Several Linux distributions have received security updates over the past week to address various vulnerabilities in their packages. These updates aim to protect users from potential threats by fixing identified issues such as information disclosure, denial-of-service attacks, and arbitrary code execution. The affected distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
AlmaLinux
AlmaLinux has received several security updates addressing vulnerabilities in various packages. Three security updates have been released for AlmaLinux 8 and 9, which include a major update that fixes 15 issues in WebKitGTK3. Additionally, separate security updates have been made available for AlmaLinux 10 and 8 to address kernel vulnerabilities. Other notable updates include important security patches for Wireshark and Firefox, as well as moderate updates for MySQL versions, Luksmeta, Grafana, and Libsoup3.
- ALSA-2025:22790: webkit2gtk3 security update (Important)
- ALSA-2025:22405: kernel security update (Moderate)
- ALSA-2025:22789: webkit2gtk3 security update (Important)
- ALSA-2025:22800: kernel-rt security update (Moderate)
- ALSA-2025:22801: kernel security update (Moderate)
- ALSA-2025:22854: kernel security update (Moderate)
- ALSA-2025:22760: abrt security update (Important)
- ALSA-2025:23142: wireshark security update (Important)
- ALSA-2025:23034: firefox security update (Important)
- ALSA-2025:23109: mysql security update (Moderate)
- ALSA-2025:23134: mysql:8.0 security update (Moderate)
- ALSA-2025:23137: mysql:8.4 security update (Moderate)
- ALSA-2025:23086: luksmeta security update (Moderate)
- ALSA-2025:23128: firefox security update (Important)
- ALSA-2025:23048: tomcat security update (Important)
- ALSA-2025:23088: grafana security update (Moderate)
- ALSA-2025:23139: libsoup3 security update (Moderate)
- ALSA-2025:23083: wireshark security update (Important)
- ALSA-2025:23035: firefox security update (Important)
- ALSA-2025:23008: mysql8.4 security update (Moderate)
Debian GNU/Linux
Several Debian packages, including libpng1.6, ffmpeg, LASSO library, and WordPress, have received security updates to address multiple vulnerabilities that could lead to information disclosure or denial of service. The updates fix issues such as out-of-bounds reads, heap corruption, buffer overflows, and cross-site scripting. Other affected packages include libsoup2.4, webkit2gtk, LibSSH, pdns-recursor, libsndfile, Firefox ESR, tzdata, Kernel, Thunderbird, and Chromium, with vulnerabilities that could result in sensitive system information exfiltration, denial-of-service attacks, or potentially arbitrary code execution. These security updates aim to protect Debian users from various threats by fixing the identified vulnerabilities.
- ELA-1589-1 libpng1.6 security update
- [DLA 4396-1] libpng1.6 security update
- [DSA 6073-1] ffmpeg security update
- [DLA 4397-1] lasso security update
- ELA-1590-1 lasso security update
- [DLA 4398-1] libsoup2.4 security update
- [DSA 6075-1] wordpress security update
- [DSA 6074-1] webkit2gtk security update
- ELA-1592-1 libssh security update
- ELA-1591-1 libssh security update
- [DLA 4399-1] webkit2gtk security update
- [DLA 4400-1] rear security update
- [DSA 6079-1] ffmpeg security update
- [DSA 6076-1] libpng1.6 security update
- [DSA 6078-1] firefox-esr security update
- [DSA 6077-1] pdns-recursor security update
- ELA-1593-1 libsoup2.4 security update
- [DLA 4402-1] libsndfile security update
- [DLA 4401-1] firefox-esr security update
- ELA-1594-1 tzdata new timezone database
- [DLA 4403-1] tzdata new timezone database
- [DLA 4404-1] linux security update
- [DLA 4405-1] thunderbird security update
- [DSA 6080-1] chromium security update
- ELA-1595-1 linux-5.10 security update
Fedora Linux
Fedora has released several package updates to address security vulnerabilities across various versions of the operating system. The updates include changes to abrt, MinGW-LibPNG, lunasvg, python3, imhex, tinyproxy, and perl-CGI-Simple among others. Additionally, multiple Fedora versions have received security fixes for popular packages like httpd, wireshark, singularity-ce, brotli, and dr_libs. These updates aim to patch security vulnerabilities, with some also including upstream patches to address potential issues in these packages.
- Fedora 41 Update: abrt-2.17.8-1.fc41
- Fedora 42 Update: mingw-libpng-1.6.51-1.fc42
- Fedora 43 Update: mingw-libpng-1.6.51-1.fc43
- Fedora 43 Update: lunasvg-3.5.0-1.fc43
- Fedora 43 Update: imhex-1.37.4-3.fc43
- Fedora 43 Update: python3.14-3.14.2-1.fc43
- Fedora 43 Update: python3-docs-3.14.2-1.fc43
- Fedora 42 Update: lunasvg-3.5.0-1.fc42
- Fedora 42 Update: libwebsockets-4.3.7-2.fc42
- Fedora 42 Update: imhex-1.37.4-3.fc42
- Fedora 42 Update: tinyproxy-1.11.2-5.fc42
- Fedora 42 Update: perl-CGI-Simple-1.282-1.fc42
- Fedora 43 Update: httpd-2.4.66-1.fc43
- Fedora 43 Update: perl-CGI-Simple-1.282-1.fc43
- Fedora 42 Update: yarnpkg-1.22.22-14.fc42
- Fedora 42 Update: wireshark-4.6.1-1.fc42
- Fedora 42 Update: singularity-ce-4.3.5-1.fc42
- Fedora 43 Update: brotli-1.2.0-1.fc43
- Fedora 43 Update: dr_libs-0^20251201.877b096-1.fc43
- Fedora 43 Update: perl-Alien-Brotli-0.2.2-11.fc43
- Fedora 43 Update: python-urllib3-2.6.1-1.fc43
- Fedora 43 Update: wireshark-4.6.1-1.fc43
- Fedora 43 Update: yarnpkg-1.22.22-14.fc43
- Fedora 43 Update: singularity-ce-4.3.5-1.fc43
- Fedora 43 Update: apptainer-1.4.5-2.fc43
- Fedora 42 Update: apptainer-1.4.5-2.fc42
- Fedora 42 Update: xkbcomp-1.5.0-1.fc42
- Fedora 43 Update: golangci-lint-2.7.1-1.fc43
- Fedora 43 Update: libpng-1.6.53-1.fc43
Oracle Linux
Oracle Linux has received several security updates across various versions. The updates include bug fixes and enhancements for nodejs24 on Oracle Linux 10, as well as RPM bug fixes. Additionally, the platform has seen patches for Ruby, libsoup3, Wireshark in Oracle Linux 10, and bug fix updates for PCP in Oracle Linux versions 8 and 9. Kernel security updates have also been released to address vulnerabilities in various components such as Tomcat, Firefox, MySQL, and more.
- ELSA-2025-22395 Moderate: Oracle Linux 10 kernel security update
- ELSA-2025-21931 Moderate: Oracle Linux 10 kernel security update
- ELEA-2025-20999 Oracle Linux 10 nodejs24 bug fix and enhancement update
- ELBA-2025-28039 Oracle Linux 10 rpm bug fix update
- ELSA-2025-22790 Important: Oracle Linux 9 webkit2gtk3 security update
- ELSA-2025-22801 Moderate: Oracle Linux 8 kernel security update
- ELSA-2025-22789 Important: Oracle Linux 8 webkit2gtk3 security update
- ELSA-2025-22760 Important: Oracle Linux 8 abrt security update
- ELSA-2025-22668 Moderate: Oracle Linux 8 go-toolset:rhel8 security update
- ELSA-2025-19847 Important: Oracle Linux 7 sssd security update
- ELSA-2025-28040 Important: Unbreakable Enterprise kernel security update
- ELSA-2025-23052 Important: Oracle Linux 10 tomcat9 security update
- ELSA-2025-23035 Important: Oracle Linux 10 firefox security update
- ELSA-2025-23008 Moderate: Oracle Linux 10 mysql8.4 security update
- ELSA-2025-22854 Moderate: Oracle Linux 10 kernel security update
- ELBA-2025-22956 Oracle Linux 10 .NET 10.0 bug fix and enhancement update
- ELSA-2025-28040 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
- ELBA-2025-22801-1 Oracle Linux 8 kernel bug fix update
- ELSA-2025-23049 Important: Oracle Linux 9 tomcat security update
- ELSA-2025-23034 Important: Oracle Linux 9 firefox security update
- ELSA-2025-22865 Moderate: Oracle Linux 9 kernel security update
- ELBA-2025-22967 Oracle Linux 9 .NET 10.0 bug fix and enhancement update
- ELBA-2025-28042 Oracle Linux 9 passt bug fix update
- ELBA-2025-22968 Oracle Linux 8 .NET 10.0 bug fix and enhancement update
- ELSA-2025-23048 Important: Oracle Linux 8 tomcat security update
- ELBA-2025-22795 Oracle Linux 8 glibc bug fix and enhancement update
- ELSA-2025-22096 Important: Oracle Linux 7 tigervnc security update
- ELSA-2025-21657 Important: Oracle Linux 7 libsoup security update
- ELSA-2025-23141 Moderate: Oracle Linux 10 ruby security update
- ELSA-2025-23139 Moderate: Oracle Linux 10 libsoup3 security update
- ELSA-2025-23088 Moderate: Oracle Linux 10 grafana security update
- ELSA-2025-23083 Important: Oracle Linux 10 wireshark security update
- ELSA-2025-23050 Important: Oracle Linux 10 tomcat security update
- ELBA-2025-28044 Oracle Linux 10 pcp bug fix update
- ELSA-2025-23087 Moderate: Oracle Linux 9 grafana security update
- ELBA-2025-28045 Oracle Linux 9 pcp bug fix update
- ELSA-2025-23128 Important: Oracle Linux 8 firefox security update
- ELSA-2025-23086 Moderate: Oracle Linux 8 luksmeta security update
- ELSA-2025-23062 Moderate: Oracle Linux 8 ruby:3.3 security update
- ELBA-2025-28046 Oracle Linux 8 pcp bug fix update
- ELSA-2025-21404 Critical: Oracle Linux 7 lasso security update
Red Hat Enterprise Linux
Red Hat has released several security updates for its Enterprise Linux versions. These updates address vulnerabilities in various packages, including the kernel, Webkit2GTK3, OpenSSL, GIMP, Ghostscript, Tomcat, Firefox, LibSSH, PostgreSQL, and others. The specific packages that have received updates vary depending on the version of Red Hat Enterprise Linux being used, with some updates available for RHEL 8, RHEL 10, or other versions. These security updates aim to improve the overall security of the system by addressing known vulnerabilities.
- RHSA-2025:22801: Moderate: kernel security update
- RHSA-2025:22800: Moderate: kernel-rt security update
- RHSA-2025:22790: Important: webkit2gtk3 security update
- RHSA-2025:22789: Important: webkit2gtk3 security update
- RHSA-2025:22794: Moderate: openssl security update
- RHSA-2025:22791: Important: thunderbird security update
- RHSA-2025:22792: Important: thunderbird security update
- RHSA-2025:22914: Moderate: kernel-rt security update
- RHSA-2025:22910: Moderate: kernel security update
- RHSA-2025:22865: Moderate: kernel security update
- RHSA-2025:22854: Moderate: kernel security update
- RHSA-2025:22866: Important: gimp security update
- RHSA-2025:22869: Moderate: ghostscript security update
- RHSA-2025:22871: Important: expat security update
- RHSA-2025:22899: Moderate: golang security update
- RHSA-2025:22883: Important: thunderbird security update
- RHSA-2025:22882: Important: thunderbird security update
- RHSA-2025:22802: Moderate: kernel security update
- RHSA-2025:22842: Important: expat security update
- RHSA-2025:23002: Moderate: grafana security update
- RHSA-2025:23000: Moderate: kernel security update
- RHSA-2025:22996: Moderate: kernel security update
- RHSA-2025:22999: Moderate: kernel security update
- RHSA-2025:22998: Moderate: kernel security update
- RHSA-2025:23001: Moderate: grafana security update
- RHSA-2025:22995: Moderate: kernel-rt security update
- RHSA-2025:22997: Moderate: kernel-rt security update
- RHSA-2025:22982: Important: python-kdcproxy security update
- RHSA-2025:22969: Important: Red Hat OpenStack Platform 17.1 (libwebsockets) security update
- RHSA-2025:22925: Important: Red Hat JBoss Web Server 5.8.6 release and security update
- RHSA-2025:22924: Important: Red Hat JBoss Web Server 5.8.6 release and security update
- RHSA-2025:23050: Important: tomcat security update
- RHSA-2025:23052: Important: tomcat9 security update
- RHSA-2025:23051: Important: tomcat security update
- RHSA-2025:23034: Important: firefox security update
- RHSA-2025:23024: Moderate: libssh security update
- RHSA-2025:23022: Moderate: postgresql:15 security update
- RHSA-2025:23070: Important: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
- RHSA-2025:23069: Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
- RHSA-2025:23048: Important: tomcat security update
- RHSA-2025:23044: Important: tomcat security update
- RHSA-2025:23049: Important: tomcat security update
- RHSA-2025:23046: Important: tomcat security update
- RHSA-2025:23045: Important: tomcat security update
- RHSA-2025:23053: Important: tomcat9 security update
- RHSA-2025:23035: Important: firefox security update
- RHSA-2025:23008: Moderate: mysql8.4 security update
- RHSA-2025:23043: Moderate: curl security update
- RHSA-2025:23032: Important: abrt security update
- RHSA-2025:23033: Important: abrt security update
- RHSA-2025:23031: Important: abrt security update
- RHSA-2025:23030: Important: abrt security update
- RHSA-2025:23023: Moderate: postgresql:15 security update
- RHSA-2025:23009: Moderate: kernel security update
- RHSA-2025:23047: Important: tomcat security update
- RHSA-2025:22695: Moderate: OpenShift Container Platform 4.18.30 bug fix and security update
- RHSA-2025:23086: Moderate: luksmeta security update
- RHSA-2025:23087: Moderate: grafana security update
- RHSA-2025:23088: Moderate: grafana security update
- RHSA-2025:22724: Important: OpenShift Container Platform 4.16.54 bug fix and security update
- RHSA-2025:23083: Important: wireshark security update
- RHSA-2025:23110: Important: webkit2gtk3 security update
- RHSA-2025:23123: Moderate: libpq security update
- RHSA-2025:22732: Moderate: OpenShift Container Platform 4.14.60 bug fix and security update
- RHSA-2025:23128: Important: firefox security update
- RHSA-2025:23137: Moderate: mysql:8.4 security update
- RHSA-2025:23134: Moderate: mysql:8.0 security update
- RHSA-2025:23111: Moderate: mysql:8.4 security update
- RHSA-2025:23127: Moderate: curl security update
- RHSA-2025:23126: Moderate: curl security update
- RHSA-2025:23125: Moderate: curl security update
- RHSA-2025:23109: Moderate: mysql security update
- RHSA-2025:23124: Moderate: libpq security update
- RHSA-2025:23142: Important: wireshark security update
- RHSA-2025:23143: Critical: Red Hat Build of Apache Camel 4.14.2 for Spring Boot release.
- RHSA-2025:23140: Moderate: ruby:3.3 security update
- RHSA-2025:23139: Moderate: libsoup3 security update
Rocky Linux
Rocky Linux users have several security update options available. Updates include fixes for various packages such as webkit2gtk3, Firefox, Tomcat, Wireshark, MySQL, libsoup3, and Grafana to address critical vulnerabilities. These updates affect multiple versions of Rocky Linux, including 8, 9, and 10. The security updates can be found on the CVE website with Common Vulnerability Scoring System (CVSS) base scores for each affected package.
- RLSA-2025:22790: Important: webkit2gtk3 security update
- RLSA-2025:22789: Important: webkit2gtk3 security update
- RLSA-2023:2757: Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
- RLSA-2025:23035: Important: firefox security update
- RLSA-2025:23034: Important: firefox security update
- RLSA-2025:23049: Important: tomcat security update
- RLSA-2025:23087: Moderate: grafana security update
- RLSA-2025:23050: Important: tomcat security update
- RLSA-2025:23083: Important: wireshark security update
- RLSA-2025:23052: Important: tomcat9 security update
- RLSA-2025:23008: Moderate: mysql8.4 security update
- RLSA-2025:23111: Moderate: mysql:8.4 security update
- RLSA-2025:23109: Moderate: mysql security update
- RLSA-2025:23128: Important: firefox security update
- RLSA-2025:23137: Moderate: mysql:8.4 security update
- RLSA-2025:23134: Moderate: mysql:8.0 security update
- RLSA-2025:23139: Moderate: libsoup3 security update
- RLSA-2025:23088: Moderate: grafana security update
- RLSA-2025:22865: Moderate: kernel security update
- RLSA-2025:23142: Important: wireshark security update
- RLSA-2025:22800: Moderate: kernel-rt security update
- RLSA-2025:23048: Important: tomcat security update
- RLSA-2025:23086: Moderate: luksmeta security update
- RLSA-2025:22801: Moderate: kernel security update
- RLSA-2025:23134: Moderate: mysql:8.0 security update
- RLSA-2025:23137: Moderate: mysql:8.4 security update
Slackware Linux
Mozilla Firefox has released updated packages to address security issues in Slackware 15.0 and -current, which can be found on the official Mozilla website. These updates include both security fixes and improvements to ensure a safer browsing experience. Similarly, new Thunderbird packages are available for Slackware 15.0 and -current, version 140.6.0esr, aimed at addressing security issues with included security fixes and enhancements. Users of these operating systems can find the updated packages on the official Mozilla website or through the provided links.
SUSE Linux
Several security updates have been released for SUSE Linux, addressing vulnerabilities in various packages. These updates include fixes for gnutls, postgresql13, gimp, and other essential packages that are critical to patch. Additionally, updates are available for Go, Python, Fontforge, and more, while others target specific versions of PostgreSQL and Libpoppler. Overall, these security updates aim to address potential vulnerabilities in SUSE Linux, ensuring the system's integrity and stability.
- SUSE-SU-2025:4323-1: moderate: Security update for gnutls
- SUSE-SU-2025:4325-1: important: Security update for postgresql13
- SUSE-SU-2025:4324-1: important: Security update for gimp
- SUSE-SU-2025:4335-1: important: Security update for gegl
- openSUSE-SU-2025:15801-1: moderate: libpng16-16-1.6.52-1.1 on GA media
- SUSE-SU-2025:4337-1: important: Security update for go1.24
- SUSE-SU-2025:4336-1: important: Security update for go1.25
- SUSE-SU-2025:4352-1: low: Security update for python310
- SUSE-SU-2025:4353-1: low: Security update for fontforge
- openSUSE-SU-2025:0465-1: important: Security update for python-Django
- SUSE-SU-2025:4347-1: moderate: Security update for glib2
- openSUSE-SU-2025:15804-1: moderate: nvidia-open-driver-G07-signed-check-590.44.01-1.1 on GA media
- openSUSE-SU-2025:15803-1: moderate: krb5-1.22.1-1.1 on GA media
- openSUSE-SU-2025:15805-1: moderate: python311-Django-5.2.9-1.1 on GA media
- SUSE-SU-2025:4363-1: important: Security update for postgresql17, postgresql18
- SUSE-SU-2025:4364-1: important: Security update for postgresql17, postgresql18
- openSUSE-SU-2025:15812-1: moderate: libpoppler-cpp2-25.09.1-4.1 on GA media
- SUSE-SU-2025:4368-1: low: Security update for python3
- SUSE-SU-2025:4371-1: important: Security update for postgresql14
- SUSE-SU-2025:4380-1: important: Security update for kubernetes-client
- SUSE-SU-2025:4381-1: important: Security update for kubernetes-client
- openSUSE-SU-2025:15814-1: moderate: MozillaThunderbird-140.6.0-1.1 on GA media
- openSUSE-SU-2025:15815-1: moderate: xkbcomp-1.5.0-1.1 on GA media
- openSUSE-SU-2025:15813-1: moderate: MozillaFirefox-146.0-1.1 on GA media
- SUSE-SU-2025:4388-1: important: Security update for postgresql16
- SUSE-SU-2025:4384-1: important: Security update for python-Django
- SUSE-SU-2025:4389-1: low: Security update for python
- SUSE-SU-2025:4390-1: moderate: Security update for rhino
- openSUSE-SU-2025-20153-1: important: Security update for python-Django
- openSUSE-SU-2025-20150-1: important: Security update for binutils
- openSUSE-SU-2025:15818-1: moderate: pgadmin4-9.11-1.1 on GA media
Ubuntu Linux
Ubuntu has released several security updates to address vulnerabilities in its system. These updates include fixes for WebKitGTK, which could allow attackers to execute code or cause denial-of-service attacks, as well as Radare2, python-apt, and Netty, which had issues such as memory leaks and crashing when opening specially crafted files. In addition to these, Ubuntu has also released security notices for GNU binutils, libpng, Qt, and the Linux kernel, addressing various vulnerabilities in each of these packages. The updates also include fixes for the Linux kernel affecting Ubuntu LTS releases, including 18.04, 16.04, and 14.04, which corrected vulnerabilities in several subsystems.
- [USN-7914-1] WebKitGTK vulnerabilities
- [USN-7412-3] GnuPG vulnerability
- [USN-7915-1] Radare2 vulnerabilities
- [USN-7916-1] python-apt vulnerability
- [USN-7918-1] Netty vulnerabilities
- [USN-7917-1] fontTools vulnerabilities
- [USN-7919-1] GNU binutils vulnerabilities
- [USN-7924-1] libpng vulnerabilities
- [USN-7923-1] Qt vulnerability
- [USN-7921-1] Linux kernel vulnerabilities
- [USN-7922-1] Linux kernel vulnerabilities
- [USN-7920-1] Linux kernel vulnerabilities
- [USN-7922-2] Linux kernel (FIPS) vulnerabilities
- [USN-7925-1] c-ares vulnerability
- [USN-7889-6] Linux kernel vulnerabilities
- [USN-7906-3] Linux kernel (Raspberry Pi) vulnerabilities
- [USN-7928-3] Linux kernel (Real-time) vulnerabilities
- [USN-7928-2] Linux kernel (FIPS) vulnerabilities
- [USN-7928-1] Linux kernel vulnerabilities
- [USN-7926-1] OpenStack Keystone vulnerabilities
- [USN-7927-1] urllib3 vulnerabilities
- [USN-7907-5] Linux kernel kernel vulnerabilities
