Here is a roundup of this week's security updates released for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, and SUSE Linux. The updates include patches for vulnerable packages such as binutils, curl, Chromium, PHP, PostgreSQL, and more, aiming to enhance the overall security of the systems by patching known issues. Red Hat has also issued updates to address vulnerabilities in the kernel, Git-LFS, webkit2gtk3, mod_md, and Grafana, while SUSE Linux received patches for duc, python311-tornado6, Mozilla Firefox, taglib, and MariaDB, among others.

AlmaLinux

AlmaLinux 8 has received several security updates affecting various packages, including binutils, curl, python39, and others. These updates aim to address potential vulnerabilities in the mentioned packages, with some patches being rated as Important or Moderate. Additionally, other security updates have been released for AlmaLinux, covering container-tools, mod_md, openssh, and more. The updates are meant to enhance the overall security of the system by patching known vulnerabilities.

• ALSA-2025:23382: binutils security update (Moderate)
• ALSA-2025:23383: curl security update (Moderate)
• ALSA-2025:23530: python39:3.9 security update (Important)
• ALSA-2025:23663: webkit2gtk3 security update (Important)
• ALSA-2025:23732: httpd:2.4 security update (Important)
• ALSA-2025:23745: git-lfs security update (Important)
• ALSA-2025:23481: openssh security update (Moderate)
• ALSA-2025:23294: skopeo security update (Moderate)
• ALSA-2025:23306: binutils security update (Moderate)
• ALSA-2025:23295: podman security update (Moderate)
• ALSA-2025:23738: mod_md security update (Important)
• ALSA-2025:23932: httpd security update (Important)
• ALSA-2025:23940: python3.12 security update (Moderate)
• ALSA-2025:23201: keylime security update (Important)
• ALSA-2025:23667: git-lfs security update (Important)
• ALSA-2025:23479: openssh security update (Moderate)
• ALSA-2025:23484: libssh security update (Moderate)
• ALSA-2025:23050: tomcat security update (Important)
• ALSA-2025:23052: tomcat9 security update (Important)
• ALSA-2025:23309: php:8.3 security update (Moderate)
• ALSA-2025:23325: podman security update (Moderate)
• ALSA-2025:23326: skopeo security update (Moderate)
• ALSA-2025:23343: binutils security update (Moderate)
• ALSA-2025:23336: gcc-toolset-13-binutils security update (Moderate)
• ALSA-2025:23342: python3.9 security update (Moderate)
• ALSA-2025:23700: webkit2gtk3 security update (Important)
• ALSA-2025:23323: python3.12 security update (Moderate)
• ALSA-2025:23739: mod_md security update (Important)
• ALSA-2025:23744: git-lfs security update (Important)
• ALSA-2025:23483: libssh security update (Moderate)
• ALSA-2025:23480: openssh security update (Moderate)
• ALSA-2025:23664: opentelemetry-collector security update (Important)
• ALSA-2025:23543: container-tools:rhel8 security update (Important)
• ALSA-2025:23948: grafana security update (Moderate)
• ALSA-2025:23856: thunderbird security update (Important)
• ALSA-2025:23729: opentelemetry-collector security update (Important)

Debian GNU/Linux

Several security updates have been released for Debian GNU/Linux, addressing vulnerabilities in popular packages such as Chromium, PHP, WordPress, and more. The updates also include fixes for the usbmuxd package, which is used to manage iPhone and iPod Touch devices, as well as a patch for the PostgreSQL connection pooler pgbouncer. Additionally, security updates have been released for python-urllib3, Rails, and gst-plugins-good 1.0, among others.

• [DLA 4418-1] python-mechanize security update
• [DLA 4417-1] usbmuxd security update
• [DSA 6089-1] chromium security update
• [DSA 6090-1] rails security update
• [DSA 6088-1] php8.4 security update
• [DSA 6091-1] wordpress security update
• ELA-1599-1 usbmuxd security update
• [DLA 4420-1] postgresql-13 security update
• [DLA 4419-1] gst-plugins-good1.0 security update
• ELA-1600-1 gst-plugins-base1.0 security update
• ELA-1601-1 python-urllib3 security update
• [DLA 4421-1] python-urllib3 security update
• [DLA 4416-1] rails security update
• [DLA 4422-1] pgbouncer security update

Fedora Linux

Several security updates have been released for Fedora Linux, including upgrades to various tools and libraries that affect different versions of the operating system. The updates include patches for packages such as pgAdmin, Moby-Engine, Gobuster, and more, which were made available for both Fedora 42 and Fedora 43. Additionally, there are important security updates available for users running Fedora 42, including mingw-libsoup and RetroArch.

• Fedora 42 Update: pgadmin4-9.11-1.fc42
• Fedora 42 Update: moby-engine-29.1.3-1.fc42
• Fedora 42 Update: gobuster-3.8.2-2.fc42
• Fedora 42 Update: mingw-libpng-1.6.53-1.fc42
• Fedora 43 Update: gobuster-3.8.2-1.fc43
• Fedora 43 Update: pgadmin4-9.11-1.fc43
• Fedora 43 Update: moby-engine-29.1.3-1.fc43
• Fedora 42 Update: mingw-libsoup-2.74.3-14.fc42
• Fedora 42 Update: mingw-glib2-2.84.4-1.fc42
• Fedora 42 Update: mingw-python3-3.11.14-4.fc42
• Fedora 43 Update: mingw-libsoup-2.74.3-14.fc43
• Fedora 43 Update: mingw-python3-3.11.14-4.fc43
• Fedora 43 Update: mingw-glib2-2.86.3-1.fc43
• Fedora 42 Update: retroarch-1.22.0-1.fc42
• Fedora 42 Update: roundcubemail-1.6.12-1.fc42
• Fedora 42 Update: httpd-2.4.66-1.fc42
• Fedora 43 Update: roundcubemail-1.6.12-1.fc43
• Fedora 43 Update: retroarch-1.22.0-1.fc43
• Fedora 42 Update: ov-0.50.2-1.fc42
• Fedora 42 Update: docker-buildkit-0.26.3-1.fc42
• Fedora 43 Update: ov-0.50.2-1.fc43
• Fedora 43 Update: chezmoi-2.68.1-1.fc43
• Fedora 43 Update: subfinder-2.10.1-1.fc43
• Fedora 43 Update: docker-buildkit-0.26.3-1.fc43
• Fedora 42 Update: singularity-ce-4.3.6-1.fc42
• Fedora 43 Update: singularity-ce-4.3.6-1.fc43
• Fedora 43 Update: fluidsynth-2.5.2-1.fc43
• Fedora 43 Update: duc-1.4.6-1.fc43
• Fedora 43 Update: tkimg-2.1.0-1.fc43
• Fedora 43 Update: gdu-5.32.0-1.fc43
• Fedora 42 Update: tkimg-2.1.0-1.fc42
• Fedora 42 Update: gdu-5.32.0-1.fc42

Oracle Linux

Oracle has launched several updates for its Linux platform, including security patches and bug fixes for various releases such as Oracle Linux 10 and version 9. These updates aim to improve the functionality of several packages and address vulnerabilities. The company has also issued security advisories for specific versions of Oracle Linux, like the ELSA-2025-23732 advisory for Oracle Linux 8's httpd:2.4 security updates. Multiple articles have reported on these updates, highlighting various affected components such as NodeJS, Git-LFS, mod_md, and the Unbreakable Enterprise kernel.

• ELSA-2025-23306 Moderate: Oracle Linux 10 binutils security update
• ELBA-2025-23288 Oracle Linux 10 virt-v2v bug fix and enhancement update
• ELBA-2025-23298 Oracle Linux 10 nodejs-packaging bug fix and enhancement update
• ELBA-2025-23303 Oracle Linux 10 man-pages bug fix and enhancement update
• ELBA-2025-23302 Oracle Linux 10 rust-bootupd bug fix and enhancement update
• ELSA-2025-23294 Moderate: Oracle Linux 10 skopeo security update
• ELBA-2025-23297 Oracle Linux 10 net-snmp bug fix and enhancement update
• ELSA-2025-23667 Important: Oracle Linux 10 git-lfs security update
• ELBA-2025-23292 Oracle Linux 10 fence-agents bug fix and enhancement update
• ELSA-2025-23336 Moderate: Oracle Linux 9 gcc-toolset-13-binutils security update
• ELSA-2025-23738 Important: Oracle Linux 10 mod_md security update
• ELEA-2025-23332 Oracle Linux 9 nodejs:24 bug fix and enhancement update
• ELSA-2025-23744 Important: Oracle Linux 9 git-lfs security update
• ELSA-2025-23739 Important: Oracle Linux 9 mod_md security update
• ELBA-2025-23317 Oracle Linux 9 nodejs:24 bug fix and enhancement update
• ELSA-2025-23745 Important: Oracle Linux 8 git-lfs security update
• ELBA-2025-23363 Oracle Linux 8 rest bug fix and enhancement update
• ELBA-2025-23362 Oracle Linux 8 gnome-autoar bug fix and enhancement update
• ELBA-2025-28058 Oracle Linux 8 oVirt 4.5 ovirt-engine bug fix update
• ELSA-2025-28067 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
• ELSA-2025-23919 Important: Oracle Linux 9 httpd security update
• ELSA-2025-23856 Important: Oracle Linux 9 thunderbird security update
• ELBA-2025-23318 Oracle Linux 9 python-jmespath bug fix and enhancement update
• ELBA-2025-23313 Oracle Linux 9 java-17-openjdk bug fix update
• ELSA-2025-28067 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
• ELSA-2025-28067 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
• ELSA-2025-28068 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
• ELSA-2025-23948 Moderate: Oracle Linux 8 grafana security update
• ELSA-2025-23374 Moderate: Oracle Linux 8 container-tools:rhel8 security update
• ELSA-2025-28068 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
• ELBA-2025-28064 Oracle Linux 8 systemd bug fix update
• ELSA-2025-28068 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
• ELSA-2025-23543 Important: Oracle Linux 8 container-tools:rhel8 security update
• ELSA-2025-23530 Important: Oracle Linux 8 python39:3.9 security update
• ELBA-2025-23372 Oracle Linux 8 httpd:2.4 bug fix and enhancement update
• ELBA-2025-23370 Oracle Linux 8 osinfo-db bug fix and enhancement update
• ELSA-2025-28066 Important: Unbreakable Enterprise kernel security update
• ELSA-2025-23940 Moderate: Oracle Linux 10 python3.12 security update
• ELSA-2025-23932 Important: Oracle Linux 10 httpd security update
• ELBA-2025-23290 Oracle Linux 10 java-21-openjdk bug fix update
• ELSA-2025-28066 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
• ELSA-2025-23732 Important: Oracle Linux 8 httpd:2.4 security update

Red Hat Enterprise Linux

Red Hat has released several security updates to address vulnerabilities in various packages, including kernel, Git-LFS, webkit2gtk3, mod_md, and Grafana. These updates have been rated as having a moderate or important security impact by Red Hat Product Security. The company also issued updates for rsync, keylime, go-rpm-macros, kernel, grafana, and httpd, which are available through CVE links. The WebKitGTK4 and webkit2gtk3 packages were updated to address vulnerabilities with an important security impact rated by CVSS base scores.

• RHSA-2025:23789: Moderate: kernel security update
• RHSA-2025:23744: Important: git-lfs security update
• RHSA-2025:23745: Important: git-lfs security update
• RHSA-2025:23742: Important: webkit2gtk3 security update
• RHSA-2025:23739: Important: mod_md security update
• RHSA-2025:23743: Important: webkit2gtk3 security update
• RHSA-2025:23737: Moderate: go-toolset:rhel8 security update
• RHSA-2025:23746: Moderate: grafana security update
• RHSA-2025:23747: Moderate: grafana security update
• RHSA-2025:23733: Moderate: go-toolset:rhel8 security update
• RHSA-2025:23741: Moderate: go-toolset:rhel8 security update
• RHSA-2025:23732: Important: httpd:2.4 security update
• RHSA-2025:23735: Important: keylime security update
• RHSA-2025:23736: Moderate: grafana security update
• RHSA-2025:23738: Important: mod_md security update
• RHSA-2025:23740: Moderate: go-toolset:rhel8 security update
• RHSA-2025:23731: Low: RHEL AI 3.0 hdf5 security update
• RHSA-2025:23730: Important: kpatch-patch-5_14_0-611_9_1 security update
• RHSA-2025:23729: Important: opentelemetry-collector security update
• RHSA-2025:23858: Moderate: rsync security update
• RHSA-2025:23854: Moderate: rsync security update
• RHSA-2025:23852: Important: keylime security update
• RHSA-2025:23853: Moderate: rsync security update
• RHSA-2025:23851: Moderate: go-rpm-macros security update
• RHSA-2025:23842: Moderate: rsync security update
• RHSA-2025:23834: Moderate: go-rpm-macros security update
• RHSA-2025:23833: Moderate: go-rpm-macros security update
• RHSA-2025:23947: Moderate: kernel security update
• RHSA-2025:23948: Moderate: grafana security update
• RHSA-2025:23960: Moderate: kernel-rt security update
• RHSA-2025:23932: Important: httpd security update
• RHSA-2025:23927: Moderate: ruby security update
• RHSA-2025:23940: Moderate: python3.12 security update
• RHSA-2025:23856: Important: thunderbird security update
• RHSA-2025:23857: Important: gimp:2.8 security update
• RHSA-2025:23919: Important: httpd security update
• RHSA-2025:23975: Important: webkitgtk4 security update
• RHSA-2025:23972: Important: webkit2gtk3 security update
• RHSA-2025:23973: Important: webkit2gtk3 security update
• RHSA-2025:23971: Important: webkit2gtk3 security update
• RHSA-2025:23970: Important: webkit2gtk3 security update
• RHSA-2025:23969: Important: webkit2gtk3 security update
• RHSA-2025:23968: Important: webkit2gtk3 security update
• RHSA-2025:23967: Important: webkit2gtk3 security update
• RHSA-2025:23974: Important: webkit2gtk3 security update

Rocky Linux

Rocky Linux users are advised to update their systems due to available security patches addressing potential vulnerabilities. Several key packages have received updates, including Kernel, Podman, Python, LibSSH, Apache, and PHP, among others. The updates aim to fix various security issues that could impact system stability and integrity. Users can find more information about the specific updates and how to apply them by following the links provided in each article.

• RLSA-2025:22854: Moderate: kernel security update
• RLSA-2025:23201: Important: keylime security update
• RLSA-2025:23484: Moderate: libssh security update
• RLSA-2025:23543: Important: container-tools:rhel8 security update
• RLSA-2023:2764: Moderate: python39:3.9 and python39-devel:3.9 security update
• RLSA-2023:2763: Moderate: python38:3.8 and python38-devel:3.8 security update
• RLSA-2025:23530: Important: python39:3.9 security update
• RLSA-2025:23481: Moderate: openssh security update
• RLSA-2025:23325: Moderate: podman security update
• RLSA-2025:23342: Moderate: python3.9 security update
• RLSA-2025:23483: Moderate: libssh security update
• RLSA-2025:23343: Moderate: binutils security update
• RLSA-2025:23700: Important: webkit2gtk3 security update
• RLSA-2025:23326: Moderate: skopeo security update
• RLSA-2025:23323: Moderate: python3.12 security update
• RLSA-2025:23336: Moderate: gcc-toolset-13-binutils security update
• RLSA-2025:23309: Moderate: php:8.3 security update
• RLSA-2025:23663: Important: webkit2gtk3 security update
• RLSA-2025:23374: Moderate: container-tools:rhel8 security update
• RLSA-2025:23382: Moderate: binutils security update
• RLSA-2025:23383: Moderate: curl security update
• RLSA-2025:23543: Important: container-tools:rhel8 security update
• RLSA-2025:23530: Important: python39:3.9 security update
• RLSA-2025:23295: Moderate: podman security update
• RLSA-2025:23306: Moderate: binutils security update
• RLSA-2025:23664: Important: opentelemetry-collector security update
• RLSA-2025:23294: Moderate: skopeo security update
• RLSA-2025:23667: Important: git-lfs security update
• RLSA-2023:5360: Important: nodejs:16 security, bug fix, and enhancement update
• RLSA-2023:5362: Important: nodejs:18 security, bug fix, and enhancement update
• RLSA-2025:23732: Important: httpd:2.4 security update
• RLSA-2025:23241: Important: kernel security update
• RLSA-2025:23739: Important: mod_md security update
• RLSA-2025:23919: Important: httpd security update
• RLSA-2025:23856: Important: thunderbird security update
• RLSA-2025:23729: Important: opentelemetry-collector security update
• RLSA-2025:23744: Important: git-lfs security update
• RLSA-2025:23745: Important: git-lfs security update
• RLSA-2025:23948: Moderate: grafana security update
• RLSA-2025:23932: Important: httpd security update
• RLSA-2025:23738: Important: mod_md security update
• RLSA-2025:23940: Moderate: python3.12 security update
• RLSA-2025:23279: Important: kernel security update
• RLSA-2023:2417: Moderate: php:8.1 security update
• RLSA-2022:7813: Important: mingw-zlib security update
• RLSA-2023:3068: Important: mingw-expat security update
• RLSA-2023:5259: Moderate: mariadb:10.3 security, bug fix, and enhancement update
• RLSA-2023:2903: Moderate: php:7.4 security update
• RLSA-2023:2898: Moderate: libtar security update

Slackware Linux

A security issue has been fixed in the net-snmp packages for Slackware 15.0 and current, addressing a critical vulnerability triggered by a specially crafted trap. New updates are available to mitigate this risk. Additionally, new vim packages have also been released for Slackware 15.0 and -current, fixing a buffer overflow issue involving incomplete multi-byte characters. The updated packages include the latest version of vim-9.

• net-snmp (SSA:2025-359-01)
• vim (SSA:2025-361-01)

SUSE Linux

Several security updates have been released for SUSE Linux, addressing vulnerabilities in various packages, including duc, python311-tornado6, and Mozilla Firefox. Additionally, security updates are available for taglib, MariaDB, glib2, kernel-devel, and other packages to fix potential issues. Important patches were also released for cheat, go-sendxmpp, and webkit2gtk3, while buildah was updated on openSUSE Tumbleweed to address a moderate vulnerability. Multiple security updates have been rolled out for SUSE Linux, including fixes for gnutls, buildah, and other critical packages to ensure system stability and security.

• openSUSE-SU-2025:15835-1: moderate: duc-1.4.6-1.1 on GA media
• openSUSE-SU-2025:15838-1: moderate: python311-tornado6-6.5.4-1.1 on GA media
• openSUSE-SU-2025:15837-1: moderate: php8-8.4.16-1.1 on GA media
• openSUSE-SU-2025:15836-1: moderate: kernel-devel-6.18.2-1.1 on GA media
• openSUSE-SU-2025:15834-1: moderate: busybox-1.37.0-8.1 on GA media
• openSUSE-SU-2025:15833-1: moderate: MozillaFirefox-146.0.1-1.1 on GA media
• SUSE-SU-2025:4501-1: low: Security update for taglib
• SUSE-SU-2025:4502-1: important: Security update for mariadb
• SUSE-SU-2025:4504-1: important: Security update for glib2
• SUSE-SU-2025:4505-1: important: Security update for the Linux Kernel
• SUSE-SU-2025:4506-1: important: Security update for the Linux Kernel
• openSUSE-SU-2025:20177-1: important: Security update for cheat
• openSUSE-SU-2025:20175-1: important: Security update for mariadb
• openSUSE-SU-2025:15840-1: moderate: python315-3.15.0~a3-1.1 on GA media
• openSUSE-SU-2025:15839-1: moderate: python310-3.10.19-3.1 on GA media
• openSUSE-SU-2025:15841-1: moderate: zk-0.15.2-1.1 on GA media
• SUSE-SU-2025:4511-1: moderate: Security update for rsync
• SUSE-SU-2025:4512-1: moderate: Security update for mozjs52
• SUSE-SU-2025:4514-1: important: Security update for libsoup
• openSUSE-SU-2025:0482-1: important: Security update for cheat
• openSUSE-SU-2025:0483-1: important: Security update for go-sendxmpp
• SUSE-SU-2025:4521-1: important: Security update for the Linux Kernel
• openSUSE-SU-2025:15843-1: moderate: buildah-1.42.2-1.1 on GA media
• SUSE-SU-2025:4525-1: moderate: Security update for gnutls
• SUSE-SU-2025:4526-1: important: Security update for buildah
• SUSE-SU-2025:4527-1: important: Security update for webkit2gtk3
• openSUSE-SU-2025:0487-1: moderate: Security update for duc
• SUSE-SU-2025:4522-1: moderate: Security update for python39