewalld
- openSUSE-SU-2026:21036-1: moderate: Security update for cosign
- openSUSE-SU-2026:21029-1: important: Security update for perl-DBI
- openSUSE-SU-2026:21024-1: moderate: Security update for sed
- openSUSE-SU-2026:21019-1: moderate: Security update for rpcbind
- openSUSE-SU-2026:21020-1: moderate: Security update for postfix
- openSUSE-SU-2026:21016-1: moderate: Security update for mutt
- openSUSE-SU-2026:21021-1: moderate: Security update for krb5
- openSUSE-SU-2026:21015-1: moderate: Security update for dnsdist
- openSUSE-SU-2026:21012-1: important: Security update for perl-Config-IniFiles
- openSUSE-SU-2026:21017-1: moderate: Security update for python-click
- openSUSE-SU-2026:21014-1: moderate: Security update for avahi
- openSUSE-SU-2026:21013-1: important: Security update for amazon-ecs-init
- openSUSE-SU-2026:21011-1: important: Security update for 389-ds
- openSUSE-SU-2026:21010-1: important: Security update for google-cloud-sap-agent
- openSUSE-SU-2026:20993-1: important: Security update for python-pip
- openSUSE-SU-2026:21005-1: important: Security update for openssl-3
- openSUSE-SU-2026:21004-1: important: Security update for gsasl
- openSUSE-SU-2026:20994-1: important: Security update for helm
- SUSE-SU-2026:2686-1: important: Security update for apache2
- openSUSE-SU-2026:11146-1: moderate: libonnxruntime1-1.26.0-1.1 on GA media
- openSUSE-SU-2026:11151-1: moderate: socat-1.8.1.3-1.1 on GA media
- SUSE-SU-2026:2688-1: important: Security update for sg3_utils
- SUSE-SU-2026:2690-1: important: Security update for sg3_utils
- SUSE-SU-2026:2696-1: important: Security update for 7zip
- SUSE-SU-2026:2693-1: important: Security update for podman
- SUSE-SU-2026:2691-1: important: Security update for sg3_utils
- SUSE-SU-2026:2697-1: important: Security update for opensc
- SUSE-SU-2026:2699-1: important: Security update for cifs-utils
- SUSE-SU-2026:2701-1: important: Security update for pacemaker
- SUSE-SU-2026:2706-1: important: Security update for buildah
- SUSE-SU-2026:2704-1: moderate: Security update for exiv2-0_26
- SUSE-SU-2026:2715-1: important: Security update for podman
- SUSE-SU-2026:2712-1: moderate: Security update for xdg-desktop-portal
- SUSE-SU-2026:2716-1: important: Security update for pacemaker
- openSUSE-SU-2026:21176-1: important: Security update for python-pytest-html
- openSUSE-SU-2026:21179-1: important: Security update for lrzip
- openSUSE-SU-2026:21175-1: moderate: Security update for python-zeroconf
- openSUSE-SU-2026:11159-1: moderate: python311-jupyter-server-2.20.0-1.1 on GA media
- openSUSE-SU-2026:11157-1: moderate: perl-CSS-Minifier-XS-0.140.0-1.1 on GA media
- openSUSE-SU-2026:11158-1: moderate: perl-JavaScript-Minifier-XS-0.160.0-1.1 on GA media
- openSUSE-SU-2026:11154-1: moderate: hauler-2.0.1-1.1 on GA media
- openSUSE-SU-2026:0224-1: important: Security update for cadvisor
- SUSE-SU-2026:2721-1: important: Security update for dracut
- SUSE-SU-2026:2720-1: important: Security update for dracut
- SUSE-SU-2026:2723-1: moderate: Security update for python311
- SUSE-SU-2026:2724-1: moderate: Security update for python-python-dotenv
- openSUSE-SU-2026:21190-1: critical: Security update for openbabel
- openSUSE-SU-2026:21189-1: moderate: Security update for transmission
- openSUSE-SU-2026:11162-1: moderate: trivy-0.71.2-2.1 on GA media
- openSUSE-SU-2026:11167-1: moderate: kubectl-cnpg-1.29.2-1.1 on GA media
- openSUSE-SU-2026:11170-1: moderate: python311-python-engineio-4.13.3-1.1 on GA media
- openSUSE-SU-2026:11169-1: moderate: python3-onionshare-2.6.4-1.1 on GA media
- openSUSE-SU-2026:11165-1: moderate: alloy-1.17.1-1.1 on GA media
- openSUSE-SU-2026:11164-1: moderate: MozillaThunderbird-140.12.1-1.1 on GA media
- openSUSE-SU-2026:11168-1: moderate: perl-CGI-Session-4.490.0-1.1 on GA media
- openSUSE-SU-2026:11163-1: moderate: libxreaderdocument3-4.6.5-1.1 on GA media
- openSUSE-SU-2026:11166-1: moderate: c3p0-0.14.1-1.1 on GA media
- SUSE-SU-2026:2725-1: important: Security update for python-tornado6
- openSUSE-SU-2026:21220-1: moderate: Security update for dhcpcd
- openSUSE-SU-2026:21216-1: moderate: Security update for libslirp
- openSUSE-SU-2026:21211-1: moderate: Security update for ffmpeg-7
- openSUSE-SU-2026:21207-1: moderate: Security update for GraphicsMagick
- openSUSE-SU-2026:21210-1: important: Security update for google-osconfig-agent
- openSUSE-SU-2026:21201-1: important: Security update for jackson-annotations, jackson-core, jackson-databind
- openSUSE-SU-2026:21221-1: moderate: Security update for jline3
- openSUSE-SU-2026:21204-1: important: Security update for gstreamer-plugins-bad
- openSUSE-SU-2026:21196-1: important: Security update for pacemaker
- openSUSE-SU-2026:21192-1: important: Security update for dnsmasq
- openSUSE-SU-2026:21205-1: important: Security update for docker-stable
- openSUSE-SU-2026:21218-1: important: Security update for perl-List-SomeUtils-XS
- openSUSE-SU-2026:21202-1: moderate: Security update for lcms2
- SUSE-SU-2026:2729-1: moderate: Security update for python-lxml
- SUSE-SU-2026:2731-1: moderate: Security update for editorconfig-core-c
- SUSE-SU-2026:2733-1: important: Security update for buildah
- openSUSE-SU-2026:0228-1: moderate: Security update for nilfs-utils
- SUSE-SU-2026:2735-1: important: Security update for apache2
- openSUSE-SU-2026:11180-1: moderate: python311-mistune-3.3.2-1.1 on GA media
- openSUSE-SU-2026:11176-1: moderate: kitty-0.47.4-2.1 on GA media
- openSUSE-SU-2026:11179-1: moderate: perl-List-SomeUtils-XS-0.590.0-1.1 on GA media
- openSUSE-SU-2026:11175-1: moderate: kernel-devel-7.1.2-1.1 on GA media
- openSUSE-SU-2026:11178-1: moderate: openQA-5.1782995932.ffeb09be-1.1 on GA media
- openSUSE-SU-2026:11177-1: moderate: krb5-1.22.2-4.1 on GA media
- SUSE-SU-2026:2743-1: important: Security update for gstreamer-plugins-bad
- SUSE-SU-2026:2744-1: important: Security update for gstreamer-plugins-bad
- SUSE-SU-2026:2745-1: moderate: Security update for firewalld-legacy
- SUSE-SU-2026:2742-1: important: Security update for pacemaker
- SUSE-SU-2026:2751-1: moderate: Security update for tracker-miners
- SUSE-SU-2026:2749-1: important: Security update for perl-DBI
- openSUSE-SU-2026:21230-1: important: Security update for keybase-client
- openSUSE-SU-2026:21231-1: important: Security update for python-pydata-sphinx-theme
- openSUSE-SU-2026:21228-1: moderate: Security update for glibc
- openSUSE-SU-2026:21225-1: important: Security update for rmt-server
- openSUSE-SU-2026:21222-1: important: Security update for systemd
Ubuntu Linux
Ubuntu issued a series of security notices to address vulnerabilities across several core system packages. The latest batch includes fixes for the Linux kernel, nghttp2, LibVNCServer, cifs-utils, Vim, and nginx. Separately, the distribution released update USN-8467-2 to resolve two distinct flaws in Perl 5.40 for Ubuntu 25.10. These patches close a symlink handling issue in Archive::Tar and stop a memory overflow during 32-bit regex compilation.
- [USN-8495-1] nghttp2 vulnerability
- [USN-8494-1] LibVNCServer vulnerability
- [USN-8488-2] Linux kernel (Raspberry Pi) vulnerabilities
- [USN-8501-1] Linux kernel vulnerabilities
- [USN-8493-2] Linux kernel (Oracle) vulnerabilities
- [USN-8499-1] Linux kernel (Xilinx) vulnerabilities
- [USN-8498-1] Linux kernel (NVIDIA Tegra) vulnerabilities
- [USN-8497-1] Linux kernel (Low Latency) vulnerabilities
- [USN-8492-2] Linux kernel vulnerabilities
- [USN-8496-1] cifs-utils vulnerability
- [USN-8500-1] Vim vulnerabilities
- [USN-8398-4] nginx vulnerability
- [USN-8467-2] Perl vulnerabilities
- [USN-8496-2] cifs-utils regression
How to apply these Linux security updates
Before running any update commands, check which services are currently active on your system. If Nginx or Apache is handling live traffic, schedule a brief maintenance window or use rolling restarts to minimize downtime during the patching process. Desktop users can usually apply these fixes by opening a terminal and running the standard package manager command for their distribution followed by an upgrade flag. A reboot will be necessary if the kernel received updates to ensure the new security modules load correctly.
Power users who rely on command-line tools like jq should verify the patch level after installation. Regression bugs can occasionally break scripts that depend on specific JSON parsing behavior, so a quick test run is worth the few minutes it takes. If you use PackageKit or other GUI package managers and prefer to skip them because they sometimes hang or try to install junk, do not let that stop you from running the command-line equivalent to get these critical patches applied.
Applying these patches requires distribution-specific package management commands. RHEL-based systems typically use dnf update or yum update, while Debian and Ubuntu rely on apt upgrade. SUSE users should run zypper patch to properly address all security advisories, and Slackware administrators can manage updates with upgradepkg or slackpkg. After executing the commands, a reboot is usually necessary for kernel changes to take effect. Finally, review your package manager’s logs to verify that all patches installed successfully and no dependencies were disrupted.
Debian/Ubuntu (apt)
The first thing to do is refresh the local package index; running sudo apt update contacts all configured repositories and pulls in the newest lists of available versions. Skipping this step leaves the system blind to any recent uploads, which explains why “upgrade” sometimes claims there’s nothing to do even after a security advisory has been published. Once the index is current, invoke sudo apt upgrade -y; the -y flag answers every prompt automatically so the process doesn’t pause for user input. This command upgrades all installed packages that have newer versions in the repositories while preserving configuration files.
sudo apt update sudo apt upgrade -y
Fedora/RedHat/Rocky/Alma/Oracle (dnf or yum)
On modern Fedora and recent Red Hat derivatives, dnf is the package manager; older RHEL releases still rely on yum. Begin with a check‑update operation—sudo dnf check-update or sudo yum check-update—to see exactly which packages are awaiting an upgrade. This preview step can be useful for spotting unexpected kernel bumps before they land. To actually apply the updates, run sudo dnf upgrade -y (or sudo yum update if you prefer the older tool). The upgrade command pulls down the new binaries and runs any necessary post‑install scripts, such as rebuilding initramfs when a kernel changes.
sudo dnf check-update sudo dnf upgrade -y
or on older releases
sudo yum check-update sudo yum update
SUSE (zypper)
SUSE’s command line front‑end is called zypper. First execute sudo zypper refresh so that the metadata for all enabled repos gets updated; without this, zypper will happily report “No updates available” even though newer packages sit on the mirror. After a fresh refresh, issue sudo zypper update -y; this upgrades every package to the latest version in the configured repositories and automatically handles service restarts when required.
sudo zypper refresh sudo zypper update -y
Slackware (slackpkg and pkgtool)
Slackware doesn’t have a single unified updater, but the official way to pull updates is through slackpkg. Start with sudo slackpkg update to download the newest package list from the chosen mirror. Then run sudo slackpkg upgrade-all; this command walks through each installed package and replaces it with the most recent build available in the official repository. For users who prefer a more granular approach, specifying a package name after upgrade limits the operation to that single item. When dealing with community‑maintained repositories, pkgtool takes over: a combined sudo pkgtool update && sudo pkgtool upgrade will sync and apply updates from the mirrors listed in /etc/slackpkg/mirrors.
sudo slackpkg update sudo slackpkg upgrade-all
This is a heavy week. The threat landscape isn't slowing down, and neither are the maintainers. Keep your systems updated.