Here is a roundup of last week's security updates for various packages, including kernel, Firefox, Thunderbird, and PostgreSQL. These updates aim to fix issues such as memory leaks, denial-of-service attacks, arbitrary code execution, and use-after-free flaws to ensure system stability and prevent potential security risks. The distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
AlmaLinux
AlmaLinux has released security updates to address vulnerabilities in various packages, including kernel, firefox, aide, and mod_http2. The updates target memory leaks, denial-of-service attacks, and sandbox escapes for AlmaLinux users. Additionally, separate updates have been issued for AlmaLinux 8, covering packages such as Mozilla Thunderbird, fence-agents, kernel-rt, Firefox, python-cryptography, and aide. The security patches tackle multiple vulnerabilities across different packages, including PostgreSQL, Thunderbird, and Python, to ensure the stability of the system.
- ALSA-2025:14420: kernel security update (Important)
- ALSA-2025:14416: firefox security update (Important)
- ALSA-2025:14493: aide security update (Important)
- ALSA-2025:14592: aide security update (Important)
- ALSA-2025:14417: firefox security update (Important)
- ALSA-2025:14625: mod_http2 security update (Moderate)
- ALSA-2025:14743: thunderbird security update (Important)
- ALSA-2025:14750: fence-agents security update (Moderate)
- ALSA-2025:14439: kernel-rt security update (Moderate)
- ALSA-2025:14442: firefox security update (Important)
- ALSA-2025:14553: python-cryptography security update (Moderate)
- ALSA-2025:14573: aide security update (Important)
- ALSA-2025:14826: postgresql16 security update (Important)
- ALSA-2025:14844: thunderbird security update (Important)
- ALSA-2025:14640: thunderbird security update (Important)
- ALSA-2025:14827: postgresql:16 security update (Important)
- ALSA-2025:14878: postgresql security update (Important)
- ALSA-2025:14841: python3.11 security update (Moderate)
- ALSA-2025:14899: postgresql:16 security update (Important)
Debian GNU/Linux
Debian has released security updates to address vulnerabilities in various packages, including Thunderbird, iperf3, Unbound, Firebird, FFmpeg, luajit, Node-Cipher-Base, Chromium, UDisks2, GoLang-Github-Gin-Contrib-Cores, LibXML2, Node.js, OpenSSH, mbedtls, Firefox, and Apache. The updates aim to fix issues such as arbitrary code execution, heap buffer overflows, shell code injection, denial of service attacks, and use-after-free flaws. Debian 11 (Bullseye) LTS, Debian 12 (Bookworm), and Debian 13 (Trixie) are among the distributions that have received these security updates. Users are advised to update their systems to ensure they have the latest patches and prevent potential security risks.
- [DLA 4279-1] thunderbird security update
- [DSA 5984-1] thunderbird security update
- [DLA 4281-1] iperf3 security update
- [DLA 4280-1] unbound security update
- ELA-1505-1 iperf3 security update
- ELA-1504-1 unbound1.9 security update
- ELA-1503-1 unbound security update
- [DLA 4282-1] firebird3.0 security update
- ELA-1507-1 luajit security update
- ELA-1506-1 firebird3.0 security update
- [DLA 4283-1] luajit security update
- [DSA 5985-1] ffmpeg security update
- [DSA 5986-1] node-cipher-base security update
- [DSA 5988-1] chromium security update
- [DSA 5987-1] unbound security update
- [DSA 5989-1] udisks2 security update
- [DLA 4285-1] golang-github-gin-contrib-cors security
- [DLA 4284-1] udisks2 security update
- [DSA 5990-1] libxml2 security update
- [DSA 5991-1] nodejs security update
- ELA-1508-1 udisks2 security update
- ELA-1324-1 openssh security update
- [DLA 4274-2] mbedtls security update
- [DSA 5992-1] firebird4.0 security update
- ELA-1509-1 apache2 security update
Fedora Linux
Multiple security updates have been released for Fedora Linux, addressing issues in various packages. Python 3.13 has received an update to fix a significant issue with the SSL module and infinite loop when parsing a tarfile. Additionally, updates are available for Chromium, libtiff, Keylime-Agent-Rust, mod_auth_openidc, Firefox, and other packages, including fixes for vulnerabilities in these applications. These updates aim to improve the security of Fedora 41 and 42 distributions by addressing potential threats and bugs in various software packages.
- Fedora 42 Update: chromium-139.0.7258.138-1.fc42
- Fedora 41 Update: python3-docs-3.13.7-1.fc41
- Fedora 41 Update: python3.13-3.13.7-1.fc41
- Fedora 42 Update: libtiff-4.7.0-8.fc42
- Fedora 42 Update: keylime-agent-rust-0.2.8-1.fc42
- Fedora 41 Update: libtiff-4.6.0-6.fc41.2
- Fedora 41 Update: mod_auth_openidc-2.4.17.2-1.fc41
- Fedora 41 Update: chromium-139.0.7258.138-1.fc41
- Fedora 41 Update: firefox-142.0.1-1.fc41
- Fedora 42 Update: rocm-rpp-6.3.1-3.fc42
- Fedora 42 Update: cef-139.0.26^chromium139.0.7258.127-1.fc42
- Fedora 41 Update: chromium-139.0.7258.154-1.fc41
- Fedora 42 Update: udisks2-2.10.91-1.fc42
- Fedora 42 Update: docker-buildx-0.27.0-1.fc42
Oracle Linux
Oracle has released several security updates and bug fixes for its Linux distributions, including Oracle Linux 7, 8, 9, and 10. The updates address various vulnerabilities affecting packages such as Apache Tomcat, glibc, libxml2, Firefox, AIDE, kernel components, Python, mod_http2, Thunderbird, PostgreSQL, and more. Some specific updates include fixes for denial-of-service attacks, heap-use-after-free issues, improper output neutralization in the aide package, and untrusted input from clients in the mod_http2 module. The updates are intended to improve the security and stability of Oracle Linux systems, particularly for administrators who have not yet applied previous patches or upgrades.
- ELSA-2025-14179 Important: Oracle Linux 10 tomcat security update
- ELBA-2025-20535 Oracle Linux 8 sos bug fix update
- ELSA-2025-10219 Moderate: Oracle Linux 7 glibc security update
- ELSA-2025-13464 Important: Oracle Linux 7 libxml2 security update
- ELSA-2025-14493 Important: Oracle Linux 9 aide security update
- ELSA-2025-14417 Important: Oracle Linux 10 firefox security update
- ELSA-2025-14416 Important: Oracle Linux 9 firefox security update
- ELSA-2025-14442 Important: Oracle Linux 8 firefox security update
- ELSA-2025-14573 Important: Oracle Linux 8 aide security update
- ELSA-2025-14560 Moderate: Oracle Linux 8 python3 security update
- ELBA-2025-14542 Oracle Linux 8 fence-agents bug fix and enhancement update
- ELSA-2025-14557 Important: Oracle Linux 8 pam security update
- ELSA-2025-14553 Moderate: Oracle Linux 8 python-cryptography security update
- ELSA-2025-14546 Moderate: Oracle Linux 8 python3.12 security update
- ELSA-2025-14126 Important: Oracle Linux 8 pki-deps:10.6 security update
- ELBA-2025-14559 Oracle Linux 8 opencryptoki bug fix and enhancement update
- ELBA-2025-14556 Oracle Linux 8 tar bug fix and enhancement update
- ELBA-2025-14541 Oracle Linux 8 edk2 bug fix update
- ELBA-2025-14554 Oracle Linux 8 sudo bug fix and enhancement update
- ELBA-2025-14545 Oracle Linux 8 idm:DL1 bug fix and enhancement update
- ELBA-2025-14551 Oracle Linux 8 which bug fix and enhancement update
- ELBA-2025-14550 Oracle Linux 8 dbus bug fix and enhancement update
- ELSA-2025-14420 Important: Oracle Linux 9 kernel security update
- ELSA-2025-14592 Important: Oracle Linux 10 aide security update
- ELSA-2025-14625 Moderate: Oracle Linux 10 mod_http2 security update
- ELSA-2025-14640 Important: Oracle Linux 9 thunderbird security update
- ELBA-2025-14438-1 Oracle Linux 8 kernel bug fix update
- ELBA-2025-14549 Oracle Linux 8 gcc bug fix and enhancement update
- ELSA-2025-14510 Important: Oracle Linux 10 kernel security update
- ELBA-2025-20539 Oracle Linux 9 leapp-repository bug fix update
- ELSA-2025-14750 Moderate: Oracle Linux 8 fence-agents security update
- ELBA-2025-14552 Oracle Linux 8 bash bug fix and enhancement update
- ELSA-2025-14438 Moderate: Oracle Linux 8 kernel security update
- ELBA-2025-14561 Oracle Linux 8 NetworkManager bug fix and enhancement update
- ELBA-2025-14558 Oracle Linux 8 libxslt bug fix and enhancement update
- ELBA-2025-14543 Oracle Linux 8 pacemaker bug fix and enhancement update
- ELSA-2025-14826 Important: Oracle Linux 10 postgresql16 security update
- ELSA-2025-14827 Important: Oracle Linux 9 postgresql:16 security update
- ELSA-2025-14841 Moderate: Oracle Linux 8 python3.11 security update
- ELSA-2025-14743 Important: Oracle Linux 8 thunderbird security update
- ELBA-2025-14544 Oracle Linux 8 osbuild-composer bug fix and enhancement update
- ELBA-2025-20523 Oracle Linux 8 oVirt 4.5 ovirt-engine bug fix update
- ELBA-2025-20529 Oracle Linux 9 oracle-common-release bug fix update
- ELSA-2025-14899 Important: Oracle Linux 8 postgresql:16 security update
Red Hat Enterprise Linux
Red Hat has released several security updates to address vulnerabilities in various packages. The affected packages include squid, webkit2gtk3, firefox, kernel components, aide, gdk-pixbuf2, kpatch-patch, ansible, thunderbird, and mod_http2 among others. These updates have been rated by Red Hat Product Security as having a security impact ranging from Moderate to Important, with some providing additional details through CVSS base scores. Red Hat Product Security has received critical security updates for multiple versions of RHEL, including 7, 8, and 9, to ensure system stability and security.
- RHSA-2025:14414: Important: squid security update
- RHSA-2025:14432: Important: webkit2gtk3 security update
- RHSA-2025:14421: Important: webkit2gtk3 security update
- RHSA-2025:14420: Important: kernel security update
- RHSA-2025:14416: Important: firefox security update
- RHSA-2025:14417: Important: firefox security update
- RHSA-2025:14418: Important: kernel security update
- RHSA-2025:14413: Important: kernel security update
- RHSA-2025:14442: Important: firefox security update
- RHSA-2025:14438: Moderate: kernel security update
- RHSA-2025:14439: Moderate: kernel-rt security update
- RHSA-2025:14433: Important: webkit2gtk3 security update
- RHSA-2025:14434: Important: webkit2gtk3 security update
- RHSA-2025:14423: Important: webkit2gtk3 security update
- RHSA-2025:14422: Important: webkit2gtk3 security update
- RHSA-2025:14497: Important: kpatch-patch-5_14_0-570_17_1 security update
- RHSA-2025:14493: Important: aide security update
- RHSA-2025:14486: Important: webkit2gtk3 security update
- RHSA-2025:14510: Important: kernel security update
- RHSA-2025:14511: Important: kernel security update
- RHSA-2025:14525: Important: libarchive security update
- RHSA-2025:14560: Moderate: python3 security update
- RHSA-2025:14557: Important: pam security update
- RHSA-2025:14546: Moderate: python3.12 security update
- RHSA-2025:14553: Moderate: python-cryptography security update
- RHSA-2025:14528: Important: libarchive security update
- RHSA-2025:14576: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14575: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14573: Important: aide security update
- RHSA-2025:14599: Important: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 sec ...
- RHSA-2025:14592: Important: aide security update
- RHSA-2025:14574: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14686: Moderate: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
- RHSA-2025:14683: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14647: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14646: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14640: Important: thunderbird security update
- RHSA-2025:14625: Moderate: mod_http2 security update
- RHSA-2025:14618: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14585: Moderate: gdk-pixbuf2 security update
- RHSA-2025:14696: Important: kernel security update
- RHSA-2025:14691: Important: kernel-rt security update
- RHSA-2025:14750: Moderate: fence-agents security update
- RHSA-2025:14749: Important: kernel-rt security update
- RHSA-2025:14743: Important: thunderbird security update
- RHSA-2025:14744: Important: kernel security update
- RHSA-2025:14746: Important: kernel-rt security update
- RHSA-2025:14742: Important: kernel security update
- RHSA-2025:14692: Important: kernel security update
- RHSA-2025:14396: Important: OpenShift Container Platform 4.15.57 bug fix and security update
- RHSA-2025:14059: Important: OpenShift Container Platform 4.17.38 bug fix and security update
- RHSA-2025:14748: Important: kernel security update
- RHSA-2025:14828: Important: libarchive security update
- RHSA-2025:14827: Important: postgresql:16 security update
- RHSA-2025:14826: Important: postgresql16 security update
- RHSA-2025:14862: Important: postgresql:15 security update
- RHSA-2025:14841: Moderate: python3.11 security update
- RHSA-2025:14811: Important: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, and kpatch-patch-5_14_0-427_68_2 secur ...
- RHSA-2025:14810: Important: libarchive security update
- RHSA-2025:14808: Important: libarchive security update
- RHSA-2025:14878: Important: postgresql security update
- RHSA-2025:14870: Important: postgresql security update
- RHSA-2025:14869: Important: postgresql security update
- RHSA-2025:14844: Important: thunderbird security update
- RHSA-2025:14900: Moderate: python39:3.9 security update
- RHSA-2025:14903: Moderate: httpd security update
- RHSA-2025:14902: Moderate: httpd security update
- RHSA-2025:14911: Important: Red Hat Build of Apache Camel 4.10.6 for Spring Boot release.
- RHSA-2025:14899: Important: postgresql:16 security update
- RHSA-2025:14901: Moderate: httpd security update
Slackware Linux
A security issue has been fixed in the udisks2 packages for Slackware 15.0 and -current. This fix prevents an attacker from causing the UDisks daemon to crash or performing a local privilege escalation by accessing files owned by privileged users. The update is intended to enhance system security on these versions of Slackware. Users are advised to consider installing this updated version of udisks2 for improved protection.
SUSE Linux
Several security updates have been released for various SUSE Linux packages, including the Linux Kernel, proftpd, PувавсяAM, cmake3, FFmpeg, Python, Tomcat, Kubernetes, and more. These updates aim to protect users against potential security threats by addressing vulnerabilities ranging from low to important severity. Multiple packages, such as v2ray-core, PostgreSQL, Tomcat, and Git, have received significant or important updates to fix security issues. The updates can be accessed through the provided links for each package, ensuring that SUSE Linux systems remain secure and up-to-date.
- openSUSE-SU-2025:0314-1: moderate: Security update for go-sendxmpp
- SUSE-SU-2025:02969-1: important: Security update for the Linux Kernel
- openSUSE-SU-2025:0315-1: important: Security update for proftpd
- SUSE-SU-2025:02970-1: moderate: Security update for pam
- SUSE-SU-2025:02975-1: low: Security update for cmake3
- SUSE-SU-2025:02972-1: moderate: Security update for ffmpeg-4
- SUSE-SU-2025:02984-1: moderate: Security update for python311
- SUSE-SU-2025:02985-1: moderate: Security update for python-urllib3
- SUSE-SU-2025:02978-1: important: Security update for tomcat10
- SUSE-SU-2025:02979-1: important: Security update for tomcat11
- SUSE-SU-2025:02982-1: moderate: Security update for python312
- openSUSE-SU-2025:0318-1: important: Security update for minikube
- SUSE-SU-2025:02976-1: low: Security update for cmake3
- SUSE-SU-2025:02977-1: important: Security update for kubernetes1.18
- openSUSE-SU-2025:0322-1: important: Security update for v2ray-core
- openSUSE-SU-2025:0323-1: important: Security update for v2ray-core
- SUSE-SU-2025:02986-1: important: Security update for postgresql17
- openSUSE-SU-2025:15492-1: moderate: ucode-intel-20250812-1.1 on GA media
- openSUSE-SU-2025:15491-1: moderate: tomcat11-11.0.10-1.1 on GA media
- openSUSE-SU-2025:15489-1: moderate: tomcat-9.0.108-1.1 on GA media
- openSUSE-SU-2025:15488-1: moderate: cheat-4.4.2-2.1 on GA media
- openSUSE-SU-2025:15490-1: moderate: tomcat10-10.1.44-1.1 on GA media
- SUSE-SU-2025:02988-1: moderate: Security update for govulncheck-vulndb
- SUSE-SU-2025:02990-1: moderate: Security update for ffmpeg
- SUSE-SU-2025:02991-1: important: Security update for firebird
- SUSE-SU-2025:02992-1: important: Security update for tomcat11
- openSUSE-SU-2025:15493-1: moderate: matrix-synapse-1.137.0-1.1 on GA media
- openSUSE-SU-2025:15494-1: moderate: libmozjs-128-0-128.14.0-1.1 on GA media
- SUSE-SU-2025:02993-1: important: Security update for jetty-minimal
- SUSE-SU-2025:02996-1: important: Security update for the Linux Kernel
- SUSE-SU-2025:03001-1: moderate: Security update for ignition
- SUSE-SU-2025:03005-1: important: Security update for postgresql16
- SUSE-SU-2025:03006-1: important: Security update for tomcat10
- SUSE-SU-2025:03007-1: important: Security update for MozillaThunderbird
- SUSE-SU-2025:03008-1: important: Security update for MozillaFirefox
- openSUSE-SU-2025:15495-1: moderate: perl-Crypt-CBC-3.70.0-1.1 on GA media
- openSUSE-SU-2025:0326-1: important: Security update for chromium
- openSUSE-SU-2025:0327-1: important: Security update for chromium
- SUSE-SU-2025:03012-1: important: security update for git, git-lfs, obs-scm-bridge, python-PyYAML
- SUSE-SU-2025:03018-1: important: Security update for postgresql15
- SUSE-SU-2025:03019-1: important: Security update for postgresql14
- SUSE-SU-2025:03017-1: important: Security update for udisks2
- SUSE-SU-2025:03023-1: important: Security update for the Linux Kernel
- SUSE-SU-2025:03024-1: important: Security update for tomcat
- SUSE-SU-2025:03025-1: moderate: Security update for javamail
- openSUSE-SU-2025:15498-1: moderate: ImageMagick-7.1.2.2-2.1 on GA media
- openSUSE-SU-2025:15499-1: moderate: kea-3.0.1-1.1 on GA media
- openSUSE-SU-2025:15503-1: moderate: tailscale-1.86.5-1.1 on GA media
- openSUSE-SU-2025:0332-1: moderate: Security update for go-sendxmpp
Ubuntu Linux
Multiple security issues have been discovered in various packages, including Nginx, Linux kernel, Binutils, GStreamer, OpenLDAP, and Python, which affect different Ubuntu releases. The vulnerabilities include incorrect memory handling by the ngx_mail_smtp_module module in Nginx, use-after-free issues in the Linux kernel, and flaws in HID and media drivers subsystems. Ubuntu Security Notices have been issued to address these security issues, with updates available for various Ubuntu releases, including 14.04 LTS, 22.04 LTS, 24.04 LTS, and 25.04. The updates are intended to prevent the transmission of sensitive information over the network during SMTP authentication and fix other potential exploits.
- [USN-7715-1] nginx vulnerability
- [USN-7719-1] Linux kernel (Raspberry Pi Real-time) vulnerabilities
- [USN-7718-1] GNU binutils vulnerability
- [USN-7716-1] GStreamer Base Plugins vulnerabilities
- [USN-7717-1] GStreamer Good Plugins vulnerabilities
- [USN-7720-1] Linux kernel vulnerabilities
- [USN-7726-2] Linux kernel (Real-time) vulnerabilities
- [USN-7704-5] Linux kernel vulnerabilities
- [USN-7703-4] Linux kernel vulnerabilities
- [USN-7724-1] Linux kernel (OEM) vulnerabilities
- [USN-7722-1] Linux kernel vulnerability
- [USN-7721-1] Linux kernel (Azure) vulnerabilities
- [USN-7725-1] Linux kernel vulnerabilities
- [USN-7725-2] Linux kernel (Real-time) vulnerabilities
- [USN-7726-3] Linux kernel (FIPS) vulnerabilities
- [USN-7727-1] Linux kernel vulnerabilities
- [USN-7727-2] Linux kernel (FIPS) vulnerabilities
- [USN-7726-1] Linux kernel vulnerabilities
- [USN-7723-1] UDisks vulnerability
- [USN-7713-1] OpenLDAP vulnerabilities
- [USN-7710-2] Python 2.7 vulnerability
