Ubuntu has recently implemented several security updates targeting various vulnerabilities in the Linux kernel and applications, including HAProxy, Erlang, Yelp, Perl, libarchive, and mod_auth_openidc. These updates address critical flaws that could potentially lead to system compromises or unauthorized access.

Debian GNU/Linux has recently implemented several important security updates across various packages, including libsndfile, haproxy, erlang, and hiredis, to enhance system security and address known vulnerabilities.

AlmaLinux OS Now Accessible via WSL CLI

SUSE has announced a series of security updates for openSUSE Tumbleweed, addressing moderate vulnerabilities in four key software packages: FFmpeg, Epiphany, Gopass, and Libsoup. Each update is designed to enhance security and protect users from potential threats.

Fedora Linux 42 has received important security updates for two packages: mingw-poppler and c-ares. The mingw-poppler library, which is used for handling PDF documents in Windows applications, has been updated to version 24.08.0-4.fc42. This update addresses two security vulnerabilities identified as CVE-2025-32364 and CVE-2025-32365, which involve out-of-bounds reads and floating-point exceptions. Users can install this update via the command line using the DNF package manager.

Red Hat Enterprise Linux (RHEL) has recently undergone significant updates, focusing on strengthening security across multiple software components. These updates include versions of Ruby (3.1), LibXSLT, Thunderbird, OpenShift Container Platform (4.16.39), and various libraries such as libtasn1, xmlrpc-c, bluez, gnutls, and virtuoso-opensource, along with numerous bug fixes.

AlmaLinux has released important security updates for several packages, specifically PostgreSQL, Expat, and Bluez, as part of their commitment to maintaining system security and reliability. The updates are as follows:

OpenMandriva Lx 6.0 Rock has officially been released, marking a significant milestone for the community-driven Linux distribution. This release features a variety of updated desktop environments, including the latest versions of KDE Plasma 6, LXQt 2.2.0, GNOME 48.1, XFCE, and the alpha release of COSMIC. Importantly, it also introduces the first stable version of the OpenMandriva Server edition.

CachyOS has officially released the April 2025 Fixup Release, a significant update aimed at addressing bugs from the previous version. This update specifically targets kernel-related issues that have been reported by users. One of the key new features is the inclusion of the OCCT tool, which allows users to utilize the ISO as an isolated stress testing environment. This feature was suggested by community member @kaitokariheddo, and the developers of OCCT played a crucial role in ensuring its successful integration into CachyOS.

AlmaLinux has released updates for several crucial components, including OpenJDK, OpenIDC, and WebKit2GTK3, aimed at enhancing security across its versions. The updates include:

SUSE Linux has released critical and moderate security updates for various components, including `erlang26`, `erlang`, and `govulncheck-vulndb`, to address vulnerabilities.

Ubuntu Security Updates Summary:

The Debian Extended LTS (ELTS) has released an important security update for the libxstream-java package, which is used for serializing Java objects to XML and vice versa. This update, identified as ELA-1402-1, is applicable to Debian GNU/Linux versions 8 (Jessie) and 10 (Buster).

Fedora Linux 42 has recently undergone updates including critical security enhancements for several key software packages: Moodle, OpenIKED, and Traffic Server.

The OpenShift Container Platform 4.18.10 has been updated for Red Hat Enterprise Linux, incorporating critical security updates, bug fixes, and enhancements. This update is categorized under two security advisories:

Fedora Linux 41 has recently implemented a series of security updates across various packages, enhancing the system's stability and security. This update includes crucial packages such as giflib, perl-Devel-Cover, perl-PAR-Packer, rpki-client, ruby, and python-notebook, among others. The updates address several security vulnerabilities, improving the performance and safety of applications.

Ubuntu has announced the release of updated Eclipse Mosquitto packages to address several critical security vulnerabilities. One significant issue involves the improper handling of memory by the Mosquitto client when it receives a SUBACK packet, which could allow an attacker to execute arbitrary code or cause a denial of service (DoS). Additionally, there was a problem with the Mosquitto broker that could lead to a DoS if a malicious client exploited the memory management flaws, specifically affecting Ubuntu versions 22.04 LTS and 24.04 LTS.

ChimeraOS has announced the release of its latest pre-release version, dated April 21, 2025, identified by the build number 8a4f21f. This new version of the ChimeraOS install media is now available for download on GitHub. Notably, the community repository has been removed in this update, indicating a shift in how the software will be maintained or distributed.

Debian GNU/Linux has rolled out critical security updates for several packages, including fig2dev, wget, and transfig. These updates address various vulnerabilities identified in the software, ensuring enhanced security for users.

AlmaLinux 9 has recently received updates that address two critical security vulnerabilities: one related to the kernel and another concerning the libxslt library. These updates are essential for maintaining system integrity and security.