Here is a roundup of last week's Linux security updates for Arch Linux, Debian GNU/Linux, Fedora Linux, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux.

Arch Linux

• [ASA-202503-1] exim: privilege escalation

Debian GNU/Linux

• [DSA 5884-1] libxslt security update
• [DSA 5885-1] webkit2gtk security update
• ELA-1355-1 lighttpd security update
• ELA-1354-1 ruby-rack security update
• [DLA 4089-1] libxslt security update
• [DLA 4090-1] ruby-rack security update
• [DLA 4091-1] nginx security update
• [DSA 5886-1] ruby-rack security update
• ELA-1357-1 clamav security update
• [DLA 4092-1] libcap2 security update
• [DSA 5887-1] exim4 security update
• [DSA 5888-1] ghostscript security update
• ELA-1356-1 python-django security update
• ELA-1357-1 clamav security update
• [DLA 4093-1] opensaml security update
• [DLA 4094-1] mercurial security update
• ELA-1358-1 libxslt security update
• ELA-1359-1 ruby2.5 security update
• [DLA 4095-1] intel-microcode security update
• [DLA 4097-1] vim security update
• [DLA 4096-1] librabbitmq security update

Fedora Linux

• Fedora 40 Update: chromium-134.0.6998.117-1.fc40
• Fedora 41 Update: chromium-134.0.6998.117-1.fc41
• Fedora 41 Update: golang-github-openprinting-ipp-usb-0.9.30-1.fc41
• Fedora 41 Update: OpenIPMI-2.0.36-1.fc41
• Fedora 40 Update: python-jinja2-3.1.6-1.fc40
• Fedora 42 Update: chromium-134.0.6998.117-1.fc42
• Fedora 40 Update: expat-2.7.0-1.fc40
• Fedora 40 Update: libxslt-1.1.43-1.fc40
• Fedora 42 Update: augeas-1.14.2-0.4.20250324git4dffa3d.fc42
• Fedora 42 Update: mingw-libxslt-1.1.43-1.fc42
• Fedora 42 Update: nodejs-nodemon-3.1.9-4.fc42
• Fedora 40 Update: nodejs-nodemon-3.1.9-3.fc40
• Fedora 40 Update: libssh2-1.11.1-1.fc40
• Fedora 41 Update: webkitgtk-2.48.0-1.fc41
• Fedora 41 Update: containerd-1.7.27-1.fc41
• Fedora 41 Update: nodejs-nodemon-3.1.9-3.fc41
• Fedora 40 Update: libxml2-2.12.10-1.fc40
• Fedora 41 Update: augeas-1.14.2-0.4.20250324git4dffa3d.fc41

Red Hat Enterprise Linux

• RHSA-2025:3113: Important: fence-agents security update
• RHSA-2025:3112: Important: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_85_1 security update
• RHSA-2025:3108: Important: pcs security update
• RHSA-2025:3109: Important: pcs security update
• RHSA-2025:3123: Important: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
• RHSA-2025:3107: Important: libxslt security update
• RHSA-2025:3111: Important: fence-agents security update
• RHSA-2025:3128: Important: kernel security update
• RHSA-2025:3127: Important: kernel-rt security update
• RHSA-2025:3124: Important: Red Hat Ansible Automation Platform 2.4 Container Release Update
• RHSA-2025:3068: Moderate: OpenShift Container Platform 4.18.6 packages and security update
• RHSA-2025:3066: Important: OpenShift Container Platform 4.18.6 bug fix and security update
• RHSA-2025:3169: Important: libreoffice security update
• RHSA-2025:3165: Important: podman security update
• RHSA-2025:3160: Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
• RHSA-2025:3215: Important: kernel security update
• RHSA-2025:3210: Important: container-tools:rhel8 security update
• RHSA-2025:3208: Important: kernel security update
• RHSA-2025:3216: Important: kernel security update
• RHSA-2025:3212: Important: kernel security update
• RHSA-2025:3213: Important: kernel security update
• RHSA-2025:3211: Important: kernel-rt security update
• RHSA-2025:3207: Important: kernel security update
• RHSA-2025:3214: Important: kernel-rt security update
• RHSA-2025:3209: Important: kernel security update
• RHSA-2025:3186: Important: podman security update
• RHSA-2025:3185: Important: gvisor-tap-vsock security update
• RHSA-2025:3184: Important: podman security update
• RHSA-2025:3172: Important: VolSync 0.12.1 security fixes and enhancements for RHEL 9
• RHSA-2025:3175: Important: container-tools:rhel8 security update
• RHSA-2025:3162: Important: Red Hat Ansible Automation Platform 2.5 Container Release Update
• RHSA-2025:3260: Important: kernel security update
• RHSA-2025:3265: Important: libreoffice security update
• RHSA-2025:3269: Important: libreoffice security update
• RHSA-2025:3268: Important: container-tools:rhel8 security update
• RHSA-2025:3061: Moderate: OpenShift Container Platform 4.17.22 packages and security update
• RHSA-2025:3055: Important: OpenShift Container Platform 4.15.48 security update
• RHSA-2025:3059: Important: OpenShift Container Platform 4.17.22 bug fix and security update
• RHSA-2025:3131: Important: Logging for Red Hat OpenShift - 6.1.4
• RHSA-2025:3132: Important: Logging for Red Hat OpenShift - 6.0.6
• RHSA-2025:3267: Important: libreoffice security update
• RHSA-2025:3266: Important: container-tools:rhel8 security update
• RHSA-2025:3262: Moderate: nginx:1.24 security update
• RHSA-2025:3261: Moderate: nginx:1.22 security update
• RHSA-2025:3264: Important: kernel-rt security update
• RHSA-2025:3371: Important: Red Hat OpenStack Platform 17.1 (openstack-ansible-core) security update
• RHSA-2025:3358: Important: Red Hat JBoss Enterprise Application Platform 8.0.6 security update
• RHSA-2025:3350: Moderate: expat security update
• RHSA-2025:3344: Important: grafana security update
• RHSA-2025:3336: Important: podman security update
• RHSA-2025:3335: Important: opentelemetry-collector security update
• RHSA-2025:3367: Important: grub2 security update
• RHSA-2025:3357: Important: Red Hat JBoss Enterprise Application Platform 8.0.6 security update

SUSE Linux

• openSUSE-SU-2025:0101-1: moderate: Security update for radare2
• SUSE-SU-2025:0989-1: moderate: Security update for u-boot
• openSUSE-SU-2025:14917-1: moderate: nodejs-electron-33.4.6-1.1 on GA media
• openSUSE-SU-2025:14918-1: moderate: warewulf4-4.6.0-2.1 on GA media
• SUSE-SU-2025:0994-1: important: Security update for php8
• openSUSE-SU-2025:0103-1: moderate: Security update for cadvisor
• SUSE-SU-2025:0998-1: important: Security update for freetype2
• openSUSE-SU-2025:14920-1: moderate: gitleaks-8.24.2-1.1 on GA media
• openSUSE-SU-2025:14919-1: moderate: forgejo-10.0.3-1.1 on GA media
• SUSE-SU-2025:1013-1: moderate: Security update for govulncheck-vulndb
• SUSE-SU-2025:1014-1: important: Security update for buildah
• SUSE-SU-2025:1012-1: important: Security update for php8
• SUSE-SU-2025:1005-1: important: Security update for google-guest-agent
• SUSE-SU-2025:1007-1: moderate: Security update for helm
• SUSE-SU-2025:1006-1: important: Security update for google-osconfig-agent
• SUSE-SU-2025:1008-1: important: Security update for python-gunicorn
• SUSE-SU-2025:1011-1: important: Security update for grafana
• SUSE-SU-2025:1003-1: important: Security update for libxslt
• SUSE-SU-2025:1017-1: important: Security update for buildah
• SUSE-SU-2025:1019-1: important: Security update for azure-cli-core
• SUSE-SU-2025:1018-1: important: Security update for buildah
• SUSE-SU-2025:1024-1: important: Security update for tomcat10
• SUSE-SU-2025:1025-1: important: Security update for php7
• SUSE-SU-2025:1022-1: important: Security update for apache-commons-vfs2
• openSUSE-SU-2025:14923-1: moderate: docker-stable-24.0.9_ce-8.1 on GA media
• openSUSE-SU-2025:14924-1: moderate: kubernetes1.29-apiserver-1.29.15-1.1 on GA media
• SUSE-SU-2025:1027-1: important: Security update for the Linux Kernel
• openSUSE-SU-2025:14922-1: moderate: chromedriver-134.0.6998.117-1.1 on GA media
• openSUSE-SU-2025:14921-1: moderate: argocd-cli-2.14.8-1.1 on GA media
• openSUSE-SU-2025:14925-1: moderate: kubernetes1.30-apiserver-1.30.11-1.1 on GA media
• openSUSE-SU-2025:14928-1: moderate: libmbedcrypto7-2.28.10-1.1 on GA media
• openSUSE-SU-2025:14927-1: moderate: kubernetes1.32-apiserver-1.32.3-1.1 on GA media
• SUSE-SU-2025:1028-1: important: Security update for proftpd
• SUSE-SU-2025:1029-1: important: Security update for ed25519-java
• SUSE-SU-2025:1033-1: moderate: Security update for webkit2gtk3
• SUSE-SU-2025:1036-1: important: Security update for podman
• SUSE-SU-2025:1037-1: important: Security update for podman
• SUSE-SU-2025:1038-1: important: Security update for podman
• openSUSE-SU-2025:14929-1: moderate: apache-commons-vfs2-2.10.0-1.1 on GA media
• openSUSE-SU-2025:14933-1: moderate: corosync-3.1.9-2.1 on GA media
• SUSE-SU-2025:1051-1: important: Security update for erlang26
• SUSE-SU-2025:1052-1: moderate: Security update for govulncheck-vulndb
• SUSE-SU-2025:1054-1: important: Security update for mercurial
• SUSE-SU-2025:1056-1: low: Security update for python3
• SUSE-SU-2025:1055-1: moderate: Security update for skopeo
• openSUSE-SU-2025:14937-1: moderate: govulncheck-vulndb-0.0.20250327T184518-1.1 on GA media
• openSUSE-SU-2025:14943-1: moderate: rke2-1.30-1.30.11+rke2r1-1.1 on GA media
• openSUSE-SU-2025:14936-1: moderate: ffmpeg-4-4.4.5-9.1 on GA media
• openSUSE-SU-2025:14934-1: moderate: 389-ds-3.1.2~git55.7fbd4526-1.1 on GA media
• openSUSE-SU-2025:14938-1: moderate: istioctl-1.25.1-1.1 on GA media
• openSUSE-SU-2025:14939-1: moderate: matrix-synapse-1.127.1-1.1 on GA media
• openSUSE-SU-2025:14944-1: moderate: rke2-1.31-1.31.7+rke2r1-1.1 on GA media
• openSUSE-SU-2025:14942-1: moderate: rke2-1.29-1.29.15+rke2r1-1.1 on GA media
• openSUSE-SU-2025:14941-1: moderate: rke2-1.32.3+rke2r1-1.1 on GA media
• openSUSE-SU-2025:14935-1: moderate: exim-4.98.2-1.1 on GA media

Ubuntu Linux

• [USN-7365-1] NLTK vulnerabilities
• [USN-7367-1] zvbi vulnerabilities
• [USN-7370-1] SmartDNS vulnerabilities
• [USN-7348-2] Python regression
• [USN-7369-1] elfutils vulnerabilities
• [USN-7366-1] Rack vulnerabilities
• [USN-7371-1] FreeRDP vulnerabilities
• [USN-7372-1] Varnish vulnerability
• [USN-7373-1] Exim vulnerability
• [LSN-0110-1] Linux kernel vulnerability
• [USN-7375-1] Org Mode vulnerabilities
• [USN-7374-1] containerd vulnerability
• [USN-7383-1] Linux kernel vulnerabilities
• [USN-7379-1] Linux kernel vulnerabilities
• [USN-7387-1] Linux kernel vulnerabilities
• [USN-7376-1] MariaDB vulnerability
• [USN-7364-1] OpenSAML vulnerability
• [USN-7378-1] Ghostscript vulnerabilities
• [USN-7385-1] Linux kernel (IBM) vulnerabilities
• [USN-7383-2] Linux kernel (Real-time) vulnerabilities
• [USN-7386-1] Linux kernel (OEM) vulnerabilities
• [USN-7384-1] Linux kernel (Azure) vulnerabilities
• [USN-7377-1] Smarty vulnerability
• [USN-7381-1] Linux kernel (Low Latency) vulnerabilities
• [USN-7380-1] Linux kernel (Low Latency) vulnerabilities
• [USN-7382-1] Linux kernel (OEM) vulnerabilities
• [USN-7368-1] SnakeYAML vulnerability
• [USN-7388-1] Linux kernel vulnerabilities
• [USN-7387-3] Linux kernel (Real-time) vulnerabilities
• [USN-7389-1] Linux kernel (NVIDIA Tegra) vulnerabilities
• [USN-7390-1] Linux kernel (Xilinx ZynqMP) vulnerabilities
• [USN-7387-2] Linux kernel (FIPS) vulnerabilities
• [USN-7392-1] Linux kernel vulnerabilities
• [USN-7391-1] Linux kernel vulnerabilities
• [USN-7393-1] Linux kernel (FIPS) vulnerabilities
• [USN-7392-2] Linux kernel vulnerabilities
• [USN-7330-2] Ansible regression
• [USN-7346-2] OpenSC regression