Linux Kernel and Protocol Buffers Security Updates for Ubuntu

Red Hat Enterprise Linux (RHEL) has released multiple important security updates affecting various components, including PostgreSQL, AIDE, the kernel, and others. The updates span several versions, including PostgreSQL versions 12, 13, 15, and 16, along with packages like udisks2, Python (3.9, 3.11, and 3.12), and krb5. The updates are categorized into significant and moderate impacts based on their severity ratings.

Oracle Linux has released a series of important security updates aimed at various software components, including multiple versions of Python, the Apache HTTP Server (httpd), UDisks2, and PostgreSQL on Oracle Linux 9. The updates are designed to address vulnerabilities that could potentially compromise system security.

Archinstall 3.0.10 has been released, marking a significant update to the Arch Linux installation procedure. This version introduces numerous enhancements and bug fixes aimed at improving the overall installation experience. Key improvements include the resolution of the Pipewire issue, adjustments to the GRUB-Btrfs setup for Timeshift, and a fix for a crash that occurred during boot loader installation. In addition to these critical fixes, the update also streamlines the installation process by refining package installation order, improving type annotations, and removing redundant scripts.

Debian GNU/Linux 11 (Bullseye) LTS has released two important security advisories addressing vulnerabilities in the ruby-saml library and the libsndfile audio library.

SUSE has released several important security updates in September 2025 to address critical vulnerabilities in its software packages. These updates focus on key components including git, python-future, nginx, and jetty-minimal.

Summary of ImageMagick Update for Ubuntu

PostgreSQL and Python Security Updates for Oracle Linux

AlmaLinux has announced significant security updates for both the kernel and Python 3.9, aimed at mitigating various vulnerabilities. The kernel update addresses three critical security issues, including a double list add bug (CVE-2025-37914), an invalid page access during MMIO write (CVE-2025-38200), and a memory leak in eswitch code (CVE-2025-38417). These updates are categorized as important due to their potential impact on system security.

Red Hat has announced a series of security updates for its Red Hat Enterprise Linux (RHEL) systems, targeting vulnerabilities across multiple packages including PostgreSQL, KRB5, Python 3.12, libarchive, and glib2. These updates, categorized as Important or Moderate, aim to enhance the security posture of RHEL versions 7, 8, and 9. Each update comes with a Common Vulnerability Scoring System (CVSS) base score to help assess the severity of the vulnerabilities addressed.

Arch Linux has released its latest version, 2025.09.01, which features the updated kernel version 6.16.4. This release is designed specifically for new installations, while users with existing Arch Linux systems can easily upgrade their installations by using the command `pacman -Syu`.

Bazaar 0.4.5 has been officially released, bringing important updates to this innovative app store for FlatPak applications. This version focuses on enhancing the user experience by correcting issues with keypresses that were improperly initializing search functions, alongside other user interface improvements.

Linus Torvalds has officially released the fourth release candidate for the Linux Kernel 6.17, named 6.17-rc4, confirming that no major issues have surfaced since the last iteration. This release primarily consists of minor updates and enhancements, including notable improvements to the Intel IDPF network driver and updates to the handling of arm64 KVM system registers.

Two important security updates have been released for Debian 11 (Bullseye) to address vulnerabilities in OpenVPN and the libcommons-lang3-java package. The first advisory, DLA-4079-2, resolves a regression in OpenVPN that restricted certain characters in control channel messages. This fix allows the use of newline ("\n") and carriage return ("\r") characters, addressing issues caused by the prior restriction. Users are encouraged to upgrade to version 2.5.1-3+deb11u2 to ensure their systems are secure.

Fedora has rolled out important security updates for three software packages: docker-buildx, exiv2, and chromium, as part of its ongoing commitment to maintaining software security and performance. Here are the details of each update:

A recent security notice, USN-7714-1, was issued for Ubuntu 14.04 LTS concerning vulnerabilities in Open VM Tools. The notice highlights two significant security issues:

Manjaro Linux has released version 25.0.8, codenamed "Zetar," which is the eighth maintenance update for the 25 series. This new version is available in three desktop flavors: GNOME, Plasma, and XFCE. Each edition features significant improvements and enhancements aimed at providing a better user experience.

Debian has released several security updates aimed at addressing vulnerabilities in key software packages, impacting various versions of the Debian operating system. Notably, the mbedtls package for Debian 11 LTS has been updated to version 2.16.9-0.1+deb11u3. This revision rectifies an incomplete fix from a previous update that still allowed for use-after-free vulnerabilities under specific circumstances.

Fedora has released a series of critical security updates for its Fedora 41 and 42 distributions, addressing vulnerabilities in several key packages including Chromium, CEF (Chromium Embedded Framework), UDisks2, ROCM-RPP (ROCm Performance Primitives), and Docker Buildx. The updates rectify various security issues such as type confusion in V8, use-after-free vulnerabilities in ANGLE and Extensions, out-of-bounds reads in UDisks Daemon, and information leaks in go-viper.

UDisks2 Security Update for Slackware