The Slackware Linux Security Team has announced the release of updated packages for three applications: expat, mozilla-firefox, and mozilla-thunderbird, aimed at addressing various security vulnerabilities. These updates are available for both Slackware 15.0 and the -current version, accessible via the Slackware project's FTP servers and mirrors.

Red Hat has announced a series of significant security updates for various software packages, including Python versions 3.11 and 3.9, MySQL 8.4, and Firefox. These updates have been assessed and rated according to their security impact, with classifications of moderate and important. In addition to the aforementioned packages, updates also affect gnutls, udisks2, PostgreSQL, and the Red Hat Advanced Cluster Management for Kubernetes.

Oracle has recently rolled out numerous security updates for its Linux distribution, addressing vulnerabilities across various components. Key updates include a significant security patch for libarchive on Oracle Linux 7, kernel updates for Oracle Linux 8 and 10, and a security update for podman on Oracle Linux 9. Additionally, moderate updates were issued for python-cryptography and the kernel on Oracle Linux 9.

Recent updates for Fedora Linux have been announced, focusing on security enhancements for versions 41, 42, and 43 Beta. Key updated packages include major applications such as Firefox and Chromium, as well as utilities like Perl's Cpanel-JSON-XS module, Gitleaks, Lemonldap-ng, Python pip, and the Forgejo kernel alongside its headers.

The GNOME Project has officially launched GNOME 49, codenamed "Brescia," marking a significant update to the open-source desktop environment. This release enhances the user experience with a host of new features and improvements, including the introduction of Showtime, a modern video player that replaces the previous Totem application. Built on GTK 4 and Libadwaita, Showtime offers a distraction-free interface with features like adjustable playback speed, multiple audio and subtitle tracks, video rotation, and screenshot capabilities.

The Linux Mint Debian Edition 7 (LMDE 7), codenamed "Gigi," has been released in Beta form, providing users with an alternative version of Linux Mint that is built upon the Debian GNU/Linux 13 (Trixie) package base, rather than the traditional Ubuntu foundation. This strategic shift allows LMDE to deliver a similar level of functionality and user experience as standard Linux Mint releases while benefiting from the stability and updates provided by Debian.

SparkyLinux has announced the release of its new version, 2025.09, codenamed "Tiamat." This release builds upon the Debian "Forky" testing branch and incorporates the latest package updates from both Debian and Sparky testing repositories as of September 14, 2025. One of the standout features in this version is the upgraded Linux kernel, now at version 6.16.7, along with the availability of alternative kernels (6.12.47-LTS and 6.6.105-LTS) through Sparky repositories.

The Ubuntu Security Notices USN-7754-2, USN-7754-1, USN-7753-1, and USN-7752-1 detail various vulnerabilities affecting multiple versions of Ubuntu, including 20.04 LTS, 18.04 LTS, and 16.04 LTS, among others.

A security update has been issued for the Node SHA.js package in Debian GNU/Linux versions 12 (Bookworm) and 13 (Trixie). This update addresses vulnerabilities caused by the package's incomplete type checks, which could potentially lead to security risks.

AlmaLinux has issued critical security updates for its kernel and kernel-rt packages to mitigate several vulnerabilities. The updates include:

SUSE Linux has released multiple security updates to address vulnerabilities in various packages, including KRB5 (Kerberos), PCP (Process Control and Communication), the Linux Kernel, RabbitMQ Server, libavif, and Onefetch. Each update is associated with a unique announcement ID, a release date, and a severity rating (ranging from moderate to important).

Fedora has announced security updates for several of its packages, specifically targeting vulnerabilities in perl-JSON-XS, Firefox, and Kea. The perl-JSON-XS package has been updated to version 4.04 to mitigate a heap overflow vulnerability identified as CVE-2025-40928, which could lead to crashes or potential data leaks. Additionally, the update corrects a flaw where invalid JSON texts were incorrectly recognized as valid.

Red Hat has released multiple security updates for various versions of Red Hat Enterprise Linux (RHEL), specifically RHEL 8 and RHEL 9. These updates target critical vulnerabilities in several packages, including udisks2, kpatch-patch, and python3, with many rated as having a moderate or important security impact.

The Fedora Project has launched the beta version of Fedora Linux 43, marking a significant milestone as the project gears up for the official release scheduled for October. This beta version features several updated desktop environments, including XFCE 4.20 and LXQt 2.1, both of which have transitioned to Wayland for enhanced performance and functionality. It introduces a range of improvements for developers, such as the Copilot Runtime Verification Framework, Ruby 3.4, PHP 8.4, and updates to the GNU Toolchain, which includes GCC 15 and Binutils 2.44. Additionally, the release encompasses other notable enhancements like the FEX Emulator, a transition from SDL 2 to SDL 3, and updates to the IBus Internationalization Library.

Bazaar 0.4.11 has officially been released, featuring significant updates designed to improve both user experience and application performance. This version addresses several critical bugs, including the disabling of the curated tab when there are no items to display, enhancing usability. Additionally, the handling of blocklists has been improved, preventing application crashes due to non-existent blocklists.

Ubuntu has issued multiple security updates addressing vulnerabilities found in several packages, affecting the releases Ubuntu 25.04, Ubuntu 24.04 LTS, and Ubuntu 22.04 LTS. The vulnerabilities include:

Debian GNU/Linux 11 (Bullseye) LTS has released two important security updates to enhance system safety. The first update pertains to the Django web development framework, specifically version 2:2.2.28-1~deb11u8, which addresses a vulnerability allowing potential SQL injection attacks through the FilteredRelation class. Attackers could exploit this issue by manipulating a dictionary used in database queries, posing a risk to data integrity.

Summary:

Kernel Update for AlmaLinux 10: Important Security Fixes

Red Hat has announced a series of security updates for various components within its enterprise Linux offerings, specifically for Red Hat Enterprise Linux (RHEL) and the OpenShift platform. The updates, which include security patches for mod_http2, Python 3.9, the kernel, kernel-rt, Podman, OpenTelemetry Collector, and Python Cryptography, are rated with a Moderate security impact. Additionally, several important updates have been issued for OpenShift Jenkins as part of Red Hat Product OCP Tools, spanning versions 4.13 to 4.19.