Security updates for Tuesday

• Multiple distributions released critical security patches for popular packages like gimp, golang, and gnupg2. • Kernel updates appeared across Oracle, SUSE, and Debian, addressing potential privilege escalation vulnerabilities. • Fedora and AlmaLinux fixed vulnerabilities in libpng, rsync, and nodejs:24, enhancing system stability. • Mageia, Slackware, and Oracle addressed issues in usbmuxd, libssh, and openssl, tightening encryption security. • SUSE and openSUSE updated curl, elemental-toolkit, and freerdp, improving network and remote desktop security. • Red Hat and Oracle added kernel and microcode updates, ensuring compatibility with latest hardware and firmware.

Article Summaries:

• Security updates released on Tuesday covered a broad range of packages across major Linux distributions. AlmaLinux, Oracle, and Mageia patched graphics and development tools such as GIMP, Go toolsets, and Golang. Debian addressed Roundcube, while Fedora fixed GNUPG2, libpng, and rsync. SUSE updated core libraries and utilities including curl, libxml2, and systemd, and added patches for OpenSSL 3 and libnvidia‑container. Slackware fixed libssh, lrzip, and Mozilla. Ubuntu updated ALSA‑lib, GnuTLS, and kernel variants for AWS and Oracle. The updates focus on security and stability for core components.
• Security updates released on Tuesday covered a broad range of distributions, including AlmaLinux, Debian, Fedora, Mageia, Oracle, Slackware, SUSE, and Ubuntu. Key packages patched were gimp, go‑toolset, golang, roundcube, gnupg2, libpng, rsync, dcmtk, usbmuxd, gcc‑toolset, kernel, openssl, libssh, lrzip, Mozilla, abseil‑cpp, Chromium, curl, elemental‑toolkit, expat, freerdp, iperf, libnvidia‑container, libsoup, libxml2, net‑snmp, openCryptoki, openssl‑3, patch, protobuf, python‑urllib3, python‑xmltodict, python311, screen, systemd, util‑linux, alsa‑lib, gnutls28, and Linux kernel variants for AWS and Oracle. The updates address multiple security vulnerabilities across core utilities, libraries, and graphical applications.
• Security updates released on Thursday covered a broad range of Linux distributions, with a focus on core components and kernel patches. AlmaLinux, Oracle, and Red Hat issued updates for critical libraries such as glibc, edk2, nodejs, and php, while multiple kernel fixes appeared for Debian, Fedora, Mageia, Oracle, and Ubuntu. SUSE and openSUSE addressed numerous packages including golang, avahi, and various Python modules. Ubuntu’s updates targeted kernel variants (gcp, gke, low‑latency, nvidia) and key utilities like inetutils and libssh. The patch set reflects ongoing efforts to address security vulnerabilities across major enterprise and community distros.
• Security updates released on Thursday covered a broad range of Linux distributions, addressing vulnerabilities in core system components and popular applications. AlmaLinux and Oracle Linux received patches for the EDK2 firmware, glibc, and kernel, while AlmaLinux also updated gnupg2, golang, nodejs, php, and grafana. Debian issued fixes for GIMP and the kernel. Fedora updated the fvwm3 window manager. Mageia addressed microcode and Vim. SUSE fixed numerous packages including abseil‑cpp, avahi, and multiple Go releases. Ubuntu’s updates targeted inetutils, libssh, various Linux kernel variants, and trafficserver. The updates collectively strengthen system security across enterprise and community distributions.

Sources:

• https://lwn.net/Articles/1059176/
• https://lwn.net/Articles/1059500/