Here is a roundup of last week's Linux security updates for Arch Linux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, SUSE Linux, and Ubuntu Linux.

AlmaLinux

• ALSA-2025:3264: kernel-rt security update (Important)
• ALSA-2025:3260: kernel security update (Important)
• ALSA-2025:3406: python-jinja2 security update (Important)
• ALSA-2025:3367: grub2 security update (Important)
• ALSA-2025:3421: freetype security update (Important)
• ELevate Testing now ready for AlmaLinux 10
• ALSA-2025:3531: expat security update (Moderate)
• ALSA-2025:3582: firefox security update (Important)
• ALSA-2025:3556: firefox security update (Important)

Debian GNU/Linux

• ELA-1363-1 librabbitmq security update
• ELA-1364-1 intel-microcode security update
• ELA-1360-1 ffmpeg security update
• ELA-1330-1 ruby2.3 security update
• ELA-1362-1 librabbitmq security update
• ELA-1361-1 ffmpeg security update
• ELA-1333-1 ruby2.1 security update
• ELA-1365-1 amd64-microcode security update
• ELA-1364-1 intel-microcode security update
• ELA-1368-1 freetype security update
• ELA-1366-1 libdata-entropy-perl security update
• ELA-1367-1 suricata security update
• [DLA 4098-1] amd64-microcode security update
• [DLA 4099-1] flatpak security update
• [DLA 4100-1] libdata-entropy-perl security update
• [DLA 4102-1] linux-6.1 security update
• [DLA 4101-1] varnish security update
• [DLA 4104-1] freetype security update
• [DLA 4103-1] suricata security update
• ELA-1369-1 tzdata new timezone database
• [DLA 4105-1] tzdata new timezone database
• [DLA 4108-1] tomcat9 security update
• [DLA 4107-1] openjpeg2 security update
• [DLA 4106-1] jetty9 security update
• ELA-1370-1 linux-5.10 security update
• [DLA 4109-1] firefox-esr security update
• [DLA 4111-1] commons-vfs security update
• [DLA 4110-1] thunderbird security update
• [DSA 5889-1] firefox-esr security update
• ELA-1373-1 php-horde-turba regression update
• ELA-1372-1 php-horde-imp security update
• ELA-1371-1 php-horde-editor security update
• [DLA 4113-1] php-horde-imp security update
• [DLA 4112-1] php-horde-editor - switch to CKEditor 4
• [DSA 5891-1] thunderbird security update
• [DSA 5890-1] chromium security update
• [DSA 5892-1] atop security update
• ELA-1378-1 tomcat7 security update
• ELA-1380-1 openjpeg2 security update
• ELA-1377-1 tomcat8 security update
• ELA-1375-1 shellinabox security update
• ELA-1374-1 ruby2.3 security update
• ELA-1379-1 openjpeg2 security update
• ELA-1376-1 tomcat9 security update
• [DLA 4115-1] ruby-saml security update
• [DLA 4106-2] jetty9 regression update
• [DLA 4114-1] zfs-linux security update
• [DSA 5894-1] jetty9 security update
• [DSA 5893-1] tomcat10 security update
• [DLA 4116-1] abseil security update
• [DSA 5895-1] xz-utils security update
• [DSA 5896-1] trafficserver security update

Fedora Linux

• Fedora 42 Update: crosswords-puzzle-sets-xword-dl-0.4.8-1.fc42
• Fedora 40 Update: mingw-libxslt-1.1.43-1.fc40
• Fedora 41 Update: qgis-3.40.5-2.fc41
• Fedora 41 Update: mingw-libxslt-1.1.43-1.fc41
• Fedora 42 Update: qgis-3.42.1-2.fc42
• Fedora 42 Update: dokuwiki-20240206b-1.fc42
• Fedora 42 Update: php-phpseclib3-3.0.43-1.fc42
• Fedora 42 Update: php-kissifrot-php-ixr-1.8.4-1.fc42
• Fedora 42 Update: rust-zincati-0.0.30-1.fc42
• Fedora 40 Update: rust-zincati-0.0.30-1.fc40
• Fedora 41 Update: firefox-137.0-2.fc41
• Fedora 41 Update: rust-zincati-0.0.30-1.fc41
• Fedora 40 Update: firefox-137.0-2.fc40
• Fedora 40 Update: corosync-3.1.9-2.fc40
• Fedora 40 Update: suricata-7.0.10-1.fc40
• Fedora 40 Update: nextcloud-31.0.2-2.fc40
• Fedora 41 Update: corosync-3.1.9-2.fc41
• Fedora 41 Update: nextcloud-31.0.2-1.fc41
• Fedora 41 Update: suricata-7.0.10-1.fc41
• Fedora 40 Update: webkitgtk-2.48.0-1.fc40
• Fedora 40 Update: chromium-135.0.7049.52-2.fc40
• Fedora 40 Update: matrix-synapse-1.111.1-4.fc40
• Fedora 40 Update: exim-4.98.2-1.fc40
• Fedora 41 Update: chromium-135.0.7049.52-1.fc41
• Fedora 41 Update: ghostscript-10.03.1-5.fc41
• Fedora 41 Update: exim-4.98.2-1.fc41
• Fedora 41 Update: varnish-7.5.0-3.fc41
• Fedora 41 Update: crosswords-puzzle-sets-xword-dl-0.4.8-1.fc41
• Fedora 41 Update: yarnpkg-1.22.22-7.fc41
• Fedora 41 Update: upx-5.0.0-1.fc41
• Fedora 41 Update: condor-23.9.6-3.fc41
• Fedora 40 Update: upx-5.0.0-1.fc40
• Fedora 40 Update: yarnpkg-1.22.22-7.fc40
• Fedora 40 Update: condor-23.9.6-3.fc40

Gentoo Linux

• [ GLSA 202504-01 ] XZ Utils: Use after free

Oracle Linux

• ELSA-2025-3026 Important: Oracle Linux 8 kernel security update
• ELSA-2025-3082 Important: Oracle Linux 8 postgresql:12 security update
• ELBA-2025-3394 Oracle Linux 8 tzdata bug fix and enhancement update
• ELBA-2025-3110 Oracle Linux 8 mesa bug fix update
• ELSA-2025-20190 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
• ELSA-2025-3336 Important: Oracle Linux 9 podman security update
• ELSA-2025-3262 Moderate: Oracle Linux 9 nginx:1.24 security update
• ELSA-2025-3208 Important: Oracle Linux 9 kernel security update
• ELBA-2025-20201 Oracle Linux 9 pcp bug fix update
• ELBA-2025-3023 Oracle Linux 9 passt bug fix update
• ELBA-2025-2982 Oracle Linux 9 cloud-init bug fix update
• ELBA-2025-20192 Oracle Linux 9 iscsi-initiator-utils bug fix update
• ELBA-2025-20199 Oracle Linux 9 shim bug fix update
• ELBA-2025-20183 Oracle Linux 9 libcgroup-original bug fix update
• ELBA-2025-20198 Oracle Linux 9 shim bug fix update
• ELSA-2025-3260 Important: Oracle Linux 8 kernel security update
• ELBA-2025-20197 Oracle Linux 8 shim bug fix update
• ELBA-2025-20196 Oracle Linux 8 shim bug fix update
• ELBA-2025-20191 Oracle Linux 8 sos bug fix update
• ELBA-2025-20183 Oracle Linux 8 libcgroup-original bug fix update
• ELSA-2025-2861 Important: Oracle Linux 7 tigervnc security update
• ELSA-2025-20190 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
• ELSA-2025-3421 Important: Oracle Linux 8 freetype security update
• ELSA-2025-2673 Important: Oracle Linux 7 libxml2 security update
• ELSA-2025-3388 Important: Oracle Linux 8 python-jinja2 security update
• ELBA-2025-3022 Oracle Linux 9 kernel bug fix update
• ELSA-2025-2501 Important: Oracle Linux 7 kernel security update
• ELSA-2025-20190 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
• ELBA-2025-20193 Oracle Linux 7 shim-signed bug fix update
• ELSA-2025-3408 Important: Oracle Linux 9 libreoffice security update
• ELBA-2025-20200 Oracle Linux 8 btrfs-progs bug fix update
• ELBA-2025-3270 Oracle Linux 8 scap-security-guide bug fix and enhancement update
• ELSA-2025-3406 Important: Oracle Linux 9 python-jinja2 security update
• ELSA-2025-3113 Important: Oracle Linux 9 fence-agents security update
• ELSA-2025-3107 Important: Oracle Linux 9 libxslt security update
• ELBA-2025-3394 Oracle Linux 9 tzdata bug fix and enhancement update
• ELSA-2025-2130 Important: Oracle Linux 7 emacs security update
• ELSA-2025-3344 Important: Oracle Linux 9 grafana security update
• ELBA-2025-3394 Oracle Linux 7 tzdata bug fix and enhancement update
• ELBA-2025-20204 Oracle Linux 8 annobin bug fix update
• ELBA-2025-20202 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update
• ELBA-2025-20207 Oracle Linux 8 glibc bug fix update
• ELBA-2025-3270 Oracle Linux 9 scap-security-guide bug fix and enhancement update
• ELSA-2025-3531 Moderate: Oracle Linux 9 expat security update
• ELBA-2025-3392 Oracle Linux 8 gcc bug fix update
• ELBA-2025-20202 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
• ELBA-2025-20200 Oracle Linux 9 btrfs-progs bug fix update
• ELBA-2025-20202 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update
• ELBA-2025-20203 Oracle Linux 8 oracle-ovirt-release-45-el8 bug fix update
• ELSA-2025-3556 Important: Oracle Linux 9 firefox security update
• ELSA-2025-3506 Moderate: Oracle Linux 9 kernel security update
• ELSA-2025-3210 Important: Oracle Linux 8 container-tools:ol8 security update
• ELBA-2025-3507 Oracle Linux 8 kernel bug fix update
• ELSA-2025-3582 Important: Oracle Linux 8 firefox security update
• ELSA-2025-3407 Important: Oracle Linux 9 freetype security update

Red Hat Enterprise Linux

• RHSA-2025:3395: Important: freetype security update
• RHSA-2025:3390: Important: libreoffice security update
• RHSA-2025:3388: Important: python-jinja2 security update
• RHSA-2025:3389: Important: libxslt security update
• RHSA-2025:3396: Important: grub2 security update
• RHSA-2025:3393: Important: freetype security update
• RHSA-2025:3387: Important: freetype security update
• RHSA-2025:3383: Important: freetype security update
• RHSA-2025:3386: Important: freetype security update
• RHSA-2025:3384: Important: freetype security update
• RHSA-2025:3385: Important: freetype security update
• RHSA-2025:3382: Important: freetype security update
• RHSA-2025:3411: Important: opentelemetry-collector security update
• RHSA-2025:3407: Important: freetype security update
• RHSA-2025:3406: Important: python-jinja2 security update
• RHSA-2025:3408: Important: libreoffice security update
• RHSA-2025:3439: Important: ACS 4.6 enhancement and security update
• RHSA-2025:3421: Important: freetype security update
• RHSA-2025:3437: Important: ACS 4.5 enhancement and security update
• RHSA-2025:3438: Important: ACS 4.7 enhancement and security update
• RHSA-2025:3465: Important: Red Hat JBoss Enterprise Application Platform 7.4.21 security update
• RHSA-2025:3467: Important: Red Hat JBoss Enterprise Application Platform 7.4 .21 security update
• RHSA-2025:3490: Important: Satellite 6.16.4 Async Update
• RHSA-2025:3492: Important: Satellite 6.14.4.5 Async Update
• RHSA-2025:3491: Important: Satellite 6.15.5.2 Async Update
• RHSA-2025:3502: Important: RHODF-4.16-RHEL-9 security update
• RHSA-2025:3498: Important: Red Hat multicluster global hub 1.2.2 bug fixes and container update
• RHSA-2025:3500: Important: RHODF-4.17-RHEL-9 security update
• RHSA-2025:3541: Important: Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available (RHBQ 3.15.4.GA)
• RHSA-2025:3540: Important: Red Hat Integration Camel K 1.10.10 release and security update.
• RHSA-2025:3530: Moderate: libgcrypt security update
• RHSA-2025:3528: Important: libxslt security update
• RHSA-2025:3506: Moderate: kernel security update
• RHSA-2025:3503: Important: Red Hat build of Cryostat security update
• RHSA-2025:3510: Moderate: kernel security update
• RHSA-2025:3562: Important: python-jinja2 security update
• RHSA-2025:3549: Important: libreoffice security update
• RHSA-2025:3548: Important: libreoffice security update
• RHSA-2025:3550: Important: libreoffice security update
• RHSA-2025:3556: Important: firefox security update
• RHSA-2025:3301: Important: OpenShift Container Platform 4.16.38 bug fix and security update
• RHSA-2025:3543: Important: Red Hat Build of Apache Camel 4.8.5 for Spring Boot security update.
• RHSA-2025:3448: Important: Logging for Red Hat OpenShift - 5.8.19
• RHSA-2025:3542: Important: RHODF-4.15-RHEL-9 security update
• RHSA-2025:3454: Moderate: Red Hat JBoss Web Server 5.8.3 release and security update
• RHSA-2025:3455: Moderate: Red Hat JBoss Web Server 5.8.3 release and security update
• RHSA-2025:3452: Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 security update
• RHSA-2025:3376: Important: Red Hat build of Quarkus 3.15.4 release and security update
• RHSA-2025:3453: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 security update
• RHSA-2025:3534: Moderate: libgcrypt security update
• RHSA-2025:3531: Moderate: expat security update
• RHSA-2025:3589: Important: firefox security update
• RHSA-2025:3588: Important: python-jinja2 security update
• RHSA-2025:3587: Important: firefox security update
• RHSA-2025:3586: Important: python-jinja2 security update
• RHSA-2025:3585: Important: python-jinja2 security update
• RHSA-2025:3581: Important: firefox security update
• RHSA-2025:3580: Important: python-jinja2 security update
• RHSA-2025:3297: Important: OpenShift Container Platform 4.17.23 bug fix and security update
• RHSA-2025:3560: Important: RHODF-4.14-RHEL-9 security update
• RHSA-2025:3590: Important: firefox security update
• RHSA-2025:3582: Important: firefox security update
• RHSA-2025:3593: Important: opentelemetry-collector security update

Rocky Linux

• RLBA-2024:9256: opentelemetry-collector bug fix and enhancement update
• RLBA-2025:2871: glibc bug fix update

Slackware Linux

• Mozilla-Firefox (SSA:2025-091-01)
• Mozilla-Thunderbird (SSA:2025-091-02)

SUSE Linux

• SUSE-SU-2025:1062-1: important: Security update for docker, docker-stable
• SUSE-SU-2025:1063-1: moderate: Security update for apparmor
• openSUSE-SU-2025:0110-1: moderate: Security update for restic
• SUSE-SU-2025:1076-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)
• SUSE-SU-2025:1072-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
• openSUSE-SU-2025:0111-1: important: Security update for opera
• SUSE-SU-2025:1084-1: critical: Security update for corosync
• openSUSE-SU-2025:14947-1: moderate: upx-5.0.0-2.1 on GA media
• openSUSE-SU-2025:14945-1: moderate: atop-2.11.1-1.1 on GA media
• openSUSE-SU-2025:14946-1: moderate: libmodsecurity3-3.0.14-1.1 on GA media
• SUSE-SU-2025:1094-1: important: Security update for warewulf4
• SUSE-SU-2025:1104-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)
• SUSE-SU-2025:1099-1: moderate: Security update for govulncheck-vulndb
• openSUSE-SU-2025:14948-1: moderate: MozillaFirefox-136.0.4-1.1 on GA media
• SUSE-SU-2025:1119-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
• SUSE-SU-2025:1120-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
• SUSE-SU-2025:1114-1: important: Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
• SUSE-SU-2025:1121-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
• openSUSE-SU-2025:0113-1: important: Security update for assimp
• SUSE-SU-2025:1131-1: important: Security update for openvpn
• SUSE-SU-2025:1134-1: moderate: Security update for apparmor
• SUSE-SU-2025:1135-1: moderate: Security update for apparmor
• SUSE-SU-2025:1137-1: important: Security update for xz
• SUSE-SU-2025:1138-1: important: Security update for MozillaFirefox
• openSUSE-SU-2025:14960-1: moderate: perl-Data-Entropy-0.8.0-1.1 on GA media
• openSUSE-SU-2025:14959-1: moderate: libsaml-devel-3.3.1-2.1 on GA media
• openSUSE-SU-2025:14951-1: moderate: aws-efs-utils-2.2.1-1.1 on GA media
• openSUSE-SU-2025:14956-1: moderate: headscale-0.25.1-2.1 on GA media
• openSUSE-SU-2025:14958-1: moderate: libmozjs-128-0-128.8.1-1.1 on GA media
• openSUSE-SU-2025:14953-1: moderate: ghostscript-10.05.0-1.1 on GA media
• openSUSE-SU-2025:14950-1: moderate: assimp-devel-5.4.3-5.1 on GA media
• openSUSE-SU-2025:14954-1: moderate: gotosocial-0.18.3-2.1 on GA media
• openSUSE-SU-2025:14952-1: moderate: expat-2.7.1-1.1 on GA media
• openSUSE-SU-2025:14949-1: moderate: GraphicsMagick-1.3.45-2.1 on GA media
• SUSE-SU-2025:1126-1: important: Security update for tomcat
• SUSE-SU-2025:1125-1: important: Security update for libxslt
• SUSE-SU-2025:1129-1: moderate: Security update for GraphicsMagick
• SUSE-SU-2025:1123-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
• SUSE-SU-2025:1128-1: important: Security update for ffmpeg-4
• SUSE-SU-2025:1127-1: important: Security update for ghostscript
• SUSE-SU-2025:1139-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
• openSUSE-SU-2025:14955-1: moderate: govulncheck-vulndb-0.0.20250331T171002-1.1 on GA media
• SUSE-SU-2025:1141-1: important: Security update for go1.23
• SUSE-SU-2025:1143-1: important: Security update for google-guest-agent
• openSUSE-SU-2025:14963-1: moderate: go1.24-1.24.2-1.1 on GA media
• openSUSE-SU-2025:14965-1: moderate: python311-ecdsa-0.19.1-1.1 on GA media
• openSUSE-SU-2025:14964-1: moderate: gsl-2.8-4.1 on GA media
• openSUSE-SU-2025:14962-1: moderate: go1.23-1.23.8-1.1 on GA media
• openSUSE-SU-2025:14961-1: moderate: firefox-esr-128.9.0-1.1 on GA media
• openSUSE-SU-2025:14970-1: moderate: govulncheck-vulndb-0.0.20250402T160203-1.1 on GA media
• openSUSE-SU-2025:14969-1: moderate: google-guest-agent-20250327.01-1.1 on GA media
• openSUSE-SU-2025:14966-1: moderate: MozillaThunderbird-128.9.0-1.1 on GA media

Ubuntu Linux

• [USN-7394-1] Doorkeeper vulnerabilities
• [USN-7376-2] MariaDB vulnerability
• [USN-7396-1] OVN vulnerability
• [USN-7395-1] WebKitGTK vulnerabilities
• [USN-7397-1] AOM vulnerability
• [USN-7398-1] libtar vulnerabilities
• [USN-7399-1] RabbitMQ Server vulnerability
• [USN-7400-1] PHP vulnerabilities
• [USN-7401-1] Linux kernel (AWS) vulnerabilities
• [USN-7384-2] Linux kernel (Azure) vulnerabilities
• [USN-7392-3] Linux kernel (AWS) vulnerabilities
• [USN-7392-4] Linux kernel (AWS FIPS) vulnerabilities
• [USN-7379-2] Linux kernel (Raspberry Pi) vulnerabilities
• [USN-7404-1] phpseclib vulnerabilities
• [USN-7403-1] Linux kernel (HWE) vulnerabilities
• [USN-7402-1] Linux kernel vulnerabilities
• [USN-7402-2] Linux kernel (Real-time) vulnerabilities
• [USN-7405-1] InspIRCd vulnerabilities
• [USN-7261-2] Vim vulnerability
• [USN-7285-2] nginx vulnerability
• [USN-7406-1] Linux kernel vulnerabilities
• [USN-7407-1] Linux kernel (HWE) vulnerabilities
• [USN-7406-3] Linux kernel (Real-time) vulnerabilities
• [USN-7406-2] Linux kernel (FIPS) vulnerabilities
• [USN-7408-1] Linux kernel vulnerabilities
• [USN-7408-2] Linux kernel (FIPS) vulnerabilities
• [USN-7414-1] XZ Utils vulnerability
• [USN-7406-4] Linux kernel (Azure FIPS) vulnerabilities
• [USN-7413-1] Linux kernel (IoT) vulnerabilities
• [USN-7409-1] RubySAML vulnerabilities
• [USN-7412-1] GnuPG vulnerability
• [USN-7411-1] OpenVPN vulnerability
• [USN-7415-1] Linux kernel vulnerabilities
• [USN-7402-3] Linux kernel (NVIDIA) vulnerabilities