Red Hat has released multiple security updates for various versions of Red Hat Enterprise Linux (RHEL), specifically RHEL 8 and RHEL 9. These updates target critical vulnerabilities in several packages, including udisks2, kpatch-patch, and python3, with many rated as having a moderate or important security impact.

The Fedora Project has launched the beta version of Fedora Linux 43, marking a significant milestone as the project gears up for the official release scheduled for October. This beta version features several updated desktop environments, including XFCE 4.20 and LXQt 2.1, both of which have transitioned to Wayland for enhanced performance and functionality. It introduces a range of improvements for developers, such as the Copilot Runtime Verification Framework, Ruby 3.4, PHP 8.4, and updates to the GNU Toolchain, which includes GCC 15 and Binutils 2.44. Additionally, the release encompasses other notable enhancements like the FEX Emulator, a transition from SDL 2 to SDL 3, and updates to the IBus Internationalization Library.

Bazaar 0.4.11 has officially been released, featuring significant updates designed to improve both user experience and application performance. This version addresses several critical bugs, including the disabling of the curated tab when there are no items to display, enhancing usability. Additionally, the handling of blocklists has been improved, preventing application crashes due to non-existent blocklists.

Ubuntu has issued multiple security updates addressing vulnerabilities found in several packages, affecting the releases Ubuntu 25.04, Ubuntu 24.04 LTS, and Ubuntu 22.04 LTS. The vulnerabilities include:

Debian GNU/Linux 11 (Bullseye) LTS has released two important security updates to enhance system safety. The first update pertains to the Django web development framework, specifically version 2:2.2.28-1~deb11u8, which addresses a vulnerability allowing potential SQL injection attacks through the FilteredRelation class. Attackers could exploit this issue by manipulating a dictionary used in database queries, posing a risk to data integrity.

Summary:

Kernel Update for AlmaLinux 10: Important Security Fixes

Red Hat has announced a series of security updates for various components within its enterprise Linux offerings, specifically for Red Hat Enterprise Linux (RHEL) and the OpenShift platform. The updates, which include security patches for mod_http2, Python 3.9, the kernel, kernel-rt, Podman, OpenTelemetry Collector, and Python Cryptography, are rated with a Moderate security impact. Additionally, several important updates have been issued for OpenShift Jenkins as part of Red Hat Product OCP Tools, spanning versions 4.13 to 4.19.

Oracle has released a series of security and bug fix updates for multiple versions of Oracle Linux, specifically targeting linux-firmware and CUPS. The updates are categorized under various advisories, including ELBA and ELSA, for Oracle Linux versions 10, 9, and 8.

Fedora Linux has released a series of security updates for multiple versions, including Fedora 41, 42, and the beta version of Fedora 43. The updates address vulnerabilities in various packages including CUPS, Chromium, QEMU, Exiv2, and several Perl components.

Libxml2 has announced the release of version 2.15.0, which introduces substantial enhancements to its architecture and functionality, while maintaining compatibility across various operating systems and hardware setups. The library provides bindings for multiple programming languages including C++, Python, and Ruby, making it a flexible solution for XML document parsing and processing.

Linus Torvalds has announced the release of the sixth release candidate (6.17-rc6) for the Linux Kernel 6.17, which reflects a notably stable development cycle with few reported issues. This calmness is partly attributed to the August holiday period. The release is set to proceed towards its official launch in two weeks, emphasizing the importance of user testing to maintain quality and avoid complacency.

The Liquorix kernel version 6.16-6 has been officially released by Steven Barrett, featuring enhancements designed for optimal performance on desktop, multimedia, and gaming platforms. Built on Linux Kernel 6.16.7, this release introduces several key improvements, including:

Debian has issued several important security advisories addressing vulnerabilities found in various packages, including Shibboleth Service Provider (shibboleth-sp), Jetty 9 (jetty9), and ImageMagick (imagemagick). These updates are crucial for users to maintain the security and integrity of their systems.

Fedora has issued critical security updates for the linenoise library, which serves as a minimal alternative to the readline line-editing library. The updates address a significant vulnerability identified as CVE-2025-9810, which involves a TOCTOU (time-of-check to time-of-use) race condition that could potentially allow arbitrary file overwrites and changes to file permissions.

Red Hat Enterprise Linux (RHEL) has rolled out several significant security updates across its various versions, aimed at enhancing system security and addressing vulnerabilities. Key updates include:

KDE neon has recently released its latest version, KDE neon 20250913, which showcases the most advanced KDE community software available. This distribution is tailored for users who are eager to experience the newest features and applications developed by KDE, without facing any delays or modifications. It is particularly suitable for adventurous users who appreciate having access to the most current versions of Plasma and other KDE applications, eliminating the need for manual updates or source code downloads.

Debian GNU/Linux 10 (Buster) Extended LTS has implemented two significant security updates addressing vulnerabilities in the imagemagick and ca-certificates-java packages.

SUSE has announced critical security updates for Chromium, ChromeDriver, and Kubo, targeting vulnerabilities that could potentially compromise system security.

A new patch package has been released for Slackware 15.0 to address multiple security vulnerabilities. The package, identified as patch-2.8-i586-1_slack15.0.txz, updates the previously installed version of patch and resolves several critical issues, including CVE-2019-13638, CVE-2019-13636, CVE-2019-20633, CVE-2018-20969, CVE-2018-6951, and CVE-2018-6952. Notably, CVE-2018-1000156, one of the most significant vulnerabilities, was patched seven years ago, but this latest update includes additional CVEs that were discreetly rectified with the earlier release of patch-2.8 earlier this year.