LinuxSecurity.com – Hybrid RSS The central voice for Linux and Open Source security news.
- openSUSE Tumbleweed: 2025:15006-1 moderate: argocd-cli-2.14.10-1.1by LinuxSecurity Advisories on April 18, 2025 at 3:36 pm
- openSUSE Tumbleweed: MozillaFirefox 137.0.2-1.1 moderate: security updateby LinuxSecurity Advisories on April 18, 2025 at 3:36 pm
- Linux 6.15-rc2 Security Advisory: x86 Patches for Spectre RSBby Brittany Day on April 18, 2025 at 12:38 pm
The latest round of x86 fixes was recently implemented in Linux 6.15-rc2 as several critical patches to increase mitigation against the Spectre Return Stack Buffer (RSB) vulnerability. Not only have these updates refined handling of this perplexing security flaw, but a comprehensive new document gives a full picture of current mitigations being taken. Spectre exploits modern CPU speculative execution to leak sensitive information via Return Stack Buffer leakage.
- openSUSE 15.6: 2025:1349-1 moderate: GraphicsMagick buffer overflowby LinuxSecurity Advisories on April 18, 2025 at 12:30 pm
- SUSE: 2025:1349-1 moderate: GraphicsMagick heap over-readby LinuxSecurity Advisories on April 18, 2025 at 12:30 pm
* bsc#1241150 Cross-References: * CVE-2025-32460
- Oracle Linux 9 ELSA-2025-3937 Moderate: Kernel Security Fixesby LinuxSecurity Advisories on April 18, 2025 at 12:20 pm
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
- Oracle Linux 9 ELSA-2025-3855 moderate: java-21-openjdk updateby LinuxSecurity Advisories on April 18, 2025 at 12:20 pm
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
- GNOME 48.1 Released with Bug Fixes & Improvementsby Brittany Day on April 18, 2025 at 12:17 pm
The GNOME Project recently rolled out GNOME 48.1 , the first maintenance update for the GNOME 48 ”Bengaluru” desktop environment series. This update will soon be available in the stable software repositories of various popular GNU/Linux distributions.
- Expired US Funding Threatened to Disrupt Security Flaw Trackingby Brittany Day on April 17, 2025 at 12:10 pm
This past weekend, the globally recognized Common Vulnerabilities and Exposures (CVE) database, essential for tracking security flaws in software and systems, narrowly avoided going offline due to funding issues with the U.S. government. For us Linux security admins and open-source developers, the near-disruption wasn’t just a bureaucratic oversight”it was a stark reminder of how fragile one of the most vital cornerstones of global cybersecurity truly is. With vulnerabilities being discovered and weaponized faster than ever, the CVE database is a critical tool to help administrators track, prioritize, and remediate issues. Losing or fragmenting access to this central repository could open the door to chaos, confusion, and exploitation.
- Securing Kubernetes and Cloud-Native Environments through DevSecOpsby Brittany Day on April 14, 2025 at 11:56 am
As Kubernetes and cloud-native technologies become increasingly integral to IT infrastructures, we Linux security admins must adapt to a rapidly changing environment where agility and security converge. A recent CNCF survey highlights a significant uptick in Kubernetes deployment, with most organizations using container technology as a backbone for their applications.
