Here is a roundup of last week's Linux security updates for AlmaLinux, ArchLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, SUSE Linux, and Ubuntu Linux.

AlmaLinux

• AlmaLinux OS 9 - CVE-2024-6387: regreSSHion
• ALSA-2024:4197: httpd:2.4/httpd security update (Moderate)
• ALSA-2024:4212: golang security update (Moderate)
• ALSA-2024:4211: kernel security and bug fix update (Important)
• ALSA-2024:4256: less security update (Important)
• ALSA-2024:4265: cups security update (Moderate)
• ALSA-2024:4264: openldap security update (Low)
• ALSA-2024:4244: python3.11-PyMySQL security update (Moderate)
• ALSA-2024:4246: container-tools security update (Moderate)
• ALSA-2024:4247: libuv security update (Moderate)
• ALSA-2024:4278: qemu-kvm security update (Important)
• ALSA-2024:4249: c-ares security update (Low)
• ALSA-2024:4227: python-pillow security update (Moderate)
• ALSA-2024:4259: xmlrpc-c security and bug fix update (Moderate)
• ALSA-2024:4241: iperf3 security update (Moderate)
• ALSA-2024:4237: go-toolset security update (Moderate)
• ALSA-2024:4243: python3 security update (Moderate)
• ALSA-2024:4245: python3 security update (Moderate)
• ALSA-2024:4231: python-jinja2 security update (Moderate)
• ALSA-2024:4267: fontforge security update (Moderate)
• ALSA-2024:4252: nghttp2 security update (Moderate)
• ALSA-2024:4260: python-idna security update (Moderate)
• ALSA-2024:4235: 389-ds security update (Important)
• ALSA-2024:4242: libreoffice security update (Moderate)

ArchLinux

• [ASA-202407-1] openssh: authentication bypass

Debian GNU/Linux

• ELA-1119-1 glibc security update
• ELA-1118-1 dcmtk security update
• [DLA 3850-1] glibc security update
• [DLA 3846-1] libmojolicious-perl security update
• [DLA 3855-1] pdns-recursor security update
• [DLA 3854-1] tryton-client security update
• [DLA 3853-1] tryton-server security update
• [DLA 3852-1] edk2 security update
• [DLA 3851-1] gunicorn security update
• ELA-1118-1 dcmtk security update
• [DSA 5724-1] openssh security update
• ELA-1120-1 linux-5.10 security update
• [DSA 5725-1] znc security update
• ELA-1122-1 emacs24 security update
• ELA-1123-1 emacs25 security update
• ELA-1124-1 sendmail security update
• [DSA 5726-1] krb5 security update
• ELA-1125-1 ffmpeg security update

Fedora Linux

• Fedora 39 Update: libreswan-4.15-1.fc39
• Fedora 39 Update: mingw-gstreamer1-plugins-base-1.22.9-2.fc39
• Fedora 39 Update: mingw-gstreamer1-plugins-good-1.22.9-1.fc39
• Fedora 39 Update: mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39
• Fedora 39 Update: mingw-gstreamer1-1.22.9-1.fc39
• Fedora 40 Update: libreswan-4.15-1.fc40
• Fedora 40 Update: cups-2.4.10-1.fc40
• Fedora 40 Update: python-urllib3-1.26.19-1.fc40
• Fedora 39 Update: emacs-29.4-2.fc39
• Fedora 40 Update: openssh-9.6p1-1.fc40.4
• Fedora 40 Update: ghostscript-10.02.1-10.fc40
• Fedora 39 Update: openssh-9.3p1-11.fc39
• Fedora 39 Update: firmitas-0.1.3-1.fc39
• Fedora 39 Update: libnbd-1.18.5-1.fc39
• Fedora 39 Update: cockpit-320-1.fc39
• Fedora 39 Update: python-astropy-5.3.3-1.fc39
• Fedora 39 Update: python3-docs-3.12.4-1.fc39
• Fedora 39 Update: python3.12-3.12.4-1.fc39
• Fedora 40 Update: python-astropy-5.3.3-1.fc40
• Fedora 40 Update: python3-docs-3.12.4-1.fc40
• Fedora 40 Update: python3.12-3.12.4-1.fc40
• Fedora 40 Update: yt-dlp-2024.07.02-1.fc40

Gentoo Linux

• [ GLSA 202407-05 ] SSSD: Command Injection
• [ GLSA 202407-01 ] Zsh: Prompt Expansion Vulnerability
• [ GLSA 202407-03 ] Liferea: Remote Code Execution
• [ GLSA 202407-06 ] cryptography: Multiple Vulnerabilities
• [ GLSA 202407-04 ] Pixman: Heap Buffer Overflow
• [ GLSA 202407-02 ] SDL_ttf: Arbitrary Memory Write
• [ GLSA 202407-07 ] cpio: Arbitrary Code Execution
• [ GLSA 202407-08 ] GNU Emacs, Org Mode: Multiple Vulnerabilities
• [ GLSA 202407-09 ] OpenSSH: Remote Code Execution
• [ GLSA 202407-10 ] Sofia-SIP: Multiple Vulnerabilities
• [ GLSA 202407-14 ] TigerVNC: Multiple Vulnerabilities
• [ GLSA 202407-13 ] WebKitGTK+: Multiple Vulnerabilities
• [ GLSA 202407-17 ] BusyBox: Multiple Vulnerabilities
• [ GLSA 202407-16 ] GNU Coreutils: Buffer Overflow Vulnerability
• [ GLSA 202407-15 ] GraphicsMagick: Multiple Vulnerabilities
• [ GLSA 202407-12 ] podman: Multiple Vulnerabilities
• [ GLSA 202407-11 ] PuTTY: Multiple Vulnerabilities
• [ GLSA 202407-18 ] Stellarium: Arbitrary File Write
• [ GLSA 202407-21 ] X.Org X11 library: Multiple Vulnerabilities
• [ GLSA 202407-20 ] KDE Plasma Workspaces: Privilege Escalation
• [ GLSA 202407-19 ] Mozilla Thunderbird: Multiple Vulnerabilities
• [ GLSA 202407-22 ] Mozilla Firefox: Multiple Vulnerabilities

Oracle Linux

• ELBA-2024-4228 Oracle Linux 8 gnome-shell-extensions bug fix update
• ELBA-2024-4232 Oracle Linux 8 Bug fix of nmstate
• ELBA-2024-4234 Oracle Linux 8 jq update
• ELBA-2024-4213 Oracle Linux 8 xorg-x11-server bug fix update
• ELSA-2024-4212 Moderate: Oracle Linux 9 golang security update
• ELSA-2024-4278 Important: Oracle Linux 9 qemu-kvm security update
• ELSA-2024-12468 Important: Oracle Linux 9 openssh security update
• ELBA-2024-12469 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
• ELSA-2024-4222 Important: Oracle Linux 7 pki-core security update (aarch64)
• ELBA-2024-4221 Oracle Linux 7 jss bug fix and enhancement update (aarch64)
• ELBA-2024-12467 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
• ELBA-2024-12469 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update (aarch64)
• ELSA-2024-4222 Important: Oracle Linux 7 pki-core security update
• ELBA-2024-4221 Oracle Linux 7 jss bug fix and enhancement update
• ELBA-2024-12467 Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel bug fix update
• ELBA-2024-4238 Oracle Linux 8 fence-agents bug fix update
• ELBA-2024-4248 Oracle Linux 8 python3.11 bug fix update
• ELBA-2024-4240 Oracle Linux 8 google-noto-cjk-fonts bug fix update
• ELSA-2024-4265 Moderate: Oracle Linux 8 cups security update
• ELSA-2024-4260 Moderate: Oracle Linux 8 python-idna security update
• ELSA-2024-4264 Low: Oracle Linux 8 openldap security update
• ELSA-2024-4259 Moderate: Oracle Linux 8 xmlrpc-c security and bug fix update
• ELSA-2024-4256 Important: Oracle Linux 8 less security update
• ELSA-2024-4247 Moderate: Oracle Linux 8 libuv security update
• ELSA-2024-4249 Low: Oracle Linux 8 c-ares security update
• ELSA-2024-4197 Moderate: Oracle Linux 8 httpd:2.4/httpd security update
• ELSA-2024-4242 Moderate: Oracle Linux 8 libreoffice security update
• ELSA-2024-4244 Moderate: Oracle Linux 8 python3.11-PyMySQL security update
• ELSA-2024-4241 Moderate: Oracle Linux 8 iperf3 security update
• ELSA-2024-4231 Moderate: Oracle Linux 8 python-jinja2 security update
• ELBA-2024-4239 Oracle Linux 8 tigervnc enhancement update
• ELSA-2024-4227 Moderate: Oracle Linux 8 python-pillow security update
• ELSA-2024-4211 Important: Oracle Linux 8 kernel security and bug fix update
• ELBA-2024-4250 Oracle Linux 8 libtirpc bug fix update
• ELSA-2024-4246 Moderate: Oracle Linux 8 container-tools security update
• ELSA-2024-4237 Moderate: Oracle Linux 8 go-toolset security update
• ELBA-2024-4255 Oracle Linux 8 systemd update
• ELBA-2024-4263 Oracle Linux 8 krb5 bug fix update
• ELBA-2024-4236 Oracle Linux 8 sysstat bug fix update
• ELBA-2024-4261 Oracle Linux 8 samba bug fix update
• ELBA-2024-4253 Oracle Linux 8 policycoreutils bug fix update
• ELBA-2024-4251 Oracle Linux 8 pam bug fix update
• ELBA-2024-4254 Oracle Linux 8 kmod-redhat-oracleasm bug fix update
• ELSA-2024-4245 Moderate: Oracle Linux 8 python3 security update
• ELBA-2024-4230 Oracle Linux 8 cockpit-appstream bug fix update
• ELSA-2024-4312 Important: Oracle Linux 9 openssh security update
• ELBA-2024-12473 Oracle Linux 7 chkconfig bug fix update (aarch64)
• ELBA-2024-12473 Oracle Linux 7 chkconfig bug fix update
• ELSA-2024-4252 Moderate: Oracle Linux 8 nghttp2 security update
• ELSA-2024-4243 Moderate: Oracle Linux 8 python3 security update
• ELSA-2024-4235 Important: Oracle Linux 8 389-ds security update
• ELBA-2024-4229 Oracle Linux 8 cloud-init bug fix update

Red Hat Enterprise Linux

• RHSA-2024:4179: Important: pki-core security update
• RHSA-2024:3617: Moderate: Kube Descheduler Operator for Red Hat OpenShift 5.0.1 for RHEL 9
• RHSA-2024:3637: Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.3.0 for RHEL 9
• RHSA-2024:1616: Important: Run Once Duration Override Operator for Red Hat OpenShift 1.1.1 for RHEL 9
• RHSA-2024:4200: Moderate: libreswan security update
• RHSA-2024:4197: Moderate: httpd:2.4/httpd security update
• RHSA-2024:4211: Important: kernel security and bug fix update
• RHSA-2024:4212: Moderate: golang security update
• RHSA-2024:4210: Important: redhat-ds:11 security update
• RHSA-2024:4209: Important: redhat-ds:11 security and bug fix update
• RHSA-2024:4278: Important: qemu-kvm security update
• RHSA-2024:4277: Important: qemu-kvm security update
• RHSA-2024:4276: Important: qemu-kvm security update
• RHSA-2024:4151: Important: OpenShift Container Platform 4.15.20 security update
• RHSA-2024:4242: Moderate: libreoffice security update
• RHSA-2024:4273: Critical: Red Hat OpenStack Platform 16.2.6 security update
• RHSA-2024:4274: Critical: Red Hat OpenStack Platform 17.1.3 (openstack-nova) security update
• RHSA-2024:4272: Critical: Red Hat OpenStack Platform 17.1.3 security update
• RHSA-2024:4150: Moderate: OpenShift Container Platform 4.15.20 security update
• RHSA-2024:4271: Important: Red Hat AMQ Broker 7.12.1 release and security update
• RHSA-2024:4252: Moderate: nghttp2 security update
• RHSA-2024:4246: Moderate: container-tools security update
• RHSA-2024:4265: Moderate: cups security update
• RHSA-2024:4237: Moderate: go-toolset security update
• RHSA-2024:4259: Moderate: xmlrpc-c security and bug fix update
• RHSA-2024:4243: Moderate: python3 security update
• RHSA-2024:4247: Moderate: libuv security update
• RHSA-2024:4249: Low: c-ares security update
• RHSA-2024:4262: Moderate: linux-firmware security update
• RHSA-2024:4260: Moderate: python-idna security update
• RHSA-2024:4235: Important: 389-ds security update
• RHSA-2024:4241: Moderate: iperf3 security update
• RHSA-2024:4231: Moderate: python-jinja2 security update
• RHSA-2024:4264: Low: openldap security update
• RHSA-2024:4244: Moderate: python3.11-PyMySQL security update
• RHSA-2024:4267: Moderate: fontforge security update
• RHSA-2024:4256: Important: less security update
• RHSA-2024:4227: Moderate: python-pillow security update
• RHSA-2024:4245: Moderate: python3 security update
• RHSA-2024:4222: Important: pki-core security update
• RHSA-2024:4269: Moderate: OpenShift Virtualization 4.12.12 Images security update
• RHSA-2024:4223: Important: Red Hat Certificate System security and bug fix update
• RHSA-2024:4312: Important: openssh security update
• RHSA-2024:4159: Important: OpenShift Container Platform 4.16.1 packages and security update
• RHSA-2024:4156: Important: OpenShift Container Platform 4.16.1 bug fix and security update
• RHSA-2024:4340: Important: openssh security update

Rocky Linux

• RLSA-2024:4002: Important: thunderbird security update
• RLSA-2024:4050: Moderate: libreswan security update
• RLSA-2024:4083: Important: git security update
• RLSA-2024:3955: Important: firefox security update
• RLBA-2024:3995: qemu-kvm bug fix update
• RLSA-2024:4077: Important: python3.11 security update
• RLSA-2024:3999: Important: ghostscript security update
• RLSA-2024:3959: Important: flatpak security update
• RLSA-2024:4078: Important: python3.9 security update
• RLBA-2024:3982: selinux-policy bug fix update
• RLBA-2024:4049: sos bug fix and enhancement update
• RLBA-2024:3983: kernel bug fix update
• RLSA-2024:3954: Important: firefox security update
• RLSA-2024:4197: Moderate: httpd:2.4/httpd security update
• RLSA-2024:3968: Moderate: container-tools:rhel8 bug fix and enhancement update
• RLSA-2024:3961: Important: flatpak security update
• RLSA-2024:4036: Important: thunderbird security update
• RLSA-2024:4084: Important: git security update
• RLSA-2024:4000: Important: ghostscript security update
• RLSA-2024:4165: Important: pki-core security update

SUSE Linux

• openSUSE-SU-2024:0187-1: important: Security update for opera

Ubuntu Linux

• [USN-6855-1] libcdio vulnerability
• [USN-6859-1] OpenSSH vulnerability
• [USN-6858-1] eSpeak NG vulnerabilities
• [USN-6851-2] Netplan regression
• [USN-6844-2] CUPS regression
• [USN-6860-1] OpenVPN vulnerabilities
• [USN-6862-1] Firefox vulnerabilities
• [USN-6305-3] PHP regression
• [USN-6873-1] Linux kernel vulnerabilities
• [USN-6863-1] Linux kernel vulnerability
• [USN-6871-1] Linux kernel (HWE) vulnerabilities
• [USN-6872-1] Linux kernel vulnerabilities
• [USN-6874-1] Linux kernel (Azure) vulnerabilities
• [USN-6870-1] Linux kernel vulnerabilities
• [USN-6875-1] Linux kernel (Azure) vulnerabilities
• [USN-6864-1] Linux kernel vulnerabilities
• [USN-6869-1] Linux kernel vulnerabilities
• [USN-6866-1] Linux kernel vulnerabilities
• [USN-6865-1] Linux kernel vulnerabilities
• [USN-6868-1] Linux kernel vulnerabilities
• [USN-6867-1] Linux kernel vulnerabilities
• [USN-6877-1] LibreOffice vulnerability
• [USN-6876-1] Kopano Core vulnerabilities
• [USN-6879-1] Virtuoso Open-Source Edition vulnerabilities
• [USN-6878-1] Linux kernel (Oracle) vulnerabilities
• [USN-6870-2] Linux kernel (AWS) vulnerabilities
• [USN-6866-2] Linux kernel (Azure) vulnerabilities
• [USN-6872-2] Linux kernel vulnerabilities
• [USN-6873-2] Linux kernel (StarFive) vulnerabilities
• [USN-6864-2] Linux kernel vulnerabilities