Multiple major Linux distributions released coordinated security advisories this week to address critical vulnerabilities across their core stacks. The patches prioritize fixes for the GhostLock and Januscape kernel flaws, alongside dozens of high-severity issues affecting Chromium, OpenShift, and enterprise infrastructure tools. RHEL, Oracle, Rocky, and Fedora are rolling out extensive kpatch updates and system library fixes that span both legacy and current kernel streams. Administrators should prioritize immediate patching to secure production environments against active exploitation vectors.
GhostLock and Januscape Kernel Flaws Hit Multiple Distros as Linux Security Updates Pour In
AlmaLinux calls for testers while RHEL, Debian, and Ubuntu push critical patches for Chromium, OpenShift, and enterprise stacks.
The Linux kernel is under the scanner again. AlmaLinux has released emergency patches to address the GhostLock privilege escalation bug (CVE-2026-43499) and the Januscape memory corruption flaw. You won't be the only one waiting to apply them. In the same window, RHEL, Debian, and Ubuntu are rolling out coordinated security advisories that tackle dozens of critical vulnerabilities across everything from OpenShift and Chromium to core networking tools.
It is a busy week. If you run AlmaLinux 8, 9, or 10, the updates target the Linux kernel directly, alongside fixes for Grafana, Node.js, Nginx, PostgreSQL, and Tomcat. The patches close vulnerabilities that could allow arbitrary code execution, authentication bypasses, and denial of service attacks. AlmaLinux is actually calling for testing on the patched kernels right now, so keep an eye on their tracker if you are running production boxes.

Kernel and Core Infrastructure Updates
While GhostLock grabs headlines, the actual patching effort spans the entire ecosystem. Fedora is pushing out kernel 7.1.3 rebases across versions 43 and 44. That is alongside updates for rust-quick-xml, Podman, and a slew of Rust libraries. You will also want to grab the fixes for Tor 0.4.9.11, Docker Compose 5.3.0, and Helm 4.2.2. OpenSSH is getting patches for opkssh and memory leaks in that batch.
Over on the enterprise side, Red Hat has issued security advisories for RHEL versions 7 through 10. The list is exhaustive. It covers OpenShift Container Platform versions 4.15, 4.17, 4.18, 4.19, 4.20, 4.21, 4.22, and 4.23. There are kpatch updates for kernels dating all the way back to the 4.18 and 5.14 series. If you manage RHEL infrastructure, you are looking at a serious patching window. We have all seen what happens when kpatch scripts choke on a live system. The redundancy is necessary, though the execution leaves room for improvement.
Oracle Linux is not resting either. Administrators for versions 7, 8, and 9 need to install coordinated advisories that hit the Unbreakable Enterprise Kernel, container tools, OpenSSL, Python pip, and popular web applications like Ruby, PHP, MariaDB, and Nginx. Rocky Linux mirrors that effort, patching MariaDB, Node.js, Nginx, Python, and the kernel across its own 8, 9, and 10 branches.
Desktop, Browsers, and Dev Tools
The browser front is particularly heated. Debian is fixing 25 vulnerabilities in Chromium. That is alongside 16 flaws in ImageMagick and kernel privilege escalation risks. Ubuntu Linux is doing the same, addressing critical issues across LTS versions 14.04 through 26.04. Patches cover the Raspberry Pi and NVIDIA kernels, cloud infrastructure components, Python, Apache HTTP Server, curl, and ruby-addressable.
SUSE Linux is tackling a wide array of developer tools. You will find updates for the Linux Kernel, Apache, Go 1.26, Systemd, and Postfix. There is also a critical security update for perl-Crypt-SaltedHash, plus moderate patches for Python, gimp, and chromedriver. They are rolling out updates for podman, apache2, and go1.26-openssl across their stacks.
Slackware users typically get a quieter life, but this week brings PHP, Mutt, OpenSSH, C-Ares, Tftp-hpa, Proftpd, and P11-kit fixes. Memory corruption bugs, openssl processing errors, path traversal gaps, and silent argument truncation issues are all being closed up. Buffer overflows in Tftp-hpa and stack corruption in Proftpd round out the list.
Keep in mind that these are all live advisories. The RHEL kpatches alone target multiple active kernel streams simultaneously. If you rely on RHEL, Oracle, or Rocky, your maintenance window just got longer. Head to the AlmaLinux errata tracker if you want to dig into the specific CVE mappings for GhostLock and Januscape. Otherwise, run your package managers and apply the updates before you head to sleep.
Latest Security Updates by Distribution
Here’s a complete breakdown of the security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
AlmaLinux
AlmaLinux issued a series of important security errata across versions 8, 9, and 10 to patch critical flaws in widely used software packages. The updates target the Linux kernel with fixes for GhostLock privilege escalation and Januscape memory corruption bugs, while also addressing security issues in Grafana, Node.js, Nginx, PostgreSQL, and Tomcat. These patches close vulnerabilities that could allow arbitrary code execution, authentication bypasses, and denial of service attacks against affected systems.
- ALSA-2026:35830: grafana security update (Important)
- ALSA-2026:35831: grafana-pcp security update (Important)
- ALSA-2026:34911: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:35841: nodejs24 security, bug fix, and enhancement update (Important)
- ALSA-2026:35842: nodejs22 security, bug fix, and enhancement update (Important)
- Call for testing: patched kernels for two vulnerabilities (Januscape & Bad Epoll)
- ALSA-2026:34357: opentelemetry-collector security update (Important)
- ALSA-2026:35892: nodejs:22 security, bug fix, and enhancement update (Important)
- ALSA-2026:19366: python-markdown security update (Important)
- ALSA-2026:35891: nodejs:24 security, bug fix, and enhancement update (Important)
- ALSA-2026:36188: perl-HTTP-Daemon security update (Important)
- ALSA-2026:34359: opentelemetry-collector security update (Important)
- ALSA-2026:35839: libreoffice security update (Important)
- ALSA-2026:35833: container-tools:rhel8 security update (Important)
- ALSA-2026:36049: kernel-rt security, bug fix, and enhancement update (Important)
- ALSA-2026:25341: tomcat9 update (Important)
- ALSA-2026:20613: gnutls security update (Important)
- ALSA-2026:19146: openexr security update (Important)
- ALSA-2026:24347: frr security update (Important)
- ALSA-2026:20600: wireshark security update (Important)
- ALSA-2026:36193: python3.14-pip security update (Important)
- ALSA-2026:24758: libyang security update (Important)
- ALSA-2026:26204: postgresql:18 security update (Important)
- ALSA-2026:36199: buildah security update (Important)
- ALSA-2026:35828: grafana security update (Important)
- ALSA-2026:19167: pcs security update (Important)
- ALSA-2026:36364: nginx security, bug fix, and enhancement update (Important)
- ALSA-2026:35829: grafana-pcp security update (Important)
- ALSA-2026:36195: 389-ds-base security update (Important)
- ALSA-2026:36210: freeipmi security update (Moderate)
- ALSA-2026:36187: perl-HTTP-Daemon security update (Important)
- ALSA-2026:36315: python3.14-pip security update (Important)
- ALSA-2026:36331: nginx security, bug fix, and enhancement update (Important)
- ALSA-2026:36317: skopeo security update (Important)
- ALSA-2026:36318: aardvark-dns security update (Moderate)
- ALSA-2026:36215: compat-openssl10 security update (Important)
- ALSA-2026:36307: freeipmi security update (Moderate)
- ALSA-2026:36348: kernel-rt security, bug fix, and enhancement update (Important)
- ALSA-2026:36349: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:36366: kernel security update (Important)
- ALSA-2026:36365: kernel-rt security update (Important)
- ALSA-2026:36879: tomcat security, bug fix, and enhancement update (Important)
- ALSA-2026:36639: nginx:1.26 security, bug fix, and enhancement update (Important)
- ALSA-2026:36645: kernel update (Important)
- ALSA-2026:36618: nginx:1.24 security, bug fix, and enhancement update (Important)
- ALSA-2026:36018: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:37130: gstreamer1-plugins-bad-free security update (Important)
- ALSA-2026:36774: gstreamer1-plugins-good security update (Important)
- ALSA-2026:36617: oci-seccomp-bpf-hook security update (Important)
- ALSA-2026:36734: libxml2 security update (Low)
- ALSA-2026:36733: cups security update (Moderate)
- ALSA-2026:36674: gstreamer1-plugins-ugly-free security update (Moderate)
- ALSA-2026:36732: python-urllib3 security update (Moderate)
- ALSA-2026:36730: libsolv security update (Moderate)
- ALSA-2026:36728: libtasn1 security update (Low)
- ALSA-2026:36721: edk2 security, bug fix, and enhancement update (Moderate)
- GhostLock (CVE-2026-43499) kernel privilege escalation: Call for testing
- ALSA-2026:36541: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:36749: gstreamer1-plugins-bad-free security update (Important)
- ALSA-2026:36782: aardvark-dns security update (Moderate)
- Januscape and Bad Epoll: AlmaLinux 9 and 10 patches released
- ALSA-2026:37137: tomcat security, bug fix, and enhancement update (Important)
- ALSA-2026:36956: kernel security update (Important)
- ALSA-2026:36834: gstreamer1-plugins-bad-free security update (Important)
- ALSA-2026:37129: gstreamer1-plugins-good security update (Important)
- ALSA-2026:36957: kernel security update (Important)
Debian GNU/Linux
Debian and its Long Term Support partners recently issued multiple security advisories to fix critical vulnerabilities across widely used software packages. The latest patches address sixteen flaws in ImageMagick, twenty-five vulnerabilities in Chromium, and privilege escalation risks in the Linux kernel. These updates prevent attackers from executing arbitrary code, bypassing access controls, and triggering denial of service attacks on Debian 9, Debian 12, and older distribution branches.
- [DSA 6378-1] chromium security update
- [DSA 6379-1] bird3 security update
- ELA-1767-1 rsync security update (by )
- [DLA 4671-1] linux-6.1 security update
- [DLA 4653-2] openvpn regression update
- [DSA 6381-1] linux security update
- [DSA 6380-1] mediawiki security update
- ELA-1762-2 openvpn regression update
- [DLA 4672-1] chromium security update
- ELA-1768-1 imagemagick security update (by )
- [DSA 6383-1] imagemagick security update
- [DSA 6382-1] postfix security update
- [DLA 4673-1] dpkg security update
- [DSA 6384-1] chromium security update
- [DSA 6385-1] pgextwlist security update
- [DLA 4674-1] chromium security update
- [DLA 4675-1] rlottie security update
- ELA-1770-1 linux-5.10 security update
- ELA-1769-1 linux-6.1 security update
- [DSA 6386-1] opam security update
- [DLA 4676-1] wireless-regdb new upstream version
- [DSA 6387-1] chromium security update
- ELA-1771-1 tomcat9 security update
Fedora Linux
Debian security teams distributed multiple advisories to patch vulnerabilities across widely used open source software. The updates include critical fixes for Chromium, Linux kernel versions 5.10 and 6.1, OpenVPN, and MediaWiki. Additional packages receiving security patches or regression corrections are ImageMagick, Postfix, dpkg, pgextwlist, rlottie, opam, and Tomcat 9.
- Fedora 43 Update: sandogasa-0.15.3-2.fc43
- Fedora 43 Update: rust-reqsign-aws-v4-3.0.1-2.fc43
- Fedora 43 Update: rust-quick-xml-0.41.0-1.fc43
- Fedora 43 Update: rust-inferno-0.12.6-3.fc43
- Fedora 43 Update: rust-busd-0.5.0-3.fc43
- Fedora 43 Update: rust-wayland-scanner-0.31.10-3.fc43
- Fedora 43 Update: mingw-expat-2.8.2-1.fc43
- Fedora 44 Update: sandogasa-0.15.3-2.fc44
- Fedora 44 Update: rust-reqsign-aws-v4-3.0.1-2.fc44
- Fedora 44 Update: rust-inferno-0.12.6-3.fc44
- Fedora 44 Update: rust-gtk4-macros-0.11.4-2.fc44
- Fedora 44 Update: rust-wayland-scanner-0.31.10-3.fc44
- Fedora 44 Update: rust-busd-0.5.0-3.fc44
- Fedora 44 Update: rust-quick-xml-0.41.0-1.fc44
- Fedora 44 Update: rust-ashpd-0.13.12-2.fc44
- Fedora 44 Update: mir-2.26.0-2.fc44
- Fedora 44 Update: hplip-3.26.4-7.fc44
- Fedora 44 Update: python-rpds-py-0.29.0-4.fc44
- Fedora 44 Update: mingw-expat-2.8.2-1.fc44
- Fedora 43 Update: kernel-headers-7.1.3-100.fc43
- Fedora 43 Update: kernel-7.1.3-100.fc43
- Fedora 43 Update: perl-Imager-1.032-1.fc43
- Fedora 43 Update: clamav-1.4.5-1.fc43
- Fedora 43 Update: hplip-3.26.4-7.fc43
- Fedora 43 Update: librabbitmq-0.17.0-1.fc43
- Fedora 43 Update: podman-tui-1.11.3-1.fc43
- Fedora 43 Update: prometheus-podman-exporter-1.21.2-1.fc43
- Fedora 44 Update: kernel-headers-7.1.3-200.fc44
- Fedora 44 Update: kernel-7.1.3-200.fc44
- Fedora 44 Update: perl-Imager-1.032-1.fc44
- Fedora 44 Update: podman-tui-1.11.3-1.fc44
- Fedora 44 Update: prometheus-podman-exporter-1.21.2-1.fc44
- Fedora 43 Update: python-pillow-jxl-plugin-1.3.7-2.fc43
- Fedora 43 Update: betterleaks-1.6.0-1.fc43
- Fedora 43 Update: python-cramjam-2.11.0-12.fc43
- Fedora 43 Update: python-rignore-0.7.6-7.fc43
- Fedora 43 Update: python-fastar-0.11.0-7.fc43
- Fedora 43 Update: perl-JavaScript-Minifier-XS-0.16-1.fc43
- Fedora 43 Update: tor-0.4.9.11-1.fc43
- Fedora 43 Update: perl-IO-Compress-2.221-1.fc43
- Fedora 43 Update: perl-Compress-Raw-Bzip2-2.218-1.fc43
- Fedora 44 Update: docker-compose-5.3.0-1.fc44
- Fedora 44 Update: helm-4.2.2-1.fc44
- Fedora 44 Update: betterleaks-1.6.0-1.fc44
- Fedora 44 Update: python-pillow-jxl-plugin-1.3.7-2.fc44
- Fedora 44 Update: python-cramjam-2.11.0-12.fc44
- Fedora 44 Update: python-rignore-0.7.6-7.fc44
- Fedora 44 Update: python-fastar-0.11.0-7.fc44
- Fedora 44 Update: perl-JavaScript-Minifier-XS-0.16-1.fc44
- Fedora 44 Update: tor-0.4.9.11-1.fc44
- Fedora 43 Update: perl-CSS-Minifier-XS-0.15-1.fc43
- Fedora 43 Update: opkssh-0.15.0-2.fc43
- Fedora 43 Update: rust-jiter-0.16.0-1.fc43
- Fedora 43 Update: python-jiter-0.16.0-1.fc43
- Fedora 44 Update: openssh-10.2p1-12.fc44
- Fedora 44 Update: upower-1.91.3-1.fc44
- Fedora 44 Update: opkssh-0.15.0-2.fc44
- Fedora 44 Update: perl-CSS-Minifier-XS-0.15-1.fc44
- Fedora 44 Update: python-pendulum-3.2.0-1.fc44
- Fedora 44 Update: python-nh3-0.3.6-1.fc44
- Fedora 44 Update: rust-jiter-0.16.0-1.fc44
- Fedora 44 Update: python-jiter-0.16.0-1.fc44
- Fedora 43 Update: k9s-0.51.0-2.fc43
- Fedora 43 Update: kind-0.31.0-4.fc43
- Fedora 43 Update: nmap-7.92-8.fc43
- Fedora 43 Update: python-pendulum-3.2.0-1.fc43
- Fedora 43 Update: php-8.4.23-1.fc43
- Fedora 43 Update: tmux-3.7-3.fc43
- Fedora 44 Update: perl-DBI-1.650-1.fc44
- Fedora 44 Update: libXfont2-2.0.8-1.fc44
- Fedora 44 Update: pam-1.7.2-2.fc44
- Fedora 44 Update: xorg-x11-server-Xwayland-24.1.13-1.fc44
- Fedora 44 Update: k9s-0.51.0-2.fc44
- Fedora 44 Update: kind-0.31.0-4.fc44
- Fedora 44 Update: c-ares-1.34.7-1.fc44
- Fedora 44 Update: php-8.5.8-1.fc44
- Fedora 44 Update: tmux-3.7-2.fc44
- Fedora 44 Update: tmux-3.7b-2.fc44
- Fedora 44 Update: sssd-2.13.1-2.fc44
- Fedora 44 Update: attr-2.6.0-1.fc44
- Fedora 44 Update: acl-2.4.0-1.fc44
- Fedora 44 Update: python-pillow-12.3.0-1.fc44
- Fedora 44 Update: jfrog-cli-2.112.0-1.fc44
- Fedora 44 Update: cjson-1.7.19-1.fc44
- Fedora 44 Update: perl-HTML-Gumbo-0.19-1.fc44
- Fedora 44 Update: prometheus-3.13.0-1.fc44
- Fedora 44 Update: librabbitmq-0.17.0-1.fc44
- Fedora 44 Update: composer-2.10.2-1.fc44
- Fedora 44 Update: OpenImageIO-3.1.15.0-1.fc44
- Fedora 43 Update: openssh-10.0p1-10.fc43
- Fedora 43 Update: docker-compose-5.3.0-1.fc43
- Fedora 43 Update: perl-HTML-Gumbo-0.19-1.fc43
- Fedora 43 Update: prometheus-3.13.0-1.fc43
- Fedora 43 Update: composer-2.10.2-1.fc43
- Fedora 44 Update: python-dulwich-1.2.9-1.fc44
- Fedora 44 Update: python-idna-3.18-1.fc44
- Fedora 44 Update: p11-kit-0.26.4-1.fc44
- Fedora 44 Update: webkitgtk-2.52.5-1.fc44
- Fedora 44 Update: chromium-150.0.7871.114-1.fc44
- Fedora 44 Update: xorg-x11-server-21.1.24-1.fc44
- Fedora 44 Update: perl-Crypt-DSA-1.22-1.fc44
- Fedora 44 Update: python-tornado-6.5.7-1.fc44
- Fedora 44 Update: log4cxx-1.7.0-2.fc44
- Fedora 43 Update: chromium-150.0.7871.114-1.fc43
- Fedora 43 Update: tmux-3.7b-3.fc43
- Fedora 43 Update: libXfont2-2.0.8-1.fc43
- Fedora 43 Update: xorg-x11-server-Xwayland-24.1.13-1.fc43
- Fedora 43 Update: upower-1.91.3-2.fc43
- Fedora 43 Update: perl-Crypt-DSA-1.22-1.fc43
- Fedora 43 Update: python-tornado-6.5.7-1.fc43
- Fedora 43 Update: libssh2-1.11.1-9.fc43
Oracle Linux
Oracle Linux administrators must install coordinated security advisories across versions 7, 8, and 9 to address critical vulnerabilities in core system software. The patch set covers the Unbreakable Enterprise Kernel, container tools, OpenSSL, Python pip, and popular web applications like Ruby, PHP, MariaDB, and Nginx.
- ELSA-2026-33576 Important: Oracle Linux 9 ruby:3.3 security update
- ELSA-2026-33481 Important: Oracle Linux 9 mariadb:11.8 security, bug fix, and enhancement update
- ELSA-2026-33482 Important: Oracle Linux 9 mariadb:10.11 security, bug fix, and enhancement update
- ELSA-2026-33449 Important: Oracle Linux 9 php security update
- ELSA-2026-28973 Important: Oracle Linux 9 nginx security update
- ELSA-2026-20596 Important: Oracle Linux 9 ruby:4.0 security update
- ELSA-2026-50373 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELBA-2026-27811-1 Oracle Linux 8 kernel bug fix update
- ELBA-2026-27353-1 Oracle Linux 8 kernel bug fix update
- ELSA-2026-34354 Important: Oracle Linux 8 php:7.4 security update
- ELSA-2026-34155 Moderate: Oracle Linux 8 rrdtool security update
- ELSA-2026-33722 Important: Oracle Linux 8 container-tools:rhel8 security, bug fix, and enhancement update
- ELSA-2026-33514 Important: Oracle Linux 8 ruby:2.5 security update
- ELSA-2026-30851 Important: Oracle Linux 8 perl:5.32 security update
- ELSA-2026-50372 Important: Unbreakable Enterprise kernel security update
- ELSA-2026-50374 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-50374 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
- ELSA-2026-50372 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-50373 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-50373 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-50374 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-33515 Important: Oracle Linux 8 ruby:3.3 security update
- ELSA-2026-35829 Important: Oracle Linux 9 grafana-pcp security update
- ELSA-2026-35828 Important: Oracle Linux 9 grafana security update
- ELSA-2026-33577 Important: Oracle Linux 9 ruby:4.0 security update
- ELBA-2026-50376 Oracle Linux 9 sysstat bug fix update
- ELSA-2026-35831 Important: Oracle Linux 8 grafana-pcp security update
- ELSA-2026-36318 Moderate: Oracle Linux 9 aardvark-dns security update
- ELSA-2026-36187 Important: Oracle Linux 9 perl-HTTP-Daemon security update
- ELSA-2026-36210 Moderate: Oracle Linux 9 freeipmi security update
- ELSA-2026-36317 Important: Oracle Linux 9 skopeo security update
- ELSA-2026-36195 Important: Oracle Linux 9 389-ds-base security update
- ELSA-2026-36315 Important: Oracle Linux 9 python3.14-pip security update
- ELSA-2026-33285 Important: Oracle Linux 9 kernel security, bug fix, and enhancement update
- ELSA-2026-30848 Important: Oracle Linux 9 kernel security, bug fix, and enhancement update
- ELSA-2026-25051 Important: Oracle Linux 9 libyang security update
- ELSA-2026-35833 Important: Oracle Linux 8 container-tools:ol8 security update
- ELSA-2026-36307 Moderate: Oracle Linux 8 freeipmi security update
- ELSA-2026-36215 Important: Oracle Linux 8 compat-openssl10 security update
- ELSA-2026-36188 Important: Oracle Linux 8 perl-HTTP-Daemon security update
- ELSA-2026-22456 Important: Oracle Linux 7 tigervnc security update
- ELSA-2026-20590 Important: Oracle Linux 7 xorg-x11-server security update
Red Hat Enterprise Linux
Red Hat issued security advisories for Red Hat Enterprise Linux versions 7 through 10 throughout 2026. These patches address vulnerabilities in the Linux kernel, OpenShift Container Platform, Python, Grafana, nginx, and Firefox.
- RHSA-2026:35845: Important: fence-agents security update
- RHSA-2026:35843: Important: flatpak security update
- RHSA-2026:35838: Important: python3 security update
- RHSA-2026:35846: Moderate: edk2 security update
- RHSA-2026:35832: Important: golang-github-openprinting-ipp-usb security update
- RHSA-2026:35826: Important: grafana-pcp security update
- RHSA-2026:35827: Important: grafana security update
- RHSA-2026:35867: Important: ruby:2.5 security update
- RHSA-2026:35866: Important: ruby:2.5 security update
- RHSA-2026:35837: Important: fence-agents security update
- RHSA-2026:35829: Important: grafana-pcp security update
- RHSA-2026:35835: Important: fence-agents security update
- RHSA-2026:35842: Important: nodejs22 security, bug fix, and enhancement update
- RHSA-2026:35836: Important: fence-agents security update
- RHSA-2026:35863: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:35840: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:35841: Important: nodejs24 security, bug fix, and enhancement update
- RHSA-2026:35844: Important: kernel security update
- RHSA-2026:35830: Important: grafana security update
- RHSA-2026:35834: Important: ruby security update
- RHSA-2026:35831: Important: grafana-pcp security update
- RHSA-2026:35828: Important: grafana security update
- RHSA-2026:35880: Important: libpq security update
- RHSA-2026:35869: Important: compat-openssl11 security update
- RHSA-2026:35870: Important: kpatch-patch-6_12_0-211_16_1 security update
- RHSA-2026:35839: Important: libreoffice security update
- RHSA-2026:35833: Important: container-tools:rhel8 security update
- RHSA-2026:28961: Important: OpenShift Container Platform 4.15.66 packages and security update
- RHSA-2026:28962: Critical: OpenShift Container Platform 4.15.66 bug fix and security update
- RHSA-2026:35997: Important: plexus-utils security update
- RHSA-2026:35996: Important: maven:3.8 security update
- RHSA-2026:35991: Important: plexus-utils security update
- RHSA-2026:35895: Important: ruby security update
- RHSA-2026:36049: Important: kernel-rt security, bug fix, and enhancement update
- RHSA-2026:36018: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:36012: Important: maven:3.9 security update
- RHSA-2026:35992: Important: plexus-utils security update
- RHSA-2026:35990: Important: plexus-utils security update
- RHSA-2026:35892: Important: nodejs:22 security, bug fix, and enhancement update
- RHSA-2026:35891: Important: nodejs:24 security, bug fix, and enhancement update
- RHSA-2026:35904: Important: kernel-rt security update
- RHSA-2026:35896: Important: kernel security update
- RHSA-2026:35894: Important: kernel security update
- RHSA-2026:36099: Important: ruby:3.3 security update
- RHSA-2026:36101: Important: firefox security update
- RHSA-2026:36100: Important: firefox security update
- RHSA-2026:36086: Important: xorg-x11-server security update
- RHSA-2026:34789: Important: OpenShift Container Platform 4.22.4 packages and security update
- RHSA-2026:34790: Important: OpenShift Container Platform 4.22.4 bug fix and security update
- RHSA-2026:36187: Important: perl-HTTP-Daemon security update
- RHSA-2026:36197: Important: 389-ds:1.4 security update
- RHSA-2026:36193: Important: python3.14-pip security update
- RHSA-2026:36189: Important: perl-HTTP-Daemon security update
- RHSA-2026:36188: Important: perl-HTTP-Daemon security update
- RHSA-2026:36186: Important: kernel security update
- RHSA-2026:36172: Important: kpatch-patch-5_14_0-687_10_1 security update
- RHSA-2026:36085: Important: xorg-x11-server security update
- RHSA-2026:36103: Important: firefox security update
- RHSA-2026:36102: Important: firefox security update
- RHSA-2026:36087: Important: xorg-x11-server security update
- RHSA-2026:36083: Important: xorg-x11-server security update
- RHSA-2026:36073: Important: kernel security update
- RHSA-2026:36307: Moderate: freeipmi security update
- RHSA-2026:34764: Important: OpenShift Container Platform 4.21.23 bug fix and security update
- RHSA-2026:36216: Important: kernel security update
- RHSA-2026:36203: Important: freerdp security update
- RHSA-2026:36201: Important: 389-ds:1.4 security update
- RHSA-2026:36202: Important: 389-ds:1.4 security update
- RHSA-2026:36199: Important: buildah security update
- RHSA-2026:36205: Important: 389-ds-base security update
- RHSA-2026:36206: Important: 389-ds:1.4 security update
- RHSA-2026:36208: Important: redhat-ds:11 security update
- RHSA-2026:36198: Important: 389-ds-base security update
- RHSA-2026:36204: Important: redhat-ds:11 security update
- RHSA-2026:36315: Important: python3.14-pip security update
- RHSA-2026:36331: Important: nginx security, bug fix, and enhancement update
- RHSA-2026:36317: Important: skopeo security update
- RHSA-2026:36344: Moderate: Red Hat JBoss Enterprise Application Platform 8.1.7 security update
- RHSA-2026:36343: Moderate: Red Hat JBoss Enterprise Application Platform 8.1.7 security update
- RHSA-2026:36342: Moderate: Red Hat JBoss Enterprise Application Platform 8.1.7 security update
- RHSA-2026:36215: Important: compat-openssl10 security update
- RHSA-2026:36210: Moderate: freeipmi security update
- RHSA-2026:36211: Moderate: freeipmi security update
- RHSA-2026:36217: Important: compat-openssl10 security update
- RHSA-2026:36196: Important: 389-ds-base security update
- RHSA-2026:36195: Important: 389-ds-base security update
- RHSA-2026:34788: Important: OpenShift Container Platform 4.20.28 bug fix and security update
- RHSA-2026:36209: Important: redhat-ds:12 security update
- RHSA-2026:36200: Important: redhat-ds:11 security update
- RHSA-2026:36349: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:36348: Important: kernel-rt security, bug fix, and enhancement update
- RHSA-2026:36533: Important: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_113_1, kpatch-patch-5_14_0-427_126_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 se ...
- RHSA-2026:36531: Important: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, and kpatch-patch-4_18_0-477_97_1 security update
- RHSA-2026:36532: Important: kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, kpatch-patch-5_14_0-284_158_1, and kpatch-patch-5_14_0-284_172_1 ...
- RHSA-2026:36366: Important: kernel security update
- RHSA-2026:36364: Important: nginx security, bug fix, and enhancement update
- RHSA-2026:36373: Important: httpd:2.4 security update
- RHSA-2026:36365: Important: kernel-rt security update
- RHSA-2026:36318: Moderate: aardvark-dns security update
- RHSA-2026:36345: Moderate: Red Hat JBoss Enterprise Application Platform 8.1.7 security update
- RHSA-2026:36585: Important: 389-ds-base security update
- RHSA-2026:36534: Important: kpatch-patch-5_14_0-570_116_1, kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 secu ...
- RHSA-2026:36530: Important: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 sec ...
- RHSA-2026:36618: Important: nginx:1.24 security, bug fix, and enhancement update
- RHSA-2026:36634: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:34815: Important: OpenShift Container Platform 4.18.47 bug fix and security update
- RHSA-2026:36632: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:36617: Important: oci-seccomp-bpf-hook security update
- RHSA-2026:36633: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:36749: Important: gstreamer1-plugins-bad-free security update
- RHSA-2026:36721: Moderate: edk2 security, bug fix, and enhancement update
- RHSA-2026:36645: Important: kernel update
- RHSA-2026:36674: Moderate: gstreamer1-plugins-ugly-free security update
- RHSA-2026:36675: Important: gstreamer1-plugins-good security update
- RHSA-2026:36671: Important: 389-ds-base security update
- RHSA-2026:36639: Important: nginx:1.26 security, bug fix, and enhancement update
- RHSA-2026:36673: Moderate: gstreamer1-plugins-ugly-free security update
- RHSA-2026:36670: Important: 389-ds-base security update
- RHSA-2026:36643: Moderate: glibc security update
- RHSA-2026:36641: Important: redhat-ds:12 security update
- RHSA-2026:36541: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:36776: Important: rhc security update
- RHSA-2026:36792: Important: xorg-x11-server security update
- RHSA-2026:36791: Important: xorg-x11-server security update
- RHSA-2026:36789: Important: tomcat9 security update
- RHSA-2026:36796: Important: Red Hat Edge Manager Version 1.0.3 Security Update
- RHSA-2026:36774: Important: gstreamer1-plugins-good security update
- RHSA-2026:36733: Moderate: cups security update
- RHSA-2026:36734: Low: libxml2 security update
- RHSA-2026:36730: Moderate: libsolv security update
- RHSA-2026:36697: Moderate: opencryptoki security update
- RHSA-2026:36732: Moderate: python-urllib3 security update
- RHSA-2026:36832: Important: libreoffice security update
- RHSA-2026:36846: Important: httpd:2.4 security update
- RHSA-2026:36839: Important: Red Hat Build of Apache Camel 4.18 for Quarkus 3.33 update is now available (RHBQ 3.33.2.SP2)
- RHSA-2026:36831: Important: httpd:2.4 security update
- RHSA-2026:36788: Important: tomcat security, bug fix, and enhancement update
- RHSA-2026:36790: Important: tomcat9 security, bug fix, and enhancement update
- RHSA-2026:36798: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:36782: Moderate: aardvark-dns security update
- RHSA-2026:36787: Important: tomcat security update
- RHSA-2026:36767: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:36768: Important: xorg-x11-server security update
- RHSA-2026:36717: Moderate: opencryptoki security update
- RHSA-2026:36728: Low: libtasn1 security update
- RHSA-2026:37070: Moderate: perl:5.32 security update
- RHSA-2026:36957: Important: kernel security update
- RHSA-2026:36956: Important: kernel security update
- RHSA-2026:36879: Important: tomcat security, bug fix, and enhancement update
- RHSA-2026:36877: Important: tomcat security update
- RHSA-2026:36876: Important: tomcat security update
- RHSA-2026:36878: Important: tomcat security update
- RHSA-2026:36834: Important: gstreamer1-plugins-bad-free security update
- RHSA-2026:37210: Important: firefox security update
- RHSA-2026:37129: Important: gstreamer1-plugins-good security update
- RHSA-2026:37137: Important: tomcat security, bug fix, and enhancement update
- RHSA-2026:34097: Important: OpenShift Container Platform 4.17.55 packages and security update
- RHSA-2026:37136: Important: tomcat security update
- RHSA-2026:37130: Important: gstreamer1-plugins-bad-free security update
- RHSA-2026:37123: Important: podman security, bug fix, and enhancement update
- RHSA-2026:37072: Important: podman security, bug fix, and enhancement update
- RHSA-2026:37251: Moderate: libreoffice security update
- RHSA-2026:37249: Moderate: libreoffice security update
- RHSA-2026:37385: Important: rh-podman-desktop security advisory update
- RHSA-2026:34755: Important: OpenShift Container Platform 4.19.37 packages and security update
- RHSA-2026:34757: Moderate: OpenShift Container Platform 4.19.37 bug fix and security update
- RHSA-2026:37250: Moderate: libreoffice security update
- RHSA-2026:37390: Important: Red Hat Build of Apache Camel 4.18.1.P1 for Spring Boot release.
- RHSA-2026:34048: Important: OpenShift Container Platform 4.12.93 bug fix and security update
- RHSA-2026:37410: Important: buildah security update
- RHSA-2026:37397: Important: ruby security update
- RHSA-2026:37396: Moderate: compat-glibc security update
- RHSA-2026:37395: Moderate: glibc security update
- RHSA-2026:37391: Important: firefox security update
- RHSA-2026:37238: Important: ruby:3.3 security update
- RHSA-2026:37207: Important: freerdp security update
- RHSA-2026:34098: Critical: OpenShift Container Platform 4.17.55 bug fix and security update
- RHSA-2026:37728: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:37729: Important: kernel security update
- RHSA-2026:37435: Important: golang security, bug fix, and enhancement update
- RHSA-2026:37436: Important: golang security, bug fix, and enhancement update
Rocky Linux
Rocky Linux administrators must apply recent security advisories that address vulnerabilities across versions 8, 9, and 10. These updates patch critical flaws in widely used software including MariaDB, Node.js, Nginx, Python, and the Linux kernel.
- RLSA-2023:6385: Moderate: liblouis security update
- RLSA-2026:33124: Moderate: coreutils security update
- RLSA-2026:30860: Important: perl-IO-Compress security update
- RLSA-2026:32990: Important: cifs-utils security update
- RLSA-2026:33540: Important: ruby4.0 security update
- RLSA-2026:30845: Moderate: mod_md security update
- RLSA-2026:33565: Important: ruby security update
- RLSA-2026:33502: Important: giflib security update
- RLSA-2026:33093: Important: mariadb10.11 security, bug fix, and enhancement update
- RLSA-2026:33412: Important: galera and mariadb11.8 security, bug fix, and enhancement update
- RLSA-2026:33092: Moderate: glibc security, bug fix, and enhancement update
- RLSA-2026:30855: Important: git-lfs security update
- RLSA-2026:30846: Important: thunderbird security update
- RLSA-2026:30857: Important: perl-Archive-Tar security update
- RLSA-2026:34156: Moderate: rrdtool security update
- RLSA-2026:33482: Important: mariadb:10.11 security, bug fix, and enhancement update
- RLSA-2026:33481: Important: mariadb:11.8 security, bug fix, and enhancement update
- RLSA-2026:34359: Important: opentelemetry-collector security update
- RLSA-2026:35891: Important: nodejs:24 security, bug fix, and enhancement update
- RLSA-2026:35892: Important: nodejs:22 security, bug fix, and enhancement update
- RLSA-2026:35833: Important: container-tools:rhel8 security update
- RLSA-2026:35830: Important: grafana security update
- RLSA-2026:35839: Important: libreoffice security update
- RLSA-2026:35831: Important: grafana-pcp security update
- RLSA-2026:35826: Important: grafana-pcp security update
- RLSA-2026:34109: Important: httpd security, bug fix, and enhancement update
- RLSA-2026:35832: Important: golang-github-openprinting-ipp-usb security update
- RLSA-2026:35827: Important: grafana security update
- RLSA-2026:34355: Moderate: mod_http2 security, bug fix, and enhancement update
- RLSA-2026:34357: Important: opentelemetry-collector security update
- RLSA-2026:33731: Moderate: rrdtool security update
- RLSA-2026:35828: Important: grafana security update
- RLSA-2026:35829: Important: grafana-pcp security update
- RLSA-2026:36188: Important: perl-HTTP-Daemon security update
- RLSA-2026:36307: Moderate: freeipmi security update
- RLSA-2026:36189: Important: perl-HTTP-Daemon security update
- RLSA-2026:36364: Important: nginx security, bug fix, and enhancement update
- RLSA-2026:36193: Important: python3.14-pip security update
- RLSA-2026:36203: Important: freerdp security update
- RLSA-2026:36199: Important: buildah security update
- RLSA-2026:36196: Important: 389-ds-base security update
- RLSA-2026:35842: Important: nodejs22 security, bug fix, and enhancement update
- RLSA-2026:36187: Important: perl-HTTP-Daemon security update
- RLSA-2026:36195: Important: 389-ds-base security update
- RLSA-2026:36618: Important: nginx:1.24 security, bug fix, and enhancement update
- RLSA-2026:36315: Important: python3.14-pip security update
- RLSA-2026:36318: Moderate: aardvark-dns security update
- RLSA-2026:36317: Important: skopeo security update
- RLSA-2026:36639: Important: nginx:1.26 security, bug fix, and enhancement update
- RLSA-2026:36774: Important: gstreamer1-plugins-good security update
- RLSA-2026:36201: Important: 389-ds:1.4 security update
- RLSA-2026:36721: Moderate: edk2 security, bug fix, and enhancement update
- RLSA-2026:36733: Moderate: cups security update
- RLSA-2026:36734: Low: libxml2 security update
- RLSA-2026:36730: Moderate: libsolv security update
- RLSA-2026:36728: Low: libtasn1 security update
- RLSA-2026:37130: Important: gstreamer1-plugins-bad-free security update
- RLSA-2026:37137: Important: tomcat security, bug fix, and enhancement update
- RLSA-2026:36782: Moderate: aardvark-dns security update
- RLSA-2026:36675: Important: gstreamer1-plugins-good security update
- RLSA-2026:36790: Important: tomcat9 security, bug fix, and enhancement update
- RLSA-2026:37072: Important: podman security, bug fix, and enhancement update
- RLSA-2026:35841: Important: nodejs24 security, bug fix, and enhancement update
- RLSA-2026:36749: Important: gstreamer1-plugins-bad-free security update
- RLSA-2026:36673: Moderate: gstreamer1-plugins-ugly-free security update
- RLSA-2026:36788: Important: tomcat security, bug fix, and enhancement update
- RLSA-2026:37207: Important: freerdp security update
- RLSA-2026:36617: Important: oci-seccomp-bpf-hook security update
- RLSA-2026:37123: Important: podman security, bug fix, and enhancement update
- RLSA-2026:37129: Important: gstreamer1-plugins-good security update
- RLSA-2026:37410: Important: buildah security update
- RLSA-2026:36832: Important: libreoffice security update
- RLSA-2026:36834: Important: gstreamer1-plugins-bad-free security update
- RLSA-2026:36674: Moderate: gstreamer1-plugins-ugly-free security update
- RLSA-2026:36879: Important: tomcat security, bug fix, and enhancement update
- RLSA-2026:36365: Important: kernel-rt security update
- RLSA-2026:36366: Important: kernel security update
- RLSA-2026:36956: Important: kernel security update
- RLSA-2026:36018: Important: kernel security, bug fix, and enhancement update
Slackware Linux
The Slackware Linux Security Team distributed new packages for version 15.0 and the current branch to patch critical flaws across multiple applications. PHP and Mutt updates resolve memory corruption bugs and openssl processing errors, while OpenSSH and C-Ares patches eliminate path traversal gaps and silent argument truncation issues. Additional fixes target buffer overflows in Tftp-hpa, stack corruption in Proftpd, unbounded recursion in P11-kit, and two Xorg server vulnerabilities affecting TigerVNC.
- Slackware 15.0 php82 (SSA:2026-186-02)
- mutt (SSA:2026-186-01)
- openssh (SSA:2026-187-02)
- c-ares (SSA:2026-187-01)
- tftp-hpa (SSA:2026-188-01)
- proftpd (SSA:2026-189-02)
- xorg-server (SSA:2026-189-03)
- libXfont2 (SSA:2026-189-01)
- tigervnc (SSA:2026-190-01)
- p11-kit (SSA:2026-191-01)
SUSE Linux
SUSE deployed coordinated security patches to fix hundreds of vulnerabilities across core Linux distributions and developer tools. These updates target important software including the Linux Kernel, Chromium browser, Apache server, and Python libraries while also securing Go, Systemd, and Postfix.
- openSUSE-SU-2026:11183-1: moderate: python313-joserfc-1.7.2-2.1 on GA media
- SUSE-SU-2026:2754-1: moderate: Security update for python3-lxml
- SUSE-SU-2026:2756-1: moderate: Security update for gimp
- SUSE-SU-2026:2755-1: moderate: Security update for xdg-dbus-proxy
- SUSE-SU-2026:2775-1: important: Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
- openSUSE-SU-2026:11184-1: moderate: chromedriver-150.0.7871.46-1.1 on GA media
- openSUSE-SU-2026:0230-1: critical: Security update for perl-Crypt-SaltedHash
- SUSE-SU-2026:2781-1: moderate: Security update for postfix
- SUSE-SU-2026:2779-1: important: Security update for bind
- openSUSE-SU-2026:11190-1: moderate: python313-dulwich-1.2.7-1.1 on GA media
- openSUSE-SU-2026:11186-1: moderate: helm-4.2.2-2.1 on GA media
- openSUSE-SU-2026:11188-1: moderate: json-c-devel-0.19-1.1 on GA media
- openSUSE-SU-2026:11194-1: moderate: sdbootutil-1+git20260706.f9f4faf-1.1 on GA media
- openSUSE-SU-2026:11193-1: moderate: librpmbuild10-4.20.1-8.1 on GA media
- openSUSE-SU-2026:11191-1: moderate: python313-lxml_html_clean-0.4.5-1.1 on GA media
- openSUSE-SU-2026:11187-1: moderate: helm3-3.21.2-2.1 on GA media
- openSUSE-SU-2026:11192-1: moderate: python313-openapi-spec-validator-0.9.0-1.1 on GA media
- openSUSE-SU-2026:11185-1: moderate: gi-docgen-2026.1-1.1 on GA media
- openSUSE-SU-2026:21267-1: moderate: Recommended update for mpv, libKPipeWireRecord6, ffmpegthumbs-kf5
- openSUSE-SU-2026:21266-1: important: Security update for openQA, os-autoinst
- openSUSE-SU-2026:21262-1: important: Security update for hauler
- openSUSE-SU-2026:21254-1: important: Security update for go1.26-openssl
- openSUSE-SU-2026:21252-1: important: Security update for clamav
- openSUSE-SU-2026:21251-1: important: Security update for alloy
- openSUSE-SU-2026:21249-1: important: Security update for trivy
- openSUSE-SU-2026:21247-1: important: Security update for docker-compose
- openSUSE-SU-2026:21242-1: important: Security update for assimp
- openSUSE-SU-2026:21244-1: important: Security update for podman
- openSUSE-SU-2026:21240-1: important: Security update for gstreamer-plugins-good
- openSUSE-SU-2026:21239-1: important: Security update for python-msgpack
- openSUSE-SU-2026:21238-1: important: Security update for krb5
- openSUSE-SU-2026:21235-1: important: Security update for apache2
- openSUSE-SU-2026:0232-1: important: Security update for go-sendxmpp
- openSUSE-SU-2026:0231-1: important: Security update for radare2
- SUSE-SU-2026:2785-1: moderate: Security update for systemd, systemd-mini
- SUSE-SU-2026:2789-1: important: Security update for xorg-x11-server
- SUSE-SU-2026:2791-1: important: Security update for xorg-x11-server
- SUSE-SU-2026:2786-1: important: Security update for xorg-x11-server
- openSUSE-SU-2026:0233-1: critical: Security update for chromium
- openSUSE-SU-2026:11197-1: moderate: apptainer-1.5.1-3.1 on GA media
- openSUSE-SU-2026:11196-1: moderate: python313-yt-dlp-2026.07.04-1.1 on GA media
- openSUSE-SU-2026:11195-1: moderate: tomcat11-11.0.23-1.1 on GA media
- SUSE-SU-2026:2803-1: important: Security update for dracut
- openSUSE-SU-2026:0235-1: moderate: Security update for openQA, os-autoinst
- openSUSE-SU-2026:0237-1: moderate: Security update for transmission
- SUSE-SU-2026:2809-1: moderate: Security update for systemd
- SUSE-SU-2026:2810-1: moderate: Security update for glib-networking
- SUSE-SU-2026:2811-1: important: Security update for python-maturin
- openSUSE-SU-2026:11213-1: moderate: dirmngr-2.5.21-1.1 on GA media
- openSUSE-SU-2026:11212-1: moderate: go1.25-1.25.12-1.1 on GA media
- openSUSE-SU-2026:11214-1: moderate: kernel-devel-7.1.3-1.1 on GA media
- openSUSE-SU-2026:11211-1: moderate: fluidsynth-2.5.6-1.1 on GA media
- openSUSE-SU-2026:11206-1: moderate: sccache-0.16.0~0-2.1 on GA media
- openSUSE-SU-2026:11205-1: moderate: rustup-1.28.2~0-4.1 on GA media
- openSUSE-SU-2026:11210-1: moderate: cargo-c-0.10.23-1.1 on GA media
- SUSE-SU-2026:2820-1: important: Security update for GraphicsMagick
- SUSE-SU-2026:2819-1: moderate: Security update for python-Django
- SUSE-SU-2026:2828-1: moderate: Security update for python-idna
- SUSE-SU-2026:2827-1: important: Security update for cosign
- SUSE-SU-2026:2829-1: important: Security update for libaom
- SUSE-SU-2026:2830-1: important: Security update for warewulf4
- SUSE-SU-2026:2832-1: important: Security update for rustup
- SUSE-SU-2026:2831-1: important: Security update for rustup
- SUSE-SU-2026:2834-1: important: Security update for clamav
- SUSE-SU-2026:2835-1: important: Security update for clamav
- openSUSE-SU-2026:0239-1: important: Security update for flannel
- openSUSE-SU-2026:0238-1: important: Security update for chromium
- SUSE-SU-2026:2844-1: important: Security update for gstreamer-plugins-good
- SUSE-SU-2026:2842-1: important: Security update for gstreamer-plugins-good
- SUSE-SU-2026:2843-1: important: Security update for gstreamer-plugins-good
- SUSE-SU-2026:2847-1: important: Security update for krb5
- SUSE-SU-2026:2848-1: important: Security update for krb5, krb5-mini
- openSUSE-SU-2026:21274-1: important: Security update for rust-keylime
- openSUSE-SU-2026:11221-1: moderate: python313-sqlparse-0.5.5-2.1 on GA media
- openSUSE-SU-2026:11223-1: moderate: rustup-1.28.2~0-5.1 on GA media
- openSUSE-SU-2026:11217-1: moderate: nasm-3.02-1.1 on GA media
- openSUSE-SU-2026:11218-1: moderate: libIex-3_4-33-3.4.13-1.1 on GA media
- openSUSE-SU-2026:11224-1: moderate: sccache-0.16.0~0-3.1 on GA media
- openSUSE-SU-2026:11220-1: moderate: python313-pytest-html-4.2.0-4.1 on GA media
- openSUSE-SU-2026:11215-1: moderate: libmbedtls23-4.2.0-1.1 on GA media
- SUSE-SU-2026:2840-1: important: Security update for the Linux Kernel
- openSUSE-SU-2026:11231-1: moderate: flannel-0.28.7-1.1 on GA media
- openSUSE-SU-2026:11232-1: moderate: go1.26-1.26.5-1.1 on GA media
- openSUSE-SU-2026:11228-1: moderate: ImageMagick-7.1.2.27-1.1 on GA media
Ubuntu Linux
Ubuntu released multiple security notices addressing critical vulnerabilities across LTS versions 14.04 through 26.04. Patches cover the Raspberry Pi and NVIDIA kernels, cloud infrastructure components, and widely used software like Python, Apache HTTP Server, curl, and ruby-addressable.
- [USN-8492-3] Linux kernel (Raspberry Pi Real-time) vulnerabilities
- [USN-8508-1] Linux kernel (NVIDIA) vulnerabilities
- [USN-8507-1] Linux kernel (NVIDIA) vulnerabilities
- [USN-8503-1] ncurses vulnerability
- [USN-8510-1] tar vulnerability
- [USN-8509-1] Python vulnerabilities
- [USN-8504-1] SOGo vulnerabilities
- [USN-8505-1] Parsl vulnerability
- [USN-8506-1] Request Tracker vulnerabilities
- [USN-8502-1] GnuTLS vulnerabilities
- [USN-8513-1] PHP vulnerabilities
- [USN-8514-1] OpenSSH vulnerability
- [USN-8512-1] Gzip vulnerabilities
- [USN-8511-1] socat vulnerabilities
- [USN-8515-1] Addressable vulnerability
- [USN-8516-1] Apache HTTP Server vulnerabilities
- [USN-8517-1] ClamAV vulnerabilities
- [USN-8518-1] mailcap vulnerability
- [USN-8492-4] Linux kernel (Raspberry Pi) vulnerabilities
- [USN-8490-2] Linux kernel (Raspberry Pi) vulnerabilities
- [USN-8522-1] LibRaw vulnerabilities
- [USN-8521-1] Libidn vulnerability
- [USN-8524-1] Python vulnerability
- [USN-8520-1] Expat vulnerability
- [USN-8519-1] Go Cryptography vulnerabilities
- [USN-8525-1] curl vulnerabilities
- [USN-8526-1] libheif vulnerabilities
- [USN-8523-1] libsoup vulnerabilities
- [USN-8530-1] Linux kernel (AWS) vulnerabilities
- [USN-8529-1] Linux kernel vulnerabilities
- [USN-8528-1] Linux kernel (Xilinx ZynqMP) vulnerabilities
- [USN-8527-1] Linux kernel (Raspberry Pi) vulnerabilities
- [USN-8492-5] Linux kernel (FIPS) vulnerabilities
How to apply these Linux security updates
Before running any update commands, check which services are currently active on your system. If Nginx or Apache is handling live traffic, schedule a brief maintenance window or use rolling restarts to minimize downtime during the patching process. Desktop users can usually apply these fixes by opening a terminal and running the standard package manager command for their distribution followed by an upgrade flag. A reboot will be necessary if the kernel received updates to ensure the new security modules load correctly.
Power users who rely on command-line tools like jq should verify the patch level after installation. Regression bugs can occasionally break scripts that depend on specific JSON parsing behavior, so a quick test run is worth the few minutes it takes. If you use PackageKit or other GUI package managers and prefer to skip them because they sometimes hang or try to install junk, do not let that stop you from running the command-line equivalent to get these critical patches applied.
Applying these patches requires distribution-specific package management commands. RHEL-based systems typically use dnf update or yum update, while Debian and Ubuntu rely on apt upgrade. SUSE users should run zypper patch to properly address all security advisories, and Slackware administrators can manage updates with upgradepkg or slackpkg. After executing the commands, a reboot is usually necessary for kernel changes to take effect. Finally, review your package manager’s logs to verify that all patches installed successfully and no dependencies were disrupted.
Debian/Ubuntu (apt)
The first thing to do is refresh the local package index; running sudo apt update contacts all configured repositories and pulls in the newest lists of available versions. Skipping this step leaves the system blind to any recent uploads, which explains why “upgrade” sometimes claims there’s nothing to do even after a security advisory has been published. Once the index is current, invoke sudo apt upgrade -y; the -y flag answers every prompt automatically so the process doesn’t pause for user input. This command upgrades all installed packages that have newer versions in the repositories while preserving configuration files.
sudo apt update sudo apt upgrade -y
Fedora/RedHat/Rocky/Alma/Oracle (dnf or yum)
On modern Fedora and recent Red Hat derivatives, dnf is the package manager; older RHEL releases still rely on yum. Begin with a check‑update operation—sudo dnf check-update or sudo yum check-update—to see exactly which packages are awaiting an upgrade. This preview step can be useful for spotting unexpected kernel bumps before they land. To actually apply the updates, run sudo dnf upgrade -y (or sudo yum update if you prefer the older tool). The upgrade command pulls down the new binaries and runs any necessary post‑install scripts, such as rebuilding initramfs when a kernel changes.
sudo dnf check-update sudo dnf upgrade -y
or on older releases
sudo yum check-update sudo yum update
SUSE (zypper)
SUSE’s command line front‑end is called zypper. First execute sudo zypper refresh so that the metadata for all enabled repos gets updated; without this, zypper will happily report “No updates available” even though newer packages sit on the mirror. After a fresh refresh, issue sudo zypper update -y; this upgrades every package to the latest version in the configured repositories and automatically handles service restarts when required.
sudo zypper refresh sudo zypper update -y
Slackware (slackpkg and pkgtool)
Slackware doesn’t have a single unified updater, but the official way to pull updates is through slackpkg. Start with sudo slackpkg update to download the newest package list from the chosen mirror. Then run sudo slackpkg upgrade-all; this command walks through each installed package and replaces it with the most recent build available in the official repository. For users who prefer a more granular approach, specifying a package name after upgrade limits the operation to that single item. When dealing with community‑maintained repositories, pkgtool takes over: a combined sudo pkgtool update && sudo pkgtool upgrade will sync and apply updates from the mirrors listed in /etc/slackpkg/mirrors.
sudo slackpkg update sudo slackpkg upgrade-all