Here a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
AlmaLinux
- ALSA-2022:7288 Important: openssl security update
- ALSA-2022:6964 Important: nodejs:16 security update
- ALSA-2022:7089 Important: libksba security update
- ALSA-2022:7090 Important: libksba security update
- ALSA-2022:7105 Moderate: gnutls security update
- ALSA-2022:7106 Moderate: zlib security update
- ALSA-2022:7108 Moderate: sqlite security update
- ALSA-2022:7110 Important: kernel security, bug fix, and enhancement update
- ALSA-2022:7111 Moderate: samba security and bug fix update
- ALSA-2022:7129 Moderate: git-lfs security and bug fix update
- ALSA-2022:7133 Moderate: 389-ds:1.4 security update
- ALSA-2022:7178 Important: thunderbird security update
- ALSA-2022:7185 Important: device-mapper-multipath security update
- ALSA-2022:7128 Moderate: postgresql:12 security update
- ALSA-2022:7314 Moderate: zlib security update
- ALSA-2022:7318 Important: kernel security, bug fix, and enhancement update
- ALSA-2022:7319 Important: kernel-rt security and bug fix update
- ALSA-2022:7323 Moderate: python3.9 security update
- ALSA-2022:7326 Important: pki-core security update
- ALSA-2022:7329 Moderate: lua security update
Debian GNU/Linux
- ELA-720-1 bluez security update
- DLA 3170-1: thunderbird security update
- ELA-721-1 libxml2 security update
- DLA 3172-1: libxml2 security update
- DSA 5266-1: expat security update
- DSA 5267-1: pysha3 security update
- ELA-722-1 distro-info-data database update
- DLA 3174-1: pysha3 security update
- DLA 3175-1: python3.7 security update
- DLA 3173-1: linux-5.10 security update
- DSA 5268-1: ffmpeg security update
- DSA 5269-1: pypy3 security update
- DLA 3176-1: clickhouse security update
- DLA 3171-1: distro-info-data database update
- DSA 5270-1: ntfs-3g security update
- DLA 3178-1: ffmpeg security update
- ELA-723-1 linux-5.10 security update
- DLA-3177-1: python-django security update
- DSA 5271-1: libxml2 security update
Fedora Linux
- Fedora 36 Update: curl-7.82.0-9.fc36
- Fedora 36 Update: cacti-1.2.22-1.fc36
- Fedora 36 Update: cacti-spine-1.2.22-1.fc36
- Fedora 36 Update: mbedtls-2.28.1-1.fc36
- Fedora 36 Update: xen-4.16.2-2.fc36
- Fedora 35 Update: cacti-spine-1.2.22-1.fc35
- Fedora 35 Update: cacti-1.2.22-1.fc35
- Fedora Linux 37 RC 1.5 released
- Fedora 35 Update: php-8.0.25-1.fc35
- Fedora 35 Update: libksba-1.6.2-1.fc35
- Fedora 37 Update: openssl-3.0.5-3.fc37
- Fedora 37 Update: libksba-1.6.2-1.fc37
- Fedora 36 Update: openssl-3.0.5-2.fc36
- Fedora Linux 36-20221101 Updated ISOs released
- Fedora 35 Update: git-2.38.1-1.fc35
- Fedora 35 Update: java-11-openjdk-11.0.17.0.8-2.fc35
- Fedora 35 Update: java-1.8.0-openjdk-1.8.0.352.b08-2.fc35
- Fedora 35 Update: java-17-openjdk-17.0.5.0.8-2.fc35
- Fedora 35 Update: drupal7-7.92-1.fc35
- Fedora 36 Update: php-8.1.12-1.fc36
- Fedora 36 Update: java-17-openjdk-17.0.5.0.8-2.fc36
- Fedora 36 Update: java-11-openjdk-11.0.17.0.8-2.fc36
- Fedora 36 Update: java-1.8.0-openjdk-1.8.0.352.b08-2.fc36
- Fedora 35 Update: firefox-106.0.3-1.fc35
- Fedora 35 Update: ghc-cmark-gfm-0.2.5-1.fc35
- Fedora 35 Update: java-latest-openjdk-19.0.1.0.10-2.rolling.fc35
- Fedora 36 Update: vim-9.0.828-1.fc36
- Fedora 36 Update: ghc-cmark-gfm-0.2.5-1.fc36
- Fedora 36 Update: java-latest-openjdk-19.0.1.0.10-2.rolling.fc36
Gentoo Linux
- GLSA 202210-19 : Apptainer: Lack of Digital Signature Hash Verification
- GLSA 202210-28 : exif: Denial of Service
- GLSA 202210-14 : Gitea: Multiple Vulnerabilities
- GLSA 202210-15 : GDAL: Heap Buffer Overflow
- GLSA 202210-17 : JHead: Multiple Vulnerabilities
- GLSA 202210-10 : LibTIFF: Multiple Vulnerabilities
- GLSA 202210-18 : Sofia-SIP: Multiple Vulnerabilities
- GLSA 202210-24 : FreeRDP: Multiple Vulnerabilities
- GLSA 202210-20 : Nicotine+: Denial of Service
- GLSA 202210-30 : X.Org X server, XWayland: Multiple Vulnerabilities
- GLSA 202210-21 : FasterXML jackson-databind: Multiple vulnerabilities
- GLSA 202210-12 : Lighttpd: Denial of Service
- GLSA 202210-22 : RPM: Multiple Vulnerabilities
- GLSA 202210-29 : Net-SNMP: Multiple Vulnerabilities
- GLSA 202210-25 : ISC BIND: Multiple Vulnerabilities
- GLSA 202210-11 : schroot: Denial of Service
- GLSA 202210-13 : libgcrypt: Multiple Vulnerabilities
- GLSA 202210-31 : OpenEXR: Multiple Vulnerabilities
- GLSA 202210-16 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
- GLSA 202210-33 : Libtirpc: Denial of Service
- GLSA 202210-26 : Shadow: TOCTOU Race
- GLSA 202210-23 : libksba: Remote Code Execution
- GLSA 202210-32 : hiredis, hiredis-py: Multiple Vulnerabilities
- GLSA 202210-27 : open-vm-tools: Local Privilege Escalation
- GLSA 202210-42 : zlib: Multiple vulnerabilities
- GLSA 202210-38 : Expat: Denial of Service
- GLSA 202210-39 : libxml2: Multiple Vulnerabilities
- GLSA 202210-36 : libjxl: Denial of Service
- GLSA 202210-37 : PJSIP: Multiple Vulnerabilities
- GLSA 202210-40 : SQLite: Multiple Vulnerabilities
- GLSA 202210-41 : android-tools: Multiple Vulnerabilities
- GLSA 202210-34 : Mozilla Firefox: Multiple Vulnerabilities
- GLSA 202210-35 : Mozilla Thunderbird: Multiple Vulnerabilities
- GLSA-202211-01 : OpenSSL: Multiple Vulnerabilities
Oracle Linux
- ELSA-2022-9962 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) expat security update
- ELBA-2022-9928 Oracle Linux 6 Extended Lifecycle Support (ELS) tzdata bug fix update
- ELBA-2022-9929 Oracle Linux 6 Extended Lifecycle Support (ELS) tzdata bug fix update
- ELSA-2022-9967 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) compat-expat1 security update
- ELBA-2022-7240 Oracle Linux 8 container-tools:ol8 bug fix and enhancement update
- ELSA-2022-9969 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
- ELSA-2022-9969 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
- ELSA-2022-7288 Important: Oracle Linux 9 openssl security update
- ELBA-2022-7342 Oracle Linux 7 ipa bug fix and enhancement update (aarch64)
- ELSA-2022-7340 Moderate: Oracle Linux 7 php-pear security update (aarch64)
- ELBA-2022-7345 Oracle Linux 7 fltk bug fix and enhancement update (aarch64)
- ELSA-2022-7340 Moderate: Oracle Linux 7 php-pear security update
- ELBA-2022-7327 Oracle Linux 9 ansible-freeipa bug fix and enhancement update
- ELSA-2022-7343 Important: Oracle Linux 7 pcs security update (aarch64)
- ELEA-2022-7341 Oracle Linux 7 lftp bug fix and enhancement update
- ELSA-2022-7326 Important: Oracle Linux 9 pki-core security update
- ELEA-2022-7341 Oracle Linux 7 lftp bug fix and enhancement update (aarch64)
- ELBA-2022-7345 Oracle Linux 7 fltk bug fix and enhancement update
- ELBA-2022-7336 Oracle Linux 7 slapi-nis bug fix and enhancement update
- ELSA-2022-7343 Important: Oracle Linux 7 pcs security update
- ELSA-2022-7329 Moderate: Oracle Linux 9 lua security update
- ELBA-2022-7336 Oracle Linux 7 slapi-nis bug fix and enhancement update (aarch64)
- ELBA-2022-7342 Oracle Linux 7 ipa bug fix and enhancement update
- ELBA-2022-7324 Oracle Linux 9 libgcrypt bug fix and enhancement update
- ELEA-2022-7320 Oracle Linux 9 ostree bug fix and enhancement update
- ELBA-2022-7322 Oracle Linux 9 rpm bug fix and enhancement update
- ELSA-2022-7323 Moderate: Oracle Linux 9 python3.9 security update
- ELBA-2022-7321 Oracle Linux 9 cockpit bug fix and enhancement update
- ELBA-2022-7315 Oracle Linux 9 opencryptoki bug fix and enhancement update
- ELBA-2022-9972 Oracle Linux 9 gnutls bug fix update
- ELSA-2022-7314 Moderate: Oracle Linux 9 zlib security update
- ELSA-2022-7337 Important: Oracle Linux 7 kernel security and bug fix update
- ELBA-2022-7404 Oracle Linux 7 tzdata bug fix and enhancement update
- ELBA-2022-9979 Oracle Linux 6 Extended Lifecycle Support (ELS) tzdata bug fix update
- ELSA-2022-7318 Important: Oracle Linux 9 kernel security, bug fix, and enhancement update
- ELBA-2022-7404 Oracle Linux 7 tzdata bug fix and enhancement update (aarch64)
- ELBA-2022-7339 Oracle Linux 7 microcode_ctl bug fix and enhancement update
- ELBA-2022-7317 Oracle Linux 9 microcode_ctl bug fix and enhancement update
- ELBA-2022-7404 Oracle Linux 9 tzdata bug fix and enhancement update
- ELBA-2022-7404 Oracle Linux 8 tzdata bug fix and enhancement update
Red Hat Enterprise Linux
- RHSA-2022:7261-01: Moderate: OpenShift API for Data Protection (OADP) 1.0.5 security and bug fix update
- RHSA-2022:7268-01: Important: Red Hat OpenStack Platform 13.0 (openvswitch2.11) security update
- RHSA-2022:7276-01: Moderate: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates
- RHSA-2022:7288-01: Important: openssl security update
- RHSA-2022:7280-01: Important: kernel-rt security and bug fix update
- RHSA-2022:7279-01: Important: kernel security and bug fix update
- RHSA-2022:7283-01: Important: libksba security update
- RHSA-2022:7330-01: Important: kpatch-patch security update
- RHSA-2022:7318-01: Important: kernel security, bug fix, and enhancement update
- RHSA-2022:7338-01: Important: kernel-rt security and bug fix update
- RHSA-2022:7323-01: Moderate: python3.9 security update
- RHSA-2022:7329-01: Moderate: lua security update
- RHSA-2022:7314-01: Moderate: zlib security update
- RHSA-2022:7343-01: Important: pcs security update
- RHSA-2022:7313-01: Moderate: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes
- RHSA-2022:7326-01: Important: pki-core security update
- RHSA-2022:7337-01: Important: kernel security and bug fix update
- RHSA-2022:7344-01: Important: kpatch-patch security update
- RHSA-2022:7340-01: Moderate: php-pear security update
- RHSA-2022:7319-01: Important: kernel-rt security and bug fix update
- RHSA-2022:7384-01: Critical: openssl-container security update
- RHSA-2022:7272-01: Moderate: Red Hat JBoss Web Server 5.7.0 release and security update
- RHSA-2022:7201-01: Important: OpenShift Container Platform 4.11.12 security update
- RHSA-2022:7211-01: Important: OpenShift Container Platform 4.10.39 bug fix and security update
- RHSA-2022:7273-01: Moderate: Red Hat JBoss Web Server 5.7.0 release and security update
- RHSA-2022:7216-01: Important: OpenShift Container Platform 4.9.51 bug fix and security update
- RHSA-2022:7410-01: Moderate: Red Hat Single Sign-On 7.6.1 security update on RHEL 8
- RHSA-2022:7407-01: Moderate: Service Binding Operator 1.3.1 security update
- RHSA-2022:7417-01: Moderate: Red Hat Single Sign-On 7.6.1 security update
- RHSA-2022:7411-01: Moderate: Red Hat Single Sign-On 7.6.1 security update on RHEL 9
- RHSA-2022:7409-01: Moderate: Red Hat Single Sign-On 7.6.1 security update on RHEL 7
Slackware Linux
- PHP80/PHP81 (SSA:2022-304-02)
- Vim (SSA:2022-304-01)
- Mozilla-nss (SSA:2022-307-01)
- Sudo (SSA:2022-309-01)
SUSE Linux
- openSUSE-SU-2022:10170-1: moderate: Security update for cacti, cacti-spine
- openSUSE-SU-2022:10170-1: moderate: Security update for cacti, cacti-spine
- openSUSE-SU-2022:10171-1: important: Security update for pdns-recursor
- openSUSE-SU-2022:10169-1: important: Security update for libmad
- openSUSE-SU-2022:10168-1: important: Security update for exim
- openSUSE-SU-2022:10179-1: important: Security update for jhead
- openSUSE-SU-2022:10181-1: important: Security update for opera
- openSUSE-SU-2022:10178-1: important: Security update for jhead
- openSUSE-SU-2022:10182-1: important: Security update for opera
- openSUSE-SU-2022:10177-1: important: Security update for chromium
- SUSE-SU-2022:3809-1: important: Security update for the Linux Kernel
- SUSE-SU-2022:3820-1: moderate: Security update for podman
- SUSE-SU-2022:3819-1: moderate: Security update for podman
- openSUSE-SU-2022:10180-1: important: Security update for chromium
- openSUSE-SU-2022:10183-1: moderate: Security update for pyenv
- SUSE-SU-2022:3834-1: moderate: Security update for python-Flask-Security
- SUSE-SU-2022:3833-1: moderate: Security update for podofo
- SUSE-SU-2022:3823-1: important: Security update for hsqldb
- SUSE-SU-2022:3835-1: moderate: Security update for nodejs10
- SUSE-SU-2022:3829-1: important: Security update for hdf5
- SUSE-SU-2022:3836-1: moderate: Security update for python-lxml
- SUSE-SU-2022:3830-1: moderate: Security update for php7
- SUSE-SU-2022:3827-1: important: Security update for hdf5
- SUSE-SU-2022:3837-1: moderate: Security update for gnome-desktop
- SUSE-SU-2022:3844-1: important: Security update for the Linux Kernel
- SUSE-SU-2022:3843-1: critical: Security update for openssl-3
- openSUSE-SU-2022:10185-1: important: Security update for EternalTerminal
- openSUSE-SU-2022:10186-1: important: Security update for privoxy
- openSUSE-SU-2022:10187-1: important: Security update for EternalTerminal
- SUSE-SU-2022:3857-1: important: Security update for xorg-x11-server
- SUSE-SU-2022:3862-1: important: Security update for xorg-x11-server
- SUSE-SU-2022:3866-1: important: Security update for ntfs-3g_ntfsprogs
- SUSE-SU-2022:3867-1: moderate: Security update for python-Flask-Security-Too
- SUSE-SU-2022:3868-1: moderate: Security update for rubygem-loofah
- SUSE-SU-2022:3871-1: important: Security update for libxml2
- SUSE-SU-2022:3875-1: important: Security update for xmlbeans
Ubuntu Linux
- USN-5707-1: Libtasn1 vulnerability
- USN-5708-1: backport-iwlwifi-dkms vulnerabilities
- USN-5709-1: Firefox vulnerabilities
- USN-5710-1: OpenSSL vulnerabilities
- USN-5711-1: NTFS-3G vulnerability
- USN-5713-1: Python vulnerability
- USN-5711-2: NTFS-3G vulnerability
- USN-5712-1: SQLite vulnerability
- DLA 3171-1: distro-info-data database update
