Here is a roundup of last week's Linux security updates forĀ Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
Debian GNU/Linux
- DSA 5530-1: ruby-rack security update
- DLA 3625-1: ruby-rmagick security update
- DLA 3626-1: krb5 security update
- DSA 5531-1: roundcube security update
- ELA-987-1 krb5 security update
- DLA 3628-1: dbus security update
- DLA 3627-1: redis security update
- ELA-989-1 dbus security update
- ELA-988-1 redis security update
- DLA 3629-1: ceph security update
- DLA 3630-1: roundcube security update
- DSA 5533-1: gst-plugins-bad1.0 security update
- DSA 5532-1: openssl security update
- DLA 3631-1: xorg-server security update
- DSA 5534-1: xorg-server security update
- DSA 5535-1: firefox-esr security update
- ELA-991-1 linux-5.10 security update
- ELA-990-1 xorg-server security update
- DSA 5536-1: chromium security update
- DLA 3632-1: firefox-esr security update
- DSA 5537-1: openjdk-11 security update
- ELA-992-1 openjdk-8 security update
- DLA 3635-1: node-browserify-sign security update
- DLA 3634-1: nss security update
- DSA 5538-1: thunderbird security update
- DLA 3633-1: gst-plugins-bad1.0 security update
- ELA-993-1 gst-plugins-bad1.0 security update
Fedora Linux
- Fedora 38 Update: vim-9.0.2048-1.fc38
- Fedora 37 Update: vim-9.0.2048-1.fc37
- Fedora 37 Update: python-django-4.1.12-1.fc37
- Fedora 37 Update: python-asgiref-3.5.2-1.fc37
- Fedora 37 Update: mingw-xerces-c-3.2.4-1.fc37
- Fedora 37 Update: libvpx-1.12.0-4.fc37
- Fedora 38 Update: wdt-1.32.1910230^20230711git3b52ef5-2.fc38
- Fedora 38 Update: mvfst-2023.10.16.00-1.fc38
- Fedora 38 Update: cachelib-17^20231016-1.fc38
- Fedora 38 Update: watchman-2021.05.10.00-24.fc38
- Fedora 38 Update: wangle-2023.10.16.00-1.fc38
- Fedora 38 Update: proxygen-2023.10.16.00-1.fc38
- Fedora 38 Update: folly-2023.10.16.00-1.fc38
- Fedora 38 Update: fb303-2023.10.16.00-1.fc38
- Fedora 38 Update: fbthrift-2023.10.16.00-1.fc38
- Fedora 38 Update: fizz-2023.10.16.00-1.fc38
- Fedora 38 Update: mcrouter-0.41.0.20231016-1.fc38
- Fedora 38 Update: nodejs18-18.18.2-1.fc38
- Fedora 38 Update: nats-server-2.10.3-1.fc38
- Fedora 37 Update: proxygen-2023.10.16.00-1.fc37
- Fedora 37 Update: watchman-2021.05.10.00-24.fc37
- Fedora 37 Update: wdt-1.32.1910230^20230711git3b52ef5-2.fc37
- Fedora 37 Update: fb303-2023.10.16.00-1.fc37
- Fedora 37 Update: wangle-2023.10.16.00-1.fc37
- Fedora 37 Update: mcrouter-0.41.0.20231016-1.fc37
- Fedora 37 Update: mvfst-2023.10.16.00-1.fc37
- Fedora 37 Update: folly-2023.10.16.00-1.fc37
- Fedora 37 Update: fbthrift-2023.10.16.00-1.fc37
- Fedora 37 Update: fizz-2023.10.16.00-1.fc37
- Fedora 37 Update: cachelib-17^20231016-1.fc37
- Fedora 37 Update: matrix-synapse-1.80.0-7.fc37
- Fedora 38 Update: dotnet6.0-6.0.123-1.fc38
- Fedora 38 Update: dotnet7.0-7.0.112-1.fc38
- Fedora 38 Update: roundcubemail-1.6.4-1.fc38
- Fedora 37 Update: dotnet6.0-6.0.123-1.fc37
- Fedora 37 Update: dotnet7.0-7.0.112-1.fc37
- Fedora 37 Update: roundcubemail-1.6.4-1.fc37
- Fedora 37 Update: wordpress-6.2.3-1.fc37
- Fedora 37 Update: nodejs20-20.8.1-1.fc37
- Fedora 37 Update: nodejs18-18.18.2-1.fc37
- Fedora 37 Update: mbedtls-2.28.5-1.fc37
- Fedora 38 Update: firefox-119.0-1.fc38
- Fedora 38 Update: nodejs20-20.8.1-1.fc38
- Fedora 38 Update: xen-4.17.2-4.fc38
- Fedora 38 Update: redis-7.0.14-1.fc38
- Fedora 37 Update: firefox-119.0-1.fc37
- Fedora 37 Update: redis-7.0.14-1.fc37
- Fedora 37 Update: xen-4.16.5-3.fc37
- Fedora 37 Update: samba-4.17.12-1.fc37
- Fedora 37 Update: nghttp2-1.51.0-2.fc37
- Fedora 37 Update: curl-7.85.0-12.fc37
- Fedora 38 Update: chromium-118.0.5993.117-1.fc38
- Fedora 38 Update: xorg-x11-server-Xwayland-22.1.9-3.fc38
Gentoo Linux
- GLSA 202310-16: Ubiquiti UniFi: remote code execution via bundled log4j
- GLSA 202310-15: USBView: root privilege escalation via insecure polkit settings
- GLSA 202310-14: libinput: format string vulnerability when using xf86-input-libinput
Oracle Linux
- New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2023-12874)
- ELSA-2023-5927 Important: Oracle Linux 8 php:8.0 security update
- ELSA-2023-5929 Important: Oracle Linux 9 tomcat security update
- ELBA-2023-12916 Oracle Linux 9 oracle-database-preinstall-19c bug fix update
- ELSA-2023-5863 Moderate: Oracle Linux 8 grafana security update
- ELBA-2023-12931 Oracle Linux 7 pcp bug fix update
- New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (CVE-2023-4911)
- ELSA-2023-5765 Important: Oracle Linux 9 nodejs security update
- ELSA-2023-5867 Moderate: Oracle Linux 9 grafana security update
- ELSA-2023-5849 Important: Oracle Linux 9 18 security update
- ELSA-2023-5926 Important: Oracle Linux 9 php security update
- ELSA-2023-5850 Important: Oracle Linux 8 nodejs:16 security update
- ELSA-2023-5869 Important: Oracle Linux 8 nodejs:18 security update
- ELSA-2023-0187 Moderate: Oracle Linux 6 Extended Lifecycle Support (ELS) kernel security update
- ELSA-2023-12946 Important: Oracle Linux 7 dnsmasq security update (aarch64)
- ELSA-2023-12945 Important: Oracle Linux 7 dnsmasq security update
- ELSA-2023-5924 Important: Oracle Linux 9 varnish security update
- ELSA-2023-5997 Important: Oracle Linux 8 python3 security update
- ELSA-2023-5994 Important: Oracle Linux 8 python27:2.7 security update
- ELSA-2023-5989 Important: Oracle Linux 8 varnish security update
- ELSA-2023-5928 Important: Oracle Linux 8 tomcat security update
- New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9 (ELSA-2023-12858)
- ELBA-2023-12932 Oracle Linux 7 pcp bug fix update (aarch64)
- ELBA-2023-12948 Oracle Linux 9 pcp bug fix update
- ELSA-2023-5068 Moderate: Oracle Linux 9 linux-firmware security update
- ELSA-2023-5998 Important: Oracle Linux 8 python39:3.9 and python39-devel:3.9 security update
- ELBA-2023-12949 Oracle Linux 8 systemd bug fix update
- ELBA-2023-12947 Oracle Linux 8 pcp bug fix update
Red Hat Enterprise Linux
- RHSA-2023:6020: Important: varnish:6 security update
- RHSA-2023:6023: Important: varnish:6 security update
- RHSA-2023:5997: Important: python3 security update
- RHSA-2023:5998: Important: python39:3.9 and python39-devel:3.9 security update
- RHSA-2023:5994: Important: python27:2.7 security update
- RHSA-2023:5996: Important: python3 security update
- RHSA-2023:5995: Important: python3 security update
- RHSA-2023:5989: Important: varnish security update
- RHSA-2023:5991: Important: python27:2.7 security update
- RHSA-2023:6061: Important: Red Hat OpenShift Pipelines 1.12.1 release and security update
- RHSA-2023:6059: Important: Red Hat OpenShift Pipelines Client tkn for 1.12.1 release and security update
- RHSA-2023:6057: Critical: toolbox security update
- RHSA-2023:6048: Important: ACS 4.2 enhancement and security update
- RHSA-2023:6044: Important: Cost Management security update
- RHSA-2023:6042: Important: Self Node Remediation Operator 0.5.1 security update
- RHSA-2023:6041: Important: Self Node Remediation Operator 0.7.1 security update
- RHSA-2023:6040: Important: Node Maintenance Operator 5.2.1 security update
- RHSA-2023:6039: Important: Node Maintenance Operator 5.0.1 security update
- RHSA-2023:6031: Important: Cryostat security update
- RHSA-2023:6030: Important: Red Hat AMQ Streams 2.2.2 release and security update
- RHSA-2023:6069: Important: python39:3.9 and python39-devel:3.9 security update
- RHSA-2023:5902: Important: OpenShift Container Platform 4.13.18 security update
- RHSA-2023:5895: Important: OpenShift Container Platform 4.12.40 security and extras update
- RHSA-2023:6085: Important: Red Hat OpenShift distributed tracing security update
- RHSA-2023:6084: Important: RHACS 3.74 enhancement and security update
- RHSA-2023:6080: Important: Red Hat Integration Camel for Spring Boot 4.0.1 release security update
- RHSA-2023:6079: Important: Red Hat Integration Camel for Spring Boot 3.20.3 release and security update
- RHSA-2023:6077: Moderate: toolbox security update
- RHSA-2023:5542: Important: Logging Subsystem 5.5.17 - Red Hat OpenShift security update
- RHSA-2023:6071: Important: RHACS 4.0 enhancement and security update
- RHSA-2023:6068: Important: python39:3.9 and python39-devel:3.9 security update
- RHSA-2023:5896: Important: OpenShift Container Platform 4.12.40 bug fix and security update
- RHSA-2023:6112: Important: Red Hat Process Automation Manager 7.13.4 security one-off update
- RHSA-2023:6107: Important: Updated Kogito for Red Hat Process Automation Manager 7.13.4 SP1 Images
- RHSA-2023:5933: Important: OpenShift Secondary Scheduler Operator 1.1.3 security update
- RHSA-2023:5947: Important: Run Once Duration Override Operator for Red Hat OpenShift 1.0.1 security update
- RHSA-2023:6122: Important: Red Hat Advanced Cluster Management 2.8.3 security and bug fix updates
- RHSA-2023:6121: Important: Migration Toolkit for Containers (MTC) 1.8.1 security and bug fix update
- RHSA-2023:6120: Moderate: nginx:1.22 security update
- RHSA-2023:6119: Important: Multicluster Engine for Kubernetes 2.3.3 security updates and bug fixes
- RHSA-2023:6114: Important: Red Hat support for Spring Boot 2.7.17 security update
- RHSA-2023:6118: Important: OpenShift API for Data Protection security update
- RHSA-2023:6117: Important: Red Hat Integration Camel K 1.10.4 release and security update
- RHSA-2023:6116: Important: OpenShift API for Data Protection (OADP) 1.0.14 security and bug fix update
- RHSA-2023:6115: Important: OpenShift API for Data Protection security update
- RHSA-2023:6106: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP1 security update
- RHSA-2023:6137: Important: Migration Toolkit for Runtimes security update
- RHSA-2023:6138: Important: Migration Toolkit for Runtimes security update
- RHSA-2023:6148: Important: Red Hat Advanced Cluster Management 2.7.9 security and bug fix updates
- RHSA-2023:6145: Important: Multicluster Engine for Kubernetes 2.2.9 security updates and bug fixes
- RHSA-2023:6143: Important: OpenShift Container Platform 4.14.0 CNF vRAN extras security update
- RHSA-2023:6105: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP1 security update
- RHSA-2023:5933: Important: Openshift Secondary Scheduler Operator 1.1.3 security update
- RHSA-2023:6021: Important: varnish:6 security update
- RHSA-2023:6022: Important: varnish:6 security update
Rocky Linux
- RLSA-2023:5738: Important: go-toolset and golang security and bug fix update
- RLSA-2023:5926: Important: php security update
- RLSA-2023:5763: Important: curl security update
- RLSA-2023:5708: Important: dotnet6.0 security update
- RLSA-2023:5838: Important: nghttp2 security update
- RLSA-2023:5749: Important: .NET 7.0 security update
- RLSA-2023:5765: Important: nodejs security update
- RLSA-2023:5924: Important: varnish security update
- RLSA-2023:5742: Moderate: java-11-openjdk security and bug fix update
- RLSA-2023:5850: Important: nodejs:16 security update
- RLSA-2023:5997: Important: python3 security update
- RLSA-2023:5927: Important: php:8.0 security update
- RLSA-2023:5928: Important: tomcat security update
- RLSA-2023:5863: Moderate: grafana security update
- RLSA-2023:5721: Important: go-toolset:rhel8 security update
- RLSA-2023:5989: Important: varnish security update
Slackware Linux
- LibRaw (SSA:2023-295-01)
- Mozilla-Firefox (SSA:2023-297-01)
- VIM (SSA:2023-297-02)
- Mozilla-Thunderbird (SSA:2023-299-01)
- Xorg-Server (SSA:2023-299-02)
SUSE Linux
- SUSE-SU-2023:4162-1: important: Security update for gcc13
- SUSE-SU-2023:4163-1: important: Security update for netty, netty-tcnative
- SUSE-SU-2023:4174-1: important: Security update for xen
- SUSE-SU-2023:4164-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP4)
- SUSE-SU-2023:4165-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP4)
- SUSE-SU-2023:4166-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP4)
- SUSE-SU-2023:4176-1: important: Security update for ruby2.5
- SUSE-SU-2023:4187-1: moderate: Security update for poppler
- SUSE-SU-2023:4189-1: important: Security update for openssl-3
- SUSE-SU-2023:4198-1: important: Security update for java-11-openjdk
- openSUSE-SU-2023:0325-1: important: Security update for chromium
- SUSE-SU-2023:4207-1: important: Security update for nodejs18
- SUSE-SU-2023:4210-1: important: Security update for jetty-minimal
- SUSE-SU-2023:4214-1: important: Security update for MozillaFirefox
- SUSE-SU-2023:4215-1: moderate: Security update for zlib
- SUSE-SU-2023:4217-1: moderate: Security update for zlib
- openSUSE-SU-2023:0329-1: important: Security update for sox
- openSUSE-SU-2023:0328-1: important: Security update for sox
- openSUSE-SU-2023:0334-1: important: Security update for python-bugzilla
- SUSE-SU-2023:4225-1: important: Security update for zchunk
- SUSE-SU-2023:4227-1: important: Security update for open-vm-tools
- SUSE-SU-2023:4222-1: moderate: Security update for libnbd
- SUSE-SU-2023:4220-1: moderate: Security update for python
Ubuntu Linux
- USN-6447-1: AOM vulnerabilities
- USN-6199-2: PHP vulnerability
- USN-6408-2: libXpm vulnerabilities
- USN-6441-2: Linux kernel (GCP) vulnerabilities
- USN-6439-2: Linux kernel (AWS) vulnerabilities
- USN-6403-2: libvpx vulnerabilities
- USN-6448-1: Sofia-SIP vulnerability
- USN-6449-1: FFmpeg vulnerabilities
- USN-6422-2: Ring vulnerabilities
- USN-6445-2: Linux kernel (Intel IoTG) vulnerabilities
- USN-6444-2: Linux kernel (StarFive) vulnerabilities
- USN-6446-2: Linux kernel vulnerabilities
- USN-6438-2: .Net regressions
- USN-6451-1: ncurses vulnerability
- USN-6288-2: MySQL vulnerability
- USN-6450-1: OpenSSL vulnerabilities
- USN-6362-2: .Net regressions
- USN-6435-2: OpenSSL vulnerabilities
- USN-6452-1: Vim vulnerabilities
- USN-6453-1: X.Org X Server vulnerabilities
- USN-6454-1: Linux kernel vulnerabilities
- USN-6446-3: Linux kernel (Oracle) vulnerabilities
