This week's Linux security landscape is dominated by a massive wave of advisories across nearly every major distribution, targeting core infrastructure like the Linux kernel, container runtimes, and web servers. Critical fixes include patches for RHEL's kernel-rt, Oracle's Samba, and openSUSE's Chromium, alongside urgent updates for Python, PHP, Go, and Node.js runtimes that address memory corruption and remote code execution flaws. Enterprise teams on Red Hat, Rocky, and AlmaLinux must prioritize kernel and Podman/Buildah patches, while Debian LTS and Ubuntu administrators need to clear out buffer handling bugs in OpenSSH and NTFS-3G to prevent active exploitation. With vulnerabilities ranging from critical privilege escalation to important browser risks, IT teams should immediately apply the latest errata to close attack vectors before they can be leveraged in production environments.
This Week's Linux Security Roundup: Massive Kernel Patches, Container Fixes, and a Critical Samba Flaw
Admins running enterprise Linux just got hit with a massive wave of security advisories this week. The updates span nearly every major distribution, targeting everything from the mainline kernel to container runtimes, web servers, and Python libraries. If you manage production servers, skipping this round isn't an option.
That's after the usual steady drip of CVEs. This week, the volume spiked. Red Hat's ecosystem alone pushed over sixty advisories. Oracle, Rocky, and AlmaLinux mirrored the changes. Debian's LTS team cleared out memory corruption and remote code execution flaws in Chromium, Mesa, and GRUB2. Fedora 43 and 44 administrators need to patch high-severity browser and ImageMagick bugs immediately. SUSE rolled out kernel live patches, OpenSSL fixes, and a critical update for openSUSE's Chromium. Ubuntu delivered seventeen advisories just for the 24th of July, covering everything from OpenSSH privilege escalation to NTFS-3G buffer handling.
The Heavy Hitters
Kernel updates are dominating the list. Nearly every distro pushed patches for the mainline and real-time kernels. RHEL even marked one kernel-rt advisory as Critical. Oracle Linux flagged a Samba update for OL10 as Critical, while openSUSE labeled its Chromium fix the same. You'll also see massive coverage for container tools. Podman, Buildah, and rootlesskit got security bumps across RHEL, Oracle, SUSE, and Rocky. Web server configs aren't safe either. Nginx, Tomcat, and Traefik 2 all received important ratings.
Language runtimes took a hit too. Python 3.12, Python 3.14, and Python 3.15 all landed updates. PHP 8.4.24 and 8.5.9 release candidates are now flowing into Fedora's test repos. Go toolsets got security bumps on AlmaLinux, Oracle, and Rocky. Node.js 24 and Node.js 22 followed suit. If you're running GIMP or ImageMagick for image processing workflows, those got patched. OpenSUSE's Chromium fix and SUSE's ImageMagick updates carry important ratings.
What Actually Matters for Your Stack
Let's cut through the advisory numbers. The kernel patches are non-negotiable. You've got memory corruption and privilege escalation risks closing out in the wild. The container tools updates fix remote code execution paths that attackers have been exploiting for months. Nginx and Tomcat patches handle request parsing flaws that can crash daemons or leak data. Python and PHP updates address deserialization and buffer handling bugs.
Slackware got a single netatalk upgrade to 4.5.1 for file server stability. Not a big deal, but it keeps your legacy Samba alternatives from rotting. Distros just pushed the commits. No press releases. Just advisory links and version bumps. You have about forty-eight hours before someone starts exploiting the unpatched nodes in your environment.
Latest Security Updates by Distribution
Here’s a complete breakdown of the security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
AlmaLinux
AlmaLinux distributed a series of security patches for versions 8, 9, and 10 to address known vulnerabilities across the operating system. IT teams need to install these updates immediately because they fix critical flaws in essential software like the Linux kernel, PHP, Python, and Nginx. The latest advisories also cover container management tools such as Podman, web server components, and programming frameworks including Node.js 24 and LibreOffice. Security officials categorized the majority of these fixes as important while assigning moderate or lower ratings to a few specific packages like FreeIPMI and corosync.
- ALSA-2026:28290: libreoffice security update (Moderate)
- ALSA-2026:37435: golang security, bug fix, and enhancement update (Important)
- ALSA-2026:37123: podman security, bug fix, and enhancement update (Important)
- ALSA-2026:37207: freerdp security update (Important)
- ALSA-2026:37410: buildah security update (Important)
- ALSA-2026:36201: 389-ds:1.4 security update (Important)
- ALSA-2026:38487: xorg-x11-server security update (Important)
- ALSA-2026:38485: gegl security update (Important)
- ALSA-2026:38488: xorg-x11-server-Xwayland security update (Important)
- ALSA-2026:36211: freeipmi security update (Moderate)
- ALSA-2026:36788: tomcat security, bug fix, and enhancement update (Important)
- ALSA-2026:36790: tomcat9 security, bug fix, and enhancement update (Important)
- ALSA-2026:37436: golang security, bug fix, and enhancement update (Important)
- ALSA-2026:38491: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:38492: kernel security update (Important)
- ALSA-2026:38486: xorg-x11-server security update (Important)
- ALSA-2026:38498: openexr security update (Important)
- ALSA-2026:38796: plexus-utils security update (Important)
- ALSA-2026:38512: perl-DBI security update (Important)
- ALSA-2026:38878: podman security update (Important)
- ALSA-2026:38495: podman security update (Important)
- ALSA-2026:38494: buildah security update (Important)
- ALSA-2026:38513: perl-DBI security update (Important)
- ALSA-2026:38500: maven:3.9 security update (Important)
- ALSA-2026:38499: openexr security update (Important)
- ALSA-2026:38514: plexus-utils security update (Important)
- ALSA-2026:38493: buildah security update (Important)
- ALSA-2026:38496: gimp security update (Important)
- ALSA-2026:39127: python-pillow security update (Important)
- ALSA-2026:38501: freerdp security update (Important)
- ALSA-2026:39083: kernel update (Important)
- ALSA-2026:39082: kernel-rt update (Important)
- ALSA-2026:38995: go-toolset:rhel8 security, bug fix, and enhancement update (Important)
- ALSA-2026:38901: perl-DBI:1.641 security update (Important)
- ALSA-2026:38847: nginx:1.24 security, bug fix, and enhancement update (Important)
- ALSA-2026:39180: kernel-rt security update (Important)
- ALSA-2026:39266: git-lfs security update (Important)
- ALSA-2026:39296: libinput security update (Moderate)
- ALSA-2026:39302: cups security update (Moderate)
- ALSA-2026:39304: libxml2 security update (Low)
- ALSA-2026:22649: php8.4 security update (Important)
- ALSA-2026:22141: go-fdo-client and go-fdo-server security update (Moderate)
- ALSA-2026:39575: cifs-utils security, bug fix, and enhancement update (Important)
- ALSA-2026:39320: python3 security update (Important)
- ALSA-2026:39179: kernel security update (Important)
- ALSA-2026:39322: pacemaker security update (Important)
- ALSA-2026:39272: git-lfs security update (Important)
- ALSA-2026:19043: corosync security update (Moderate)
- ALSA-2026:39183: python3.12 security update (Important)
- ALSA-2026:39798: python3.9 security, bug fix, and enhancement update (Important)
- ALSA-2026:39771: python3.12 security update (Important)
- ALSA-2026:39319: git-lfs security update (Important)
- ALSA-2026:39316: cups security update (Moderate)
- ALSA-2026:39315: libsolv security update (Moderate)
- ALSA-2026:39317: libxml2 security update (Low)
- ALSA-2026:39494: kernel security, bug fix, and enhancement update (Important)
- ALSA-2026:36832: libreoffice security update (Important)
- ALSA-2026:39553: perl-XML-LibXML security update (Important)
- ALSA-2026:39576: cifs-utils security, bug fix, and enhancement update (Important)
- ALSA-2026:39868: nodejs:24 security, bug fix, and enhancement update (Important)
- ALSA-2026:39893: python3.12 security update (Important)
- ALSA-2026:39878: perl-XML-LibXML security update (Important)
- ALSA-2026:38504: container-tools:rhel8 security update (Important)
Debian GNU/Linux
Debian Long Term Support released emergency security advisories to patch critical flaws across multiple widely used system packages. These updates resolve memory corruption, remote code execution, and privilege escalation vulnerabilities in applications including Chromium, Mesa, Dnsmasq, and GRUB2. Debian 12 and 13 administrators must install the patches immediately to prevent attackers from executing unauthorized code or bypassing network protections. The advisories address between fifteen and twenty-seven flaws per release, highlighting the necessity of frequent system maintenance.
- [DLA 4677-1] chromium security update
- [DLA 4678-1] libxfont security update
- [DLA 4679-1] mesa security update
- [DLA 4681-1] p7zip security update
- [DLA 4682-1] redis security update
- [DLA 4680-1] imagemagick security update
- ELA-1772-1 dnsmasq security update (by )
- [DLA 4684-1] opam security update
- [DLA 4683-1] wolfssl security update
- [DSA 6388-1] libxfont security update
- [DLA 4685-1] grub2 security update
- [DLA 4686-1] dhcpcd5 security update
- [DSA 6389-1] ntfs-3g security update
- ELA-1774-1 libxfont security update
- [DLA 4687-1] chromium security update
- [DSA 6390-1] chromium security update
- ELA-1773-1 openssl security update (by )
- ELA-1774-1 libxfont security update (by )
Fedora Linux
Fedora 43 and 44 distributions require immediate security patches to address high-severity flaws across dozens of core applications. Major browsers and utilities receive critical fixes, including fifteen closed vulnerabilities in Chromium, multiple security advisories for Firefox and ImageMagick, and an upgrade to Calibre 9.11.0 that eliminates arbitrary code execution risks. System administrators must also update xrdp to resolve ten reported issues and repair kernel XFS mapping errors.
- Fedora 43 Update: attr-2.6.0-1.fc43
- Fedora 43 Update: acl-2.4.0-1.fc43
- Fedora 43 Update: calibre-9.11.0-1.fc43
- Fedora 43 Update: golang-github-openprinting-ipp-usb-0.9.34-1.fc43
- Fedora 44 Update: calibre-9.11.0-1.fc44
- Fedora 44 Update: breezy-3.3.21-2.fc44
- Fedora 43 Update: kernel-7.1.3-101.fc43
- Fedora 43 Update: prometheus-3.13.1-1.fc43
- Fedora 44 Update: kernel-7.1.3-201.fc44
- Fedora 44 Update: prometheus-3.13.1-1.fc44
- Fedora 44 Update: freerdp-3.28.0-1.fc44
- Fedora 43 Update: freerdp-3.28.0-1.fc43
- Fedora 43 Update: perl-Imager-1.033-1.fc43
- Fedora 43 Update: xrdp-0.10.6.1-1.fc43
- Fedora 43 Update: python-bcrypt-4.3.0-14.fc43
- Fedora 43 Update: roundcubemail-1.6.17-1.fc43
- Fedora 43 Update: python-tiktoken-0.13.0-2.fc43
- Fedora 44 Update: firefox-152.0.6-1.fc44
- Fedora 44 Update: perl-Imager-1.033-1.fc44
- Fedora 44 Update: xrdp-0.10.6.1-1.fc44
- Fedora 44 Update: python-bcrypt-4.3.0-14.fc44
- Fedora 44 Update: roundcubemail-1.7.2-1.fc44
- Fedora 44 Update: python-tiktoken-0.13.0-2.fc44
- Fedora 43 Update: firefox-152.0.6-1.fc43
- Fedora 43 Update: rust-cargo-rpmstatus-0.2.5-2.fc43
- Fedora 43 Update: rust-opendal-0.55.0-2.fc43
- Fedora 43 Update: perl-DBI-1.650-1.fc43
- Fedora 43 Update: ansible-collection-ansible-posix-2.2.1-1.fc43
- Fedora 43 Update: mingw-glib2-2.86.5-2.fc43
- Fedora 44 Update: freerdp-3.29.0-1.fc44
- Fedora 44 Update: ImageMagick-7.1.2.27-1.fc44
- Fedora 44 Update: perl-HTTP-Date-6.08-1.fc44
- Fedora 44 Update: rust-cargo-rpmstatus-0.2.5-2.fc44
- Fedora 44 Update: rust-opendal-0.55.0-2.fc44
- Fedora 44 Update: mingw-glib2-2.88.2-2.fc44
- Fedora 44 Update: ansible-collection-ansible-posix-2.2.1-1.fc44
- Fedora 43 Update: chromium-150.0.7871.124-1.fc43
- Fedora 43 Update: node-exporter-1.12.1-1.fc43
- Fedora 43 Update: spoofdpi-1.5.3-2.fc43
- Fedora 43 Update: yq-4.53.3-1.fc43
- Fedora 43 Update: ruby-3.4.10-31.fc43
- Fedora 43 Update: proftpd-1.3.9c-1.fc43
- Fedora 43 Update: log4cxx-1.7.0-2.fc43
- Fedora 44 Update: chromium-150.0.7871.124-1.fc44
- Fedora 44 Update: python-django5-5.2.16-1.fc44
- Fedora 44 Update: libtiff-4.7.2-1.fc44
- Fedora 44 Update: ruby-4.0.6-36.fc44
- Fedora 44 Update: spoofdpi-1.5.3-1.fc44
- Fedora 44 Update: yq-4.53.3-1.fc44
- Fedora 44 Update: proftpd-1.3.9c-1.fc44
- Fedora 44 Update: python-libcst-1.8.6-4.fc44
- Fedora 43 Update: erlang-26.2.5.21-4.fc43
- Fedora 43 Update: antlr4-project-4.13.2-14.fc43
- Fedora 43 Update: opam-2.5.2-1.fc43
- Fedora 43 Update: python-uv-build-0.11.28-1.fc43
- Fedora 43 Update: uv-0.11.28-1.fc43
- Fedora 43 Update: python-orjson-3.11.9-3.fc43
- Fedora 43 Update: rust-astral_async_zip-0.0.20-1.fc43
Oracle Linux
Oracle Linux administrators must install a coordinated batch of security advisories covering versions seven through ten. These releases prioritize core kernel patches alongside critical updates for nginx, glibc, podman, and vim. The patches resolve dozens of identified CVEs that directly impact container operations, network routing, and image processing workflows. System administrators managing x86_64 and aarch64 deployments will find fixes for major applications including LibreOffice, Samba, and the Unbreakable Enterprise Kernel.
- ELSA-2026-50387 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-37435 Important: Oracle Linux 9 golang security, bug fix, and enhancement update
- ELSA-2026-37410 Important: Oracle Linux 9 buildah security update
- ELSA-2026-37123 Important: Oracle Linux 9 podman security, bug fix, and enhancement update
- ELSA-2026-37207 Important: Oracle Linux 9 freerdp security update
- ELSA-2026-37129 Important: Oracle Linux 9 gstreamer1-plugins-good security update
- ELSA-2026-36879 Important: Oracle Linux 9 tomcat security, bug fix, and enhancement update
- ELSA-2026-36834 Important: Oracle Linux 9 gstreamer1-plugins-bad-free security update
- ELSA-2026-36777 Important: Oracle Linux 9 unbound security update
- ELSA-2026-36674 Moderate: Oracle Linux 9 gstreamer1-plugins-ugly-free security update
- ELSA-2026-36018 Important: Oracle Linux 9 kernel security, bug fix, and enhancement update
- ELSA-2026-36639 Important: Oracle Linux 9 nginx:1.26 security, bug fix, and enhancement update
- ELSA-2026-36618 Important: Oracle Linux 9 nginx:1.24 security, bug fix, and enhancement update
- ELSA-2026-26567 Moderate: Oracle Linux 7 libexif security update
- ELBA-2026-36723 Oracle Linux 8 gnome-shell-extensions bug fix and enhancement update
- ELSA-2026-36617 Important: Oracle Linux 9 oci-seccomp-bpf-hook security update
- ELSA-2026-35891 Important: Oracle Linux 9 nodejs:24 security, bug fix, and enhancement update
- ELSA-2026-35892 Important: Oracle Linux 9 nodejs:22 security, bug fix, and enhancement update
- ELSA-2026-26204 Important: Oracle Linux 9 postgresql:18 security update
- ELSA-2026-50387 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-50388 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELBA-2026-50378 Oracle Linux 9 fips-provider-next bug fix update
- ELSA-2026-50387 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-36734 Low: Oracle Linux 8 libxml2 security update
- ELBA-2026-25921 Oracle Linux 8 scap-security-guide bug fix and enhancement update
- ELSA-2026-36728 Low: Oracle Linux 8 libtasn1 security update
- ELSA-2026-37282 Important: Oracle Linux 8 unbound security update
- ELSA-2026-37137 Important: Oracle Linux 8 tomcat security, bug fix, and enhancement update
- ELSA-2026-36733 Moderate: Oracle Linux 8 cups security update
- ELSA-2026-37130 Important: Oracle Linux 8 gstreamer1-plugins-bad-free security update
- ELSA-2026-36774 Important: Oracle Linux 8 gstreamer1-plugins-good security update
- ELSA-2026-36732 Moderate: Oracle Linux 8 python-urllib3 security update
- ELSA-2026-36730 Moderate: Oracle Linux 8 libsolv security update
- ELSA-2026-36201 Important: Oracle Linux 8 389-ds:1.4 security update
- ELSA-2026-50388 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
- ELSA-2026-36721 Moderate: Oracle Linux 8 edk2 security, bug fix, and enhancement update
- ELSA-2026-50388 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
- ELBA-2026-36731 Oracle Linux 8 libusbx bug fix and enhancement update
- ELBA-2026-36725 Oracle Linux 8 nfs-utils bug fix and enhancement update
- ELSA-2026-35830 Important: Oracle Linux 8 grafana security update
- ELBA-2026-36724 Oracle Linux 8 gdm and gnome-shell bug fix and enhancement update
- New Ksplice updates for UEKR8 6.12.0 on OL9 and OL10 (ELSA-2026-50319)
- ELBA-2026-36366-1 Oracle Linux 8 kernel bug fix update
- ELSA-2026-38878 Important: Oracle Linux 9 podman security update
- ELSA-2026-38511 Important: Oracle Linux 9 vim security update
- ELSA-2026-38498 Important: Oracle Linux 9 openexr security update
- ELSA-2026-38512 Important: Oracle Linux 9 perl-DBI security update
- ELSA-2026-38496 Important: Oracle Linux 9 gimp security update
- ELSA-2026-38493 Important: Oracle Linux 9 buildah security update
- ELSA-2026-38486 Important: Oracle Linux 9 xorg-x11-server security update
- ELSA-2026-36957 Important: Oracle Linux 9 kernel security update
- ELSA-2026-36331 Important: Oracle Linux 9 nginx security, bug fix, and enhancement update
- ELSA-2026-38510 Important: Oracle Linux 8 vim security update
- ELSA-2026-38503 Moderate: Oracle Linux 8 openssl security update
- ELSA-2026-38501 Important: Oracle Linux 8 freerdp security update
- ELSA-2026-38488 Important: Oracle Linux 8 xorg-x11-server-Xwayland security update
- ELSA-2026-36366 Important: Oracle Linux 8 kernel security update
- ELSA-2026-33743 Important: Oracle Linux 8 kernel security, bug fix, and enhancement update
- ELSA-2026-39319 Important: Oracle Linux 9 git-lfs security update
- ELSA-2026-39316 Moderate: Oracle Linux 9 cups security update
- ELSA-2026-39315 Moderate: Oracle Linux 9 libsolv security update
- ELSA-2026-39311 Low: Oracle Linux 9 qemu-kvm security update
- ELSA-2026-39317 Low: Oracle Linux 9 libxml2 security update
- ELSA-2026-36645 Important: Oracle Linux 9 kernel update
- ELSA-2026-19354 Important: Oracle Linux 9 PackageKit security update
- ELSA-2026-39127 Important: Oracle Linux 8 python-pillow security update
- ELSA-2026-39083 Important: Oracle Linux 8 kernel update
- ELSA-2026-38847 Important: Oracle Linux 8 nginx:1.24 security, bug fix, and enhancement update
- ELSA-2026-36349 Important: Oracle Linux 8 kernel security, bug fix, and enhancement update
- ELSA-2026-33126 Moderate: Oracle Linux 8 glibc security update
- ELSA-2026-26453 Important: Oracle Linux 7 389-ds-base security update
- ELSA-2026-16101 Important: Oracle Linux 7 host-metering security update
- ELBA-2026-50354 Oracle Linux 8 oVirt 4.5 ovirt-engine bug fix update
- ELSA-2026-500004 Important: Unbreakable Enterprise kernel security update
- ELSA-2026-500004 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELSA-2026-40751 Important: Oracle Linux 9 gimp security update
- ELSA-2026-39798 Important: Oracle Linux 9 python3.9 security, bug fix, and enhancement update
- ELSA-2026-40831 Important: Oracle Linux 9 hplip security update
- ELSA-2026-39771 Important: Oracle Linux 9 python3.12 security update
- ELSA-2026-39576 Important: Oracle Linux 9 cifs-utils security, bug fix, and enhancement update
- ELSA-2026-38500 Important: Oracle Linux 9 maven:3.9 security update
- ELSA-2026-39553 Important: Oracle Linux 9 perl-XML-LibXML security update
- ELSA-2026-38491 Important: Oracle Linux 9 kernel security, bug fix, and enhancement update
- ELSA-2026-35839 Important: Oracle Linux 8 libreoffice security update
- ELBA-2026-33743-1 Oracle Linux 8 kernel bug fix update
- ELSA-2026-36832 Important: Oracle Linux 9 libreoffice security update
- ELBA-2026-50329 Oracle Linux 8 iscsi-initiator-utils bug fix update
- ELBA-2026-39328 Oracle Linux 9 openssl bug fix and enhancement update
- ELBA-2026-39313 Oracle Linux 9 libXrender bug fix and enhancement update
- ELBA-2026-500003 Oracle Linux 9 osbuild bug fix update
- ELBA-2026-36349-1 Oracle Linux 8 kernel bug fix update
- ELSA-2026-39266 Important: Oracle Linux 8 git-lfs security update
- ELSA-2026-39893 Important: Oracle Linux 8 python3.12 security update
- ELSA-2026-39575 Important: Oracle Linux 8 cifs-utils security, bug fix, and enhancement update
- ELSA-2026-38995 Important: Oracle Linux 8 go-toolset:ol8 security, bug fix, and enhancement update
- ELSA-2026-39878 Important: Oracle Linux 8 perl-XML-LibXML security update
- ELSA-2026-39320 Important: Oracle Linux 8 python3 security update
- ELSA-2026-38485 Important: Oracle Linux 8 gegl security update
- New Ksplice updates for UEKR8 6.12.0 on OL9 and OL10 (ELSA-2026-50372)
- New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9 (5.15.0-322.203.3.4)
- New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (5.4.17-2136.357.3.3)
- ELSA-2026-23102 Important: Oracle Linux 10 delve security update
- ELSA-2026-22141 Moderate: Oracle Linux 10 go-fdo-client and go-fdo-server security update
- ELSA-2026-22715 Important: Oracle Linux 10 expat security update
- ELSA-2026-22529 Moderate: Oracle Linux 10 libexif security update
- ELSA-2026-22963 Critical: Oracle Linux 10 samba security update
- ELSA-2026-21757 Important: Oracle Linux 10 flatpak security update
- ELSA-2026-21676 Important: Oracle Linux 10 cockpit security update
- ELSA-2026-19560 Important: Oracle Linux 10 libsndfile security update
- ELSA-2026-20600 Important: Oracle Linux 10 wireshark security update
- ELSA-2026-20567 Important: Oracle Linux 10 qt6-qtdeclarative security update
- ELSA-2026-19158 Important: Oracle Linux 10 dnsmasq security update
- ELSA-2026-19151 Important: Oracle Linux 10 jq security update
- ELSA-2026-19150 Important: Oracle Linux 10 libtiff security update
- ELSA-2026-19149 Important: Oracle Linux 10 dovecot security update
- ELSA-2026-19148 Moderate: Oracle Linux 10 glib2 security update
- ELSA-2026-19141 Important: Oracle Linux 10 PackageKit security update
- ELSA-2026-19145 Important: Oracle Linux 10 krb5 security update
- ELSA-2026-19130 Important: Oracle Linux 10 libcap security update
- ELSA-2026-19143 Moderate: Oracle Linux 10 libsoup3 security update
- ELSA-2026-19127 Important: Oracle Linux 10 gdk-pixbuf2 security update
Red Hat Enterprise Linux
Red Hat distributed a series of security advisories for Red Hat Enterprise Linux versions 8, 9, and 10 to address multiple software vulnerabilities. These patches target core infrastructure and development packages including the Linux kernel, Python, Thunderbird, OpenStack, and JBoss Web Server. Administrators will find impact ratings ranging from low to important across the various advisories covering system utilities and container tools. System owners must apply these updates to maintain compliance and protect their RHEL environments from known exploitation risks.
- RHSA-2026:38513: Important: perl-DBI security update
- RHSA-2026:38489: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:38488: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:38514: Important: plexus-utils security update
- RHSA-2026:38494: Important: buildah security update
- RHSA-2026:39082: Important: kernel-rt update
- RHSA-2026:39119: Moderate: libreoffice security update
- RHSA-2026:39142: Important: thunderbird security update
- RHSA-2026:39141: Important: thunderbird security update
- RHSA-2026:39127: Important: python-pillow security update
- RHSA-2026:39115: Important: evince security update
- RHSA-2026:39083: Important: kernel update
- RHSA-2026:39246: Important: nodejs22 security update
- RHSA-2026:39179: Important: kernel security update
- RHSA-2026:39183: Important: python3.12 security update
- RHSA-2026:39272: Important: git-lfs security update
- RHSA-2026:39266: Important: git-lfs security update
- RHSA-2026:39319: Important: git-lfs security update
- RHSA-2026:39371: Important: kernel security update
- RHSA-2026:39322: Important: pacemaker security update
- RHSA-2026:39320: Important: python3 security update
- RHSA-2026:39180: Important: kernel-rt security update
- RHSA-2026:39428: Important: thunderbird security update
- RHSA-2026:39323: Important: pacemaker security update
- RHSA-2026:39576: Important: cifs-utils security, bug fix, and enhancement update
- RHSA-2026:39494: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:39315: Moderate: libsolv security update
- RHSA-2026:39316: Moderate: cups security update
- RHSA-2026:39317: Low: libxml2 security update
- RHSA-2026:39304: Low: libxml2 security update
- RHSA-2026:39302: Moderate: cups security update
- RHSA-2026:39309: Low: capstone security update
- RHSA-2026:39311: Low: qemu-kvm security update
- RHSA-2026:39296: Moderate: libinput security update
- RHSA-2026:39297: Moderate: edk2 security, bug fix, and enhancement update
- RHSA-2026:39706: Important: thunderbird security update
- RHSA-2026:39575: Important: cifs-utils security, bug fix, and enhancement update
- RHSA-2026:39573: Important: yggdrasil security update
- RHSA-2026:39553: Important: perl-XML-LibXML security update
- RHSA-2026:39547: Important: perl-XML-LibXML security update
- RHSA-2026:39893: Important: python3.12 security update
- RHSA-2026:39878: Important: perl-XML-LibXML security update
- RHSA-2026:39812: Important: Red Hat OpenStack Services on OpenShift 18.0 (openstack-glance) security update
- RHSA-2026:39809: Important: Red Hat OpenStack Services on OpenShift 18.0 (erlang) security update
- RHSA-2026:39810: Important: Red Hat OpenStack Services on OpenShift 18.0 (golang-github-openstack-k8s-operators-os-diff) security update
- RHSA-2026:39811: Important: Red Hat OpenStack Services on OpenShift 18.0 (openstack-ironic) security update
- RHSA-2026:39808: Important: Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) security update
- RHSA-2026:39771: Important: python3.12 security update
- RHSA-2026:39983: Moderate: kernel-rt security update
- RHSA-2026:39984: Important: kernel security update
- RHSA-2026:40082: Important: kernel security update
- RHSA-2026:40068: Important: kernel security update
- RHSA-2026:40425: Important: kernel update
- RHSA-2026:39976: Important: hplip security update
- RHSA-2026:39879: Important: rhc security update
- RHSA-2026:39868: Important: nodejs:24 security, bug fix, and enhancement update
- RHSA-2026:39798: Important: python3.9 security, bug fix, and enhancement update
- RHSA-2026:40895: Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update
- RHSA-2026:40894: Important: hplip security update
- RHSA-2026:40841: Important: maven:3.8 security update
- RHSA-2026:36620: Important: OpenShift Container Platform 4.16.66 bug fix and security update
- RHSA-2026:40831: Important: hplip security update
- RHSA-2026:40760: Important: kernel security update
- RHSA-2026:41019: Important: Red Hat Edge Manager Version 1.1.3 Security Update
- RHSA-2026:40856: Important: python3.14 security update
- RHSA-2026:40833: Important: pacemaker security update
- RHSA-2026:40751: Important: gimp security update
- RHSA-2026:41063: Important: kernel security update
- RHSA-2026:41062: Important: kernel security update
- RHSA-2026:41042: Important: pacemaker security update
- RHSA-2026:41041: Important: pacemaker security update
- RHSA-2026:41043: Important: pacemaker security update
- RHSA-2026:41044: Important: pacemaker security update
- RHSA-2026:41234: Important: kernel-rt security update
- RHSA-2026:41235: Important: kernel security update
- RHSA-2026:41236: Critical: kernel-rt security, bug fix, and enhancement update
- RHSA-2026:41229: Important: kernel security update
- RHSA-2026:39188: Important: Red Hat JBoss Web Server 7.0.0 security release
Rocky Linux
Rocky Linux administrators must apply recent security advisories across versions 8, 9, and 10 to address multiple vulnerabilities. The released errata target foundational system components alongside widely used development and desktop applications. Affected software includes the Linux kernel, Golang, OpenSSL, Podman, Python, and various container tools. These patches resolve specific flaws tracked under official CVE identifiers to prevent potential system exploitation.
- RLSA-2026:37436: Important: golang security, bug fix, and enhancement update
- RLSA-2026:36957: Important: kernel security update
- RLSA-2026:37435: Important: golang security, bug fix, and enhancement update
- RHSA-2026:38508: Moderate: libreoffice security update
- RHSA-2026:38487: Important: xorg-x11-server security update
- RHSA-2026:38493: Important: buildah security update
- RHSA-2026:38499: Important: openexr security update
- RHSA-2026:38495: Important: podman security update
- RHSA-2026:38503: Moderate: openssl security update
- RHSA-2026:38485: Important: gegl security update
- RHSA-2026:38505: Important: tomcat security, bug fix, and enhancement update
- RHSA-2026:38506: Important: firefox security update
- RHSA-2026:38502: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:38486: Important: xorg-x11-server security update
- RHSA-2026:38492: Important: kernel security update
- RHSA-2026:38504: Important: container-tools:rhel8 security update
- RHSA-2026:38805: Moderate: openssl security update
- RHSA-2026:38804: Moderate: openssl security update
- RHSA-2026:38847: Important: nginx:1.24 security, bug fix, and enhancement update
- RHSA-2026:38796: Important: plexus-utils security update
- RHSA-2026:38498: Important: openexr security update
- RHSA-2026:38810: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:38497: Important: gegl04 security update
- RHSA-2026:38512: Important: perl-DBI security update
- RHSA-2026:38750: Important: thunderbird security update
- RHSA-2026:38753: Important: thunderbird security update
- RHSA-2026:38751: Important: thunderbird security update
- RHSA-2026:38501: Important: freerdp security update
- RHSA-2026:38490: Important: xorg-x11-server-Xwayland security update
- RHSA-2026:38496: Important: gimp security update
- RHSA-2026:38507: Moderate: libreoffice security update
- RHSA-2026:38901: Important: perl-DBI:1.641 security update
- RHSA-2026:39012: Important: compat-openssl11 security update
- RHSA-2026:39011: Important: firefox security update
- RHSA-2026:39009: Important: compat-openssl11 security update
- RHSA-2026:39006: Moderate: freeipmi security update
- RHSA-2026:39008: Moderate: freeipmi security update
- RHSA-2026:39010: Moderate: freeipmi security update
- RHSA-2026:39005: Important: rhc security update
- RHSA-2026:39007: Moderate: freeipmi security update
- RHSA-2026:38995: Important: go-toolset:rhel8 security, bug fix, and enhancement update
- RHSA-2026:38491: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:38902: Important: kernel security, bug fix, and enhancement update
- RHSA-2026:38878: Important: podman security update
- RHSA-2026:38500: Important: maven:3.9 security update
- RHSA-2026:39025: Important: openexr security update
- RHSA-2026:39026: Important: openexr security update
- RHSA-2026:39024: Important: openexr security update
- RHSA-2026:39027: Important: openexr security update
- RLSA-2026:38847: Important: nginx:1.24 security, bug fix, and enhancement update
- RLSA-2026:38504: Important: container-tools:rhel8 security update
- RLSA-2026:36211: Moderate: freeipmi security update
- RLSA-2026:36210: Moderate: freeipmi security update
- RLSA-2026:38500: Important: maven:3.9 security update
- RLSA-2026:36215: Important: compat-openssl10 security update
- RLSA-2026:38485: Important: gegl security update
- RLSA-2026:38488: Important: xorg-x11-server-Xwayland security update
- RLSA-2026:38487: Important: xorg-x11-server security update
- RLSA-2026:38501: Important: freerdp security update
- RLSA-2026:38503: Moderate: openssl security update
- RLSA-2026:38495: Important: podman security update
- RLSA-2026:38514: Important: plexus-utils security update
- RLSA-2026:38494: Important: buildah security update
- RLSA-2026:38489: Important: xorg-x11-server-Xwayland security update
- RLSA-2026:38513: Important: perl-DBI security update
- RLSA-2026:38499: Important: openexr security update
- RLSA-2026:38512: Important: perl-DBI security update
- RLSA-2026:38493: Important: buildah security update
- RLSA-2026:38498: Important: openexr security update
- RLSA-2026:38486: Important: xorg-x11-server security update
- RLSA-2026:38878: Important: podman security update
- RLSA-2026:38491: Important: kernel security, bug fix, and enhancement update
- RLSA-2026:38497: Important: gegl04 security update
- RLSA-2026:38490: Important: xorg-x11-server-Xwayland security update
- RLSA-2026:38492: Important: kernel security update
- RLSA-2026:39302: Moderate: cups security update
- RLSA-2026:39573: Important: yggdrasil security update
- RLSA-2026:39297: Moderate: edk2 security, bug fix, and enhancement update
- RLSA-2026:39272: Important: git-lfs security update
- RLSA-2026:39183: Important: python3.12 security update
- RLSA-2026:39494: Important: kernel security, bug fix, and enhancement update
- RLSA-2026:39296: Moderate: libinput security update
- RLSA-2026:39304: Low: libxml2 security update
- RLSA-2026:39311: Low: qemu-kvm security update
- RLSA-2026:39309: Low: capstone security update
- RLSA-2026:39323: Important: pacemaker security update
- RLSA-2026:39319: Important: git-lfs security update
- RLSA-2026:39315: Moderate: libsolv security update
- RLSA-2026:39317: Low: libxml2 security update
- RLSA-2026:39576: Important: cifs-utils security, bug fix, and enhancement update
- RLSA-2026:39316: Moderate: cups security update
- RLSA-2026:39180: Important: kernel-rt security update
- RLSA-2026:38901: Important: perl-DBI:1.641 security update
- RLSA-2026:38995: Important: go-toolset:rhel8 security, bug fix, and enhancement update
- RLSA-2026:39322: Important: pacemaker security update
- RLSA-2026:39547: Important: perl-XML-LibXML security update
- RLSA-2026:39553: Important: perl-XML-LibXML security update
- RLSA-2026:39893: Important: python3.12 security update
- RLSA-2026:39868: Important: nodejs:24 security, bug fix, and enhancement update
- RLSA-2026:39878: Important: perl-XML-LibXML security update
- RLSA-2026:39976: Important: hplip security update
- RLSA-2026:39771: Important: python3.12 security update
- RLSA-2026:39798: Important: python3.9 security, bug fix, and enhancement update
- RLSA-2026:40841: Important: maven:3.8 security update
- RLSA-2026:40894: Important: hplip security update
- RLSA-2026:40895: Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update
- RLSA-2026:40831: Important: hplip security update
Slackware Linux
The Slackware Linux Security Team distributed security advisory SSA:2026-197-01 to upgrade the netatalk package. This release pushes version 4.5.1 to the stable Slackware 15.0 distribution and the active development branch. System administrators must apply the update to keep their file server services aligned with the latest stability improvements. The patch addresses known vulnerabilities and ensures continued compatibility across all supported Slackware environments.
SUSE Linux
SUSE issued security advisories for SUSE Linux Enterprise and openSUSE platforms, addressing vulnerabilities across core system components and third-party applications. Administrators must prioritize patches for the Linux kernel live updates, ImageMagick, curl, and OpenSSL due to their critical severity ratings and potential exploitation risks. The updates also resolve high-severity flaws in Chromium, Django, Kubernetes, Podman, GIMP, and Python libraries for SUSE Linux Enterprise versions 15 through 17 and openSUSE Leap 15. OpenSUSE Tumbleweed received moderate security fixes for Nginx, Blender, and other tools, while SUSE Linux Enterprise administrators should deploy these changes immediately to mitigate known threats.
- openSUSE-SU-2026:11244-1: moderate: xorg-x11-server-21.1.21-8.1 on GA media
- openSUSE-SU-2026:11243-1: moderate: traefik2-2.11.52-1.1 on GA media
- openSUSE-SU-2026:11241-1: moderate: rclone-1.74.4-1.1 on GA media
- openSUSE-SU-2026:11240-1: moderate: python313-websockets-16.0-2.1 on GA media
- openSUSE-SU-2026:11242-1: moderate: spectre-meltdown-checker-26.36.0602723-1.1 on GA media
- openSUSE-SU-2026:11236-1: moderate: python313-Django6-6.0.7-1.1 on GA media
- openSUSE-SU-2026:11235-1: moderate: python313-Django4-4.2.30-4.1 on GA media
- openSUSE-SU-2026:0240-1: moderate: Security update for perl-CGI-Session
- openSUSE-SU-2026:0241-1: moderate: Security update for python-social-auth-app-django
- openSUSE-SU-2026:21303-1: important: Security update for gsasl
- openSUSE-SU-2026:21302-1: moderate: Security update for nghttp2
- openSUSE-SU-2026:21301-1: moderate: Security update for dash
- openSUSE-SU-2026:21296-1: important: Security update for python-Pillow
- openSUSE-SU-2026:21292-1: important: Security update for agama
- openSUSE-SU-2026:21293-1: important: Security update for perl-DBI
- openSUSE-SU-2026:21290-1: important: Security update for sssd
- openSUSE-SU-2026:21291-1: important: Security update for ImageMagick
- openSUSE-SU-2026:21284-1: important: Security update for libXfont2
- openSUSE-SU-2026:21289-1: important: Security update for tiff
- openSUSE-SU-2026:21283-1: important: Security update for xwayland
- SUSE-SU-2026:2853-1: important: Security update for tiff
- SUSE-SU-2026:2854-1: moderate: Security update for python-urllib3
- SUSE-SU-2026:2864-1: important: Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2866-1: important: Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6)
- SUSE-SU-2026:2867-1: important: Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2868-1: important: Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP5)
- openSUSE-SU-2026:11249-1: moderate: python313-weasyprint-69.0-1.1 on GA media
- openSUSE-SU-2026:11254-1: moderate: chromedriver-150.0.7871.114-1.1 on GA media
- openSUSE-SU-2026:11248-1: moderate: python313-Django-5.2.16-1.1 on GA media
- openSUSE-SU-2026:11247-1: moderate: libredwg-devel-0.14.8413-1.1 on GA media
- SUSE-SU-2026:2874-1: moderate: Security update for sccache
- SUSE-SU-2026:2875-1: important: Security update for python-Pillow
- SUSE-SU-2026:2880-1: moderate: Security update for php8
- SUSE-SU-2026:2885-1: moderate: Security update for alsa
- SUSE-SU-2026:2886-1: moderate: Security update for libslirp
- SUSE-SU-2026:2890-1: important: Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:2888-1: important: Security update for the Linux Kernel (Live Patch 52 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2889-1: important: Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2894-1: important: Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6)
- SUSE-SU-2026:2902-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7)
- SUSE-SU-2026:2899-1: important: Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:2910-1: important: Security update for the Linux Kernel (Live Patch 47 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2926-1: important: Security update for curl
- SUSE-SU-2026:2931-1: moderate: Security update for libslirp
- SUSE-SU-2026:2920-1: important: Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2932-1: important: Security update for the Linux Kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2933-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:2937-1: important: Security update for the Linux Kernel (Live Patch 53 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:2942-1: important: Security update for kubernetes
- SUSE-SU-2026:2938-1: important: Security update for the Linux Kernel (Live Patch 38 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:2945-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)
- openSUSE-SU-2026:0243-1: important: Security update for afterburn
- SUSE-SU-2026:2949-1: moderate: Security update for python-mistune
- SUSE-SU-2026:2954-1: important: Security update for krb5
- SUSE-SU-2026:2964-1: important: Security update for buildah
- SUSE-SU-2026:2968-1: moderate: Security update for python-Authlib
- SUSE-SU-2026:2965-1: important: Security update for kubernetes-old
- SUSE-SU-2026:2957-1: important: Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6)
- SUSE-SU-2026:2961-1: important: Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP5)
- openSUSE-SU-2026:11262-1: moderate: sdbootutil-1+git20260713.d869cf8-1.1 on GA media
- openSUSE-SU-2026:11256-1: moderate: busybox-1.38.0-1.1 on GA media
- openSUSE-SU-2026:11260-1: moderate: patch-2.8-3.1 on GA media
- openSUSE-SU-2026:11259-1: moderate: libopenbabel8-3.2.1-1.1 on GA media
- openSUSE-SU-2026:11258-1: moderate: libxml2-16-2.15.3-2.1 on GA media
- openSUSE-SU-2026:11261-1: moderate: python313-Pillow-12.3.0-1.1 on GA media
- openSUSE-SU-2026:11257-1: moderate: freetype2-devel-2.14.3-1.1 on GA media
- openSUSE-SU-2026:11255-1: moderate: afterburn-5.10.0.git73.b97f772-1.1 on GA media
- openSUSE-SU-2026:0244-1: important: Security update for gosec
- openSUSE-SU-2026:0245-1: important: Security update for enc
- SUSE-SU-2026:2984-1: moderate: Security update for python3-dulwich
- SUSE-SU-2026:2989-1: important: Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:2991-1: important: Security update for the Linux Kernel (Live Patch 54 for SUSE Linux Enterprise 15 SP4)
- SUSE-SU-2026:3005-1: moderate: Security update for openssl-3
- SUSE-SU-2026:3000-1: important: Security update for rootlesskit
- SUSE-SU-2026:3004-1: moderate: Security update for openssl-3
- SUSE-SU-2026:3001-1: important: Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:2997-1: important: Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP6)
- SUSE-SU-2026:3002-1: important: Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP6)
- SUSE-SU-2026:3009-1: important: Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP5)
- SUSE-SU-2026:3008-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP6)
- SUSE-SU-2026:2993-1: important: Security update for the Linux Kernel (Live Patch 55 for SUSE Linux Enterprise 15 SP4)
- openSUSE-SU-2026:21351-1: moderate: Security update for grafana
- openSUSE-SU-2026:21342-1: important: Security update for python-soupsieve
- openSUSE-SU-2026:21343-1: moderate: Security update for python-sqlparse
- openSUSE-SU-2026:21339-1: moderate: Security update for python-mistune
- openSUSE-SU-2026:21333-1: low: Security update for nasm
- openSUSE-SU-2026:21332-1: low: Security update for patch
- openSUSE-SU-2026:21331-1: low: Security update for helm
- openSUSE-SU-2026:21329-1: moderate: Security update for tomcat11
- openSUSE-SU-2026:21327-1: moderate: Security update for tomcat
- openSUSE-SU-2026:21324-1: important: Security update for go1.25
- openSUSE-SU-2026:21321-1: important: Security update for go1.26-openssl
- openSUSE-SU-2026:21319-1: critical: Security update for go1.25-openssl
- openSUSE-SU-2026:21317-1: important: Security update for libxml2
- openSUSE-SU-2026:11271-1: moderate: python313-django-debug-toolbar-7.0.0-1.1 on GA media
- SUSE-SU-2026:3022-1: important: Security update for sccache
- SUSE-SU-2026:3023-1: important: Security update for ImageMagick
- SUSE-SU-2026:3025-1: important: Security update for sssd
- SUSE-SU-2026:3026-1: important: Security update for python-cryptography
- SUSE-SU-2026:3028-1: important: Security update for dnsmasq
- SUSE-SU-2026:3029-1: moderate: Security update for glibc
- SUSE-SU-2026:3030-1: moderate: Security update for glibc
- SUSE-SU-2026:3032-1: moderate: Security update for glib-networking
- SUSE-SU-2026:3036-1: important: Security update for yelp
- SUSE-SU-2026:3037-1: important: Security update for yelp
- SUSE-SU-2026:3040-1: important: Security update for python-cryptography
- SUSE-SU-2026:3042-1: important: Security update for gnutls
- SUSE-SU-2026:3043-1: important: Security update for curl
- SUSE-SU-2026:3044-1: important: Security update for the Linux Kernel
- SUSE-SU-2026:3049-1: important: Security update for distribution
- SUSE-SU-2026:3053-1: important: Security update for ImageMagick
- SUSE-SU-2026:3058-1: important: Security update for gstreamer-plugins-bad
- SUSE-SU-2026:3063-1: important: Security update for buildah
- SUSE-SU-2026:3070-1: important: Security update for podman
- SUSE-SU-2026:3069-1: important: Security update for rekor
- SUSE-SU-2026:3068-1: important: Security update for cosign
- SUSE-SU-2026:3071-1: important: Security update for podman
- openSUSE-SU-2026:11279-1: moderate: jackson-databind-2.18.9-2.1 on GA media
- openSUSE-SU-2026:11273-1: moderate: ImageMagick-7.1.2.27-2.1 on GA media
- openSUSE-SU-2026:11281-1: moderate: opennlp-1.9.5-1.1 on GA media
- openSUSE-SU-2026:11280-1: moderate: nm-configurator-0.3.5-2.1 on GA media
- openSUSE-SU-2026:11278-1: moderate: hostapd-2.11-4.1 on GA media
- openSUSE-SU-2026:11282-1: moderate: perl-Mojolicious-9.480.0-1.1 on GA media
- openSUSE-SU-2026:11276-1: moderate: gpsd-3.27.5-3.1 on GA media
- openSUSE-SU-2026:11275-1: moderate: aws-nitro-enclaves-binaryblobs-upstream-1.4.5~git0.18a5f6f-1.1 on GA media
- openSUSE-SU-2026:11277-1: moderate: grafana-12.4.5-1.1 on GA media
- openSUSE-SU-2026:11274-1: moderate: agama-22+398.d23cf880d-49.1 on GA media
- openSUSE-SU-2026:21359-1: important: Security update for gimp
- openSUSE-SU-2026:21360-1: important: Security update for hostapd
- SUSE-SU-2026:3076-1: moderate: Security update for libssh2_org
- SUSE-SU-2026:3084-1: moderate: Security update for python-Pillow
- SUSE-SU-2026:3086-1: important: Security update for python-python-socketio
- SUSE-SU-2026:3085-1: important: Security update for python-python-engineio
- SUSE-SU-2026:3087-1: moderate: Security update for tomcat11
- SUSE-SU-2026:3089-1: important: Security update for the Linux Kernel
- SUSE-SU-2026:3093-1: moderate: Security update for python-paramiko
- SUSE-SU-2026:3094-1: moderate: Security update for openssl-3
- SUSE-SU-2026:3095-1: important: Security update for libxml2
- SUSE-SU-2026:3096-1: important: Security update for libxml2
- openSUSE-SU-2026:21363-1: critical: Security update for chromium
- openSUSE-SU-2026:11286-1: moderate: python315-3.15.0~b3-2.1 on GA media
- openSUSE-SU-2026:11283-1: moderate: python313-Pillow-12.3.0-2.1 on GA media
- openSUSE-SU-2026:0250-1: important: Security update for opam
- SUSE-SU-2026:3102-1: important: Security update for go1.26-openssl
- SUSE-SU-2026:3104-1: important: Security update for python311
- SUSE-SU-2026:3105-1: important: Security update for php-composer2
- SUSE-SU-2026:3110-1: important: Security update for mariadb-connector-c
- openSUSE-SU-2026:11297-1: moderate: oras-1.3.3-2.1 on GA media
- openSUSE-SU-2026:11295-1: moderate: nginx-1.31.3-1.1 on GA media
- openSUSE-SU-2026:11290-1: moderate: gomuks-26.03+git.1780250926.564a8707-1.1 on GA media
- openSUSE-SU-2026:11288-1: moderate: blender-5.2-5.2.0-1.1 on GA media
Ubuntu Linux
Ubuntu released a series of security patches throughout July 2026 to address critical vulnerabilities across core system utilities and libraries. The initial update fixed privilege escalation risks in cifs-utils, buffer handling flaws in libexif and libssh2, and security bypass issues in OpenSSH. A later announcement on July 14 delivered nine advisories targeting httplib2, MariaDB, OpenVPN, Vim, and Wget while patching network and database components. Ubuntu simultaneously deployed kernel updates for AWS, Google Cloud, Raspberry Pi, and standard hardware alongside seventeen fixes for ubuntu-advantage-tools, NTFS-3G, Ruby, Tar, and Authlib.
- [USN-8496-3] cifs-utils vulnerability
- [USN-8531-1] libexif vulnerabilities
- [USN-8532-1] libssh2 vulnerabilities
- [USN-8533-1] OpenSSH vulnerabilities
- [USN-8534-1] LibreOffice vulnerabilities
- [USN-8535-1] PipeWire vulnerabilities
- [USN-8537-1] httplib2 vulnerability
- [USN-8536-1] MariaDB vulnerabilities
- [USN-8538-1] alsa-lib vulnerability
- [USN-8540-1] OpenVPN vulnerabilities
- [USN-8539-1] GnuTLS vulnerabilities
- [USN-8542-1] Dnsmasq vulnerabilities
- [USN-8541-1] Vim vulnerabilities
- [USN-8526-2] libheif vulnerabilities
- [USN-8543-1] Wget vulnerabilities
- [USN-8548-1] Linux kernel vulnerabilities
- [USN-8547-1] Linux kernel vulnerabilities
- [USN-8546-1] Linux kernel (Raspberry Pi) vulnerabilities
- [USN-8545-1] Linux kernel (HWE) vulnerabilities
- [USN-8544-1] LuaJIT vulnerabilities
- [USN-8550-1] libslirp vulnerability
- [USN-8549-1] idna vulnerability
- [USN-8552-1] Sympa vulnerability
- [USN-8551-1] Tomcat vulnerabilities
- [USN-8553-1] .NET vulnerabilities
- [USN-8555-1] Ubuntu Advantage Tools (pro client) vulnerabilities
- [USN-8554-1] NTFS-3G vulnerabilities
- [USN-8556-1] Ruby vulnerabilities
- [USN-8477-2] tar regression
- [USN-8557-1] Authlib vulnerabilities
How to apply these Linux security updates
Before running any update commands, check which services are currently active on your system. If Nginx or Apache is handling live traffic, schedule a brief maintenance window or use rolling restarts to minimize downtime during the patching process. Desktop users can usually apply these fixes by opening a terminal and running the standard package manager command for their distribution followed by an upgrade flag. A reboot will be necessary if the kernel received updates to ensure the new security modules load correctly.
Power users who rely on command-line tools like jq should verify the patch level after installation. Regression bugs can occasionally break scripts that depend on specific JSON parsing behavior, so a quick test run is worth the few minutes it takes. If you use PackageKit or other GUI package managers and prefer to skip them because they sometimes hang or try to install junk, do not let that stop you from running the command-line equivalent to get these critical patches applied.
Applying these patches requires distribution-specific package management commands. RHEL-based systems typically use dnf update or yum update, while Debian and Ubuntu rely on apt upgrade. SUSE users should run zypper patch to properly address all security advisories, and Slackware administrators can manage updates with upgradepkg or slackpkg. After executing the commands, a reboot is usually necessary for kernel changes to take effect. Finally, review your package manager’s logs to verify that all patches installed successfully and no dependencies were disrupted.
Debian/Ubuntu (apt)
The first thing to do is refresh the local package index; running sudo apt update contacts all configured repositories and pulls in the newest lists of available versions. Skipping this step leaves the system blind to any recent uploads, which explains why “upgrade” sometimes claims there’s nothing to do even after a security advisory has been published. Once the index is current, invoke sudo apt upgrade -y; the -y flag answers every prompt automatically so the process doesn’t pause for user input. This command upgrades all installed packages that have newer versions in the repositories while preserving configuration files.
sudo apt update sudo apt upgrade -y
Fedora/RedHat/Rocky/Alma/Oracle (dnf or yum)
On modern Fedora and recent Red Hat derivatives, dnf is the package manager; older RHEL releases still rely on yum. Begin with a check‑update operation—sudo dnf check-update or sudo yum check-update—to see exactly which packages are awaiting an upgrade. This preview step can be useful for spotting unexpected kernel bumps before they land. To actually apply the updates, run sudo dnf upgrade -y (or sudo yum update if you prefer the older tool). The upgrade command pulls down the new binaries and runs any necessary post‑install scripts, such as rebuilding initramfs when a kernel changes.
sudo dnf check-update sudo dnf upgrade -y
or on older releases
sudo yum check-update sudo yum update
SUSE (zypper)
SUSE’s command line front‑end is called zypper. First execute sudo zypper refresh so that the metadata for all enabled repos gets updated; without this, zypper will happily report “No updates available” even though newer packages sit on the mirror. After a fresh refresh, issue sudo zypper update -y; this upgrades every package to the latest version in the configured repositories and automatically handles service restarts when required.
sudo zypper refresh sudo zypper update -y
Slackware (slackpkg and pkgtool)
Slackware doesn’t have a single unified updater, but the official way to pull updates is through slackpkg. Start with sudo slackpkg update to download the newest package list from the chosen mirror. Then run sudo slackpkg upgrade-all; this command walks through each installed package and replaces it with the most recent build available in the official repository. For users who prefer a more granular approach, specifying a package name after upgrade limits the operation to that single item. When dealing with community‑maintained repositories, pkgtool takes over: a combined sudo pkgtool update && sudo pkgtool upgrade will sync and apply updates from the mirrors listed in /etc/slackpkg/mirrors.
sudo slackpkg update sudo slackpkg upgrade-all
