Linux Kernel version 5.15.190 has officially been released. This update includes various improvements and fixes to enhance system stability and performance.

The Linux kernel version 5.10.241 has been officially released, marking an update to the 5.10 series. Users can access the full source code, patches, and PGP signatures through the provided links.

The Linux kernel version 5.4.297 has been officially released, providing users with the latest updates and improvements to the Linux operating system.

Linux Kernel Update for Ubuntu 14.04 LTS

Debian has issued two critical security advisories for its software packages, namely DSA-5988-1 for Chromium and DSA-5987-1 for Unbound, aimed at users of Debian 12 (Bookworm) and 13 (Trixie). The Chromium update addresses a serious vulnerability (CVE-2025-9478) that could lead to arbitrary code execution, denial of service, or information disclosure. The Unbound update tackles multiple vulnerabilities, including denial of service and cache poisoning risks associated with the "rebirthday attack" (CVE-2024-8508, CVE-2024-33655, CVE-2025-5994). Users are strongly advised to upgrade their Chromium and Unbound packages to mitigate these security threats.

SUSE Linux has recently released significant security updates affecting various software packages, including FFmpeg, Tomcat, Jetty, Matrix-Synapse, PostgreSQL, and the Linux Kernel. These updates aim to address multiple vulnerabilities and enhance the security of systems running SUSE Linux distributions.

AlmaLinux has rolled out a series of critical security updates for various software packages, including the kernel, Firefox, AIDE, and mod_http2, addressing significant vulnerabilities that could lead to memory leaks, denial-of-service attacks, and sandbox escapes. These updates apply to both AlmaLinux 9 and 10 and have been assigned various severity levels, with most categorized as important.

Oracle has announced a series of security updates and bug fixes for its Linux distributions, specifically addressing vulnerabilities across Oracle Linux 10, 9, and 8. These updates include critical patches for the aide package, which had issues with improper output neutralization, and the mod_http2 module, which faced security risks due to untrusted client input. Alongside these security fixes, enhancements have been made to various packages, including bash, NetworkManager, libxslt, and pacemaker, aimed at improving system stability and performance.

Red Hat has recently announced critical updates for various components of Red Hat Enterprise Linux (RHEL), particularly focusing on kernel security, kernel-rt, fence-agents, Thunderbird, and OpenShift Container Platform. These updates are essential for maintaining the security and stability of systems running on RHEL.

Fedora 41 has released a security update for the mod_auth_openidc package, now at version 2.4.17.2. This update addresses a critical vulnerability identified as CVE-2025-31492, which impacts the functionality of the Apache HTTP Server, allowing it to operate as both an OpenID Connect Relying Party and an OAuth 2.0 Resource Server.

Fedora Linux 43 has officially entered its Beta Freeze phase, a critical milestone in its development cycle. The first beta version is scheduled for release in the middle of next month. During this Beta Freeze, only packages that address accepted blocker or freeze exception bugs will be considered 'stable' and included in the Beta builds. Other packages will remain in the update testing phase until the beta release receives approval.

Fractal 12.1 has officially been released, addressing a regression issue that previously hindered the ability to send media through unauthenticated endpoints. This update also includes various minor improvements, affectionately referred to as "papercut" fixes, enhancing the overall user experience.

A security update has been issued for the node-cipher-base package in Debian GNU/Linux versions 12 and 13 to address a vulnerability identified as CVE-2025-9287. Discovered by Nikita Skorovoda, the flaw stems from inadequate type checks within the Node cipher-base, which is utilized as an abstract base class for crypto-streams.

Ubuntu has released security updates to address vulnerabilities across several packages, including the Linux kernel for Raspberry Pi Real-time, GNU binutils, GStreamer Base Plugins, and GStreamer Good Plugins. These vulnerabilities impact multiple Ubuntu versions, specifically Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 22.04 LTS, and users are urged to upgrade to the latest package versions to protect their systems.

Oracle has rolled out security updates for Oracle Linux, addressing crucial vulnerabilities in components such as AIDE and the kernel. Key advisories include ELSA-2025-14573 for AIDE and ELSA-2025-14420 for the kernel, alongside moderate updates and bug fixes for various packages like Python 3, Python Cryptography, Fence Agents, PAM, and others.

SUSE has released several important security updates for various products, addressing vulnerabilities in key software components such as V2Ray-Core, PostgreSQL, and Tomcat. These updates apply to multiple distributions, including openSUSE Tumbleweed, openSUSE Leap 15.6, and SUSE Linux Enterprise versions.

Fedora has announced important security updates for three packages: libtiff and keylime-agent-rust, with two separate updates for libtiff. The updates aim to address various vulnerabilities found in these packages.

Multiple security updates have been released for various versions of Red Hat Enterprise Linux (RHEL), addressing vulnerabilities in several key packages. Notably, updates for gdk-pixbuf2, aide, kpatch-patch, mod_http2, Red Hat Ansible Automation Platform 2.5, and Thunderbird have been introduced, with security impacts rated as Moderate or Important by Red Hat Product Security.

Nginx Update for Ubuntu: Security Vulnerability Disclosure

Debian GNU/Linux has released several important security updates targeting vulnerabilities in FFmpeg, LuaJIT, and the Firebird database. These updates address critical issues that could lead to denial of service or arbitrary code execution when processing malformed files.