1. Forum
  2. NIXNet
  3. NIX_AUTO

  • Security updates for Monday

    From LWN.net@86:200/23 to All on Tue Jan 20 06:40:08 2026
    Security updates have been issued by AlmaLinux (cups, libpq, libsoup3, podman, and postgresql16), Debian (ffmpeg, gpsd, python-urllib3, and thunderbird), Fedora (chromium, foomuuri, forgejo, freerdp, harfbuzz, libtpms, musescore, python-biopython, and python3.12), Mageia (gimp, libpng, nodejs, and python-urllib3), and SUSE (alloy, avahi, bind, chromedriver, chromium, cpp-httplib, docker, erlang, fluidsynth, freerdp, go-sendxmpp, govulncheck-vulndb, kernel, libwireshark19, NetworkManager-applet-l2tp, python, python311-virtualenv, thunderbird, and zk).

    https://lwn.net/Articles/1054992/
    --- SBBSecho 3.34-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Jan 27 06:40:07 2026
    Security updates have been issued by AlmaLinux (gimp, glib2, go-toolset:rhel8, golang, java-17-openjdk, java-21-openjdk, kernel, net-snmp, pcs, and thunderbird), Debian (apache2, imagemagick, incus, inetutils, libuev, openjdk-17, php7.4, python3.9, shapelib, taglib, and zvbi), Fedora (mingw-glib2, mingw-harfbuzz, mingw-libsoup, mingw-openexr, pgadmin4, python3.11, python3.12, python3.9, and wireshark), Gentoo (Asterisk, Commons-BeanUtils, GIMP, inetutils, and Vim, gVim), Mageia (kernel), Oracle (glib2, java-17-openjdk, java-21-openjdk, and libpng), Red Hat (java-17-openjdk, java-21-openjdk, kernel, and kernel-rt), SUSE (azure-cli-core, bind, buildah, chromium, coredns, glib2, harfbuzz, kernel, kernel-firmware, libheif, libvirt, openCryptoki, openvswitch, podman, python, python-urllib3, rabbitmq-server, and vlang), and Ubuntu (cjson).

    https://lwn.net/Articles/1055958/
    --- SBBSecho 3.34-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Feb 3 06:40:08 2026
    Security updates have been issued by AlmaLinux (iperf3, kernel, and php), Debian (ceph, pillow, pyasn1, python-django, and python-tornado), Fedora (bind9-next, cef, chromium, fontforge, java-21-openjdk, java-25-openjdk, java-latest-openjdk, mingw-python-urllib3, mingw-python-wheel, nodejs20, nodejs22, nodejs24, opencc, openssl, python-wheel, and qownnotes), Red Hat (binutils, gcc-toolset-13-binutils, gcc-toolset-14-binutils, gcc-toolset-15-binutils, java-1.8.0-openjdk, and java-25-openjdk), Slackware (expat), SUSE (bind, cacti, cacti-spine, chromedriver, chromium, dirmngr, fontforge-20251009, glib2, golang-github-prometheus-prometheus, govulncheck-vulndb, icinga2, ImageMagick, kernel, logback, openCryptoki, openssl-1_1, python311-djangorestframework, python311-pypdf, python314, python315, qemu, and xen), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4,
    linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm and linux-aws-fips, linux-fips, linux-gcp-fips).

    https://lwn.net/Articles/1056923/
    --- SBBSecho 3.34-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Feb 10 06:40:09 2026
    Security updates have been issued by AlmaLinux (fontforge, kernel, and osbuild-composer), Debian (debian-security-support, sudo, wireshark, xrdp, and zabbix), Fedora (bind, bind-dyndb-ldap, chromium, k9s, libgit2, mingw-glib2, node-exporter, open-vm-tools, plantuml, xorgxrdp, and xrdp), Oracle (fence-agents, image-builder, kernel, libsoup3, and osbuild-composer), Red Hat (image-builder and osbuild-composer), Slackware (openssl and p11), SUSE (chromium, cockpit-354, cockpit-machines, cockpit-machines-346, cockpit-packages, cockpit-podman, cockpit-subscriptions, govulncheck-vulndb, kubernetes-old, libsnmp45-32bit, libxml2, localsearch, micropython, opencloud-server, python-django, python-djangorestframework, python-maturin, python311-Django, python311-wheel, python315, sqlite3, and xrdp), and Ubuntu (linux-fips, linux-aws-fips, linux-gcp-fips and python-pip).

    https://lwn.net/Articles/1057759/
    --- SBBSecho 3.34-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Feb 17 06:40:09 2026
    Security updates have been issued by Debian (chromium, pdns-recursor, python-django, and wireshark), Fedora (gnutls, linux-sgx, mingw-expat, nginx, nginx-mod-brotli, nginx-mod-fancyindex, nginx-mod-headers-more, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, p11-kit, python-aiohttp, vim, and xen), Red Hat (kernel, kernel-rt, python-s3transfer, python-urllib3, and resource-agents), SUSE (aaa_base, abseil-cpp, build-20260202, cargo-auditable, cargo-c, chromedriver, cockpit, cockpit-packages, cockpit-subscriptions, curl, elemental-toolkit, elemental-operator, gnome-remote-desktop, go1.24, go1.25, gpg2, haproxy, himmelblau, htmldoc, ImageMagick, iperf, java-1_8_0-openjdk, kernel, krb5, kubevirt, libowncloudsync-devel, libpng16-16, libsodium, libsoup, libsoup2, micropython, net-snmp, opencryptoki, openjfx, openssl1, ovmf, postgresql14, postgresql15, postgresql16, protobuf, python-aiohttp, python-brotli, python-maturin, python-pip, python-urllib3, python310, python311, python-rpm-macros, python311-cryptography, python314, screen, systemd, u-boot, util-linux, and vim), and Ubuntu (dotnet8, dotnet10, expat, freerdp2, freerdp3, and python-aiohttp).

    https://lwn.net/Articles/1058989/
    --- SBBSecho 3.34-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Wed Feb 25 06:40:08 2026
    Security updates have been issued by AlmaLinux (kernel-rt and openssl), Debian (ca-certificates, chromium, gegl, glib2.0, libvpx, modsecurity-crs, nova, and pillow), Fedora (chromium, mingw-libpng, mupdf, python-pyasn1, python-PyMuPDF, python-uv-build, python3.13, qpdfview, rust-ambient-id, uv, and zathura-pdf-mupdf), Mageia (freerdp, gnutls, and libvpx), Red Hat (butane and grafana-pcp), SUSE (chromedriver, chromium, cockpit-repos, firefox, kernel, libpng16, postgresql16, postgresql17, postgresql18, python, python311-nltk, snpguest, ucode-intel-20260210, vexctl, and xen), and Ubuntu (djvulibre, evolution-data-server, linux-lowlatency, linux-xilinx, and u-boot).

    https://lwn.net/Articles/1059864/
    --- SBBSecho 3.34-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Mar 3 06:40:08 2026
    Security updates have been issued by Debian (lxd, orthanc, and thunderbird), Fedora (cef, chromium, gimp, nextcloud, pgadmin4, python-django4.2, python-django5, python3-docs, python3.12, python3.13, and python3.9), Oracle (container-tools:rhel8 and mingw-fontconfig), Slackware (gvfs, mozilla, and telnet), SUSE (avahi, cockpit-356, cockpit-podman, cockpit-podman-120, containerized-data-importer, digger-cli, docker, evolution-data-server, expat, firefox, freerdp2, gimp, glib2, glibc, go1, google-guest-agent, google-osconfig-agent, gosec, gpg2, heroic-games-launcher, ImageMagick, kernel, kernel-firmware, kubevirt, libIex-3_4-33, libjxl-devel, libpng16, libsodium, libsoup, libsoup2, libssh, libudisks2-0, libwireshark19, protobuf, python-pyasn1, python-urllib3, python311, python311-Flask, rust-keylime, thunderbird, ucode-intel, and valkey), and Ubuntu (git).

    https://lwn.net/Articles/1060911/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Mar 10 06:40:09 2026
    Security updates have been issued by AlmaLinux (delve, git-lfs, and postgresql16), Fedora (cef, chezmoi, chromium, coturn, erlang-hex_core, firefox, gh, gimp, k9s, keylime, keylime-agent-rust, libsixel, microcode_ctl, nextcloud, nss, perl-Crypt-URandom, pgadmin4, php-zumba-json-serializer, postgresql16-anonymizer, prometheus, python-asyncmy, python3.10, python3.11, python3.9, staticcheck, valkey, and vim), SUSE (chromedriver, chromium, coredns, expat, freetype2-devel, gitea-tea, go1.24-openssl, go1.25-openssl, grpc, gstreamer-rtsp-server, gstreamer-plugins-ugly,, helm, jetty-annotations, kubeshark-cli, libaec, libblkid-devel, libsoup, libxml2, libxslt, NetworkManager-applet-strongswan, podman, python-joserfc, python-Markdown, python-pypdf2, python-tornado, python-uv, python311-Django, python311-joserfc, python311-nltk, roundcubemail, and valkey), and Ubuntu (python3.4, python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, python3.14).

    https://lwn.net/Articles/1062103/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Mar 17 06:40:20 2026
    Security updates have been issued by AlmaLinux (.NET 10.0, .NET 8.0, .NET 9.0, delve, git-lfs, gnutls, kernel, mingw-libpng, nfs-utils, opentelemetry-collector, python3.11, python3.12, python3.9, and vim), Debian (chromium, gimp, kernel, linux-6.1, and wireless-regdb), Fedora (alertmanager, chromium, freerdp, glab, golang-github-openprinting-ipp-usb, gst-devtools, gst-editing-services, gstreamer1, gstreamer1-doc, gstreamer1-plugin-libav, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-rtsp-server, insight, pcs, pgadmin4, python-gstreamer1, python3.10, python3.11, python3.6, qgis, SDL2_sound, SDL3_sound, systemd, and wireshark), Mageia (python-nltk, tomcat, and vim), Oracle (.NET 10.0, .NET 8.0, .NET 9.0, compat-openssl11, dtrace, python3.12, and vim), Red Hat (buildah, git-lfs, golang-github-openprinting-ipp-usb, opentelemetry-collector, podman, and runc), and SUSE (amazon-ssm-agent, busybox, clamav, firefox, giflib-devel-32bit, glibc, heroic-games-launcher, himmelblau, kubelogin, libpng15, libsoup, libsoup2, mingw32-binutils, mingw64-binutils, osc, obs-scm-bridge, python, python-black, python3, qemu, ruby4.0-rubygem-actioncable, ruby4.0-rubygem-actiontext, ruby4.0-rubygem-activejob, ruby4.0-rubygem-activemodel, tomcat, and tomcat10).

    https://lwn.net/Articles/1063095/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Mar 24 06:40:08 2026
    Security updates have been issued by AlmaLinux (gimp:2.8, grub2, kernel, libarchive, libvpx, nginx, opencryptoki, python3.12, vim, yggdrasil, and yggdrasil-worker-package-manager), Debian (chromium, freeciv, libvirt, libyaml-syck-perl, mapserver, ruby-rack, spip, and webkit2gtk), Fedora (chromium, cpp-httplib, glib2, libsoup3, localsearch, openssh, python-scitokens, python-ujson, python3.6, scitokens-cpp, uxplay, wordpress, and xen), Mageia (expat), Red Hat (osbuild-composer), SUSE (Announcement ID: SUSE-SU-2026:0940-1 Release Date: 2026-03-20T13:41:23Z Rating: important References:, Announcement ID: SUSE-SU-2026:0941-1 Release Date: 2026-03-20T13:41:30Z Rating: important References:, Announcement ID: SUSE-SU-2026:0943-1 Release Date: 2026-03-20T13:41:33Z Rating: important References:, Announcement ID: SUSE-SU-2026:0944-1 Release Date: 2026-03-20T13:41:37Z Rating: important References:, Announcement ID: SUSE-SU-2026:0945-1 Release Date: 2026-03-20T13:41:40Z Rating: important References:, chromium, docker, go1.25-openssl, GraphicsMagick, helm, mumble, python311, python311-pyasn1, python313, runc, sqlite3, and tempo-cli), and Ubuntu (debian-goodies and libnet-cidr-perl).

    https://lwn.net/Articles/1064298/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Mar 31 06:40:08 2026
    Security updates have been issued by AlmaLinux (freerdp, golang, and ncurses), Debian (asterisk, bind9, gst-plugins-base1.0, gst-plugins-ugly1.0, gvfs, incus, libxml-parser-perl, nodejs, php-phpseclib, php-phpseclib3, phpseclib, and strongswan), Fedora (bcftools, bind, bind-dyndb-ldap, chromium, dotnet10.0, dotnet8.0, dotnet9.0, giflib, htslib, libsoup3, libtasn1, maturin, mingw-expat, mingw-freetype, mongo-c-driver, perl-XML-Parser, php-phpseclib, php-phpseclib3, pypy, pypy3.10, pypy3.11, python-cryptography, python-fastar, python-ply, python-pycparser, python-uv-build, python3.11, python3.12, python3.13, python3.6, roundcubemail, rubygem-json, rust-ambient-id, rust-astral-reqwest-middleware, rust-astral-reqwest-retry, rust-astral-tokio-tar, rust-astral_async_http_range_reader, rust-cargo-c, rust-ingredients, rust-native-tls, rust-nix, rust-openssl-probe, rust-openssl-probe0.1, rust-pty-process, rust-reqsign, rust-reqsign-aliyun-oss, rust-reqsign-aws-v4, rust-reqsign-azure-storage, rust-reqsign-command-execute-tokio, rust-reqsign-core, rust-reqsign-file-read-tokio, rust-reqsign-google, rust-reqsign-http-send-reqwest, rust-reqsign-huaweicloud-obs, rust-reqsign-tencent-cos, rust-rustls-native-certs, rust-sequoia-chameleon-gnupg, rust-tar, rust-webpki-root-certs, rustup, samtools, suricata, uv, and vim), Mageia (cmake, libpng, nodejs, python-ujson, and strongswan), Red Hat (python3 and python3.9), SUSE (389-ds, amazon-cloudwatch-agent, capstone, chromium, containerd, cosign, curl, docker-compose, docker-stable, exiv2, expat, firefox, freeipmi, freerdp, gimp, glusterfs, govulncheck-vulndb, gstreamer-plugins-ugly, jupyter-bqplot-jupyterlab, jupyter-jupyterlab-templates, jupyter-matplotlib, kea, kernel, libsodium, libtpms-devel, LibVNCServer, nghttp2, nginx, poppler, python-dynaconf, python-ldap, python-nltk, python-orjson, python-pyasn1, python-pydicom, python-PyJWT, python-pyopenssl, python-tornado6, python311, python311-cbor2, python311-deepdiff, python311-intake, python311-jsonpath-ng, python311-lmdb, python311-o



    ci-sdk, python312, rclone, redis, salt, tomcat11, v2ray-core, and vim), and Ubuntu (linux-ibm-5.4).

    https://lwn.net/Articles/1065419/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Apr 7 06:40:09 2026
    Security updates have been issued by AlmaLinux (freerdp, grafana, grafana-pcp, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free, kernel, libpng12, libpng15, perl-YAML-Syck, python3, and rsync), Debian (dovecot, libxml-parser-perl, pyasn1, python-tornado, roundcube, tor, trafficserver, and valkey), Fedora (bind9-next, chromium, cmake, domoticz, freerdp, giflib, gst-devtools, gst-editing-services, gstreamer1, gstreamer1-doc, gstreamer1-plugin-libav, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-rtsp-server, gstreamer1-vaapi, libgsasl, libinput, libopenmpt, mapserver, mingw-binutils, mingw-gstreamer1, mingw-gstreamer1-plugins-bad-free, mingw-gstreamer1-plugins-base, mingw-gstreamer1-plugins-good, mingw-libpng, mingw-python3, nginx-mod-modsecurity, openbao, python-gstreamer1, python3.12, python3.13, python3.14, python3.9, rust, rust-sccache, tcpflow, and vim), Red Hat (ncurses), Slackware (infozip and krita), SUSE (chromium, corosync, keybase-client, libinput-devel, osslsigncode, python-pillow, python311-Flask-Cors, python313, and python314), and Ubuntu (libarchive and spip).

    https://lwn.net/Articles/1066505/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Apr 14 06:40:08 2026
    Security updates have been issued by AlmaLinux (fontforge, freerdp, libtiff, nginx, nodejs22, and openssh), Debian (bind9, chromium, firefox-esr, flatpak, gdk-pixbuf, inetutils, mediawiki, and webkit2gtk), Fedora (corosync, libcap, libmicrohttpd, libpng, mingw-exiv2, mupdf, pdns-recursor, polkit, trafficserver, trivy, vim, and yarnpkg), Mageia (libpng12, openssl, python-django, python-tornado, squid, and tomcat), Red Hat (rhc), Slackware (openssl), SUSE (chromedriver, chromium, cockpit, cockpit-machines, cockpit-podman, cockpit-tukit, crun, firefox, fontforge-20251009, glibc, go1, helm3, libopenssl-3-devel, libpng16, libradcli10, libtasn1, nghttp2, openssl-1_0_0, openssl-1_1, ovmf, perl-XML-Parser, python-cryptography, python-Flask-HTTPAuth, python311-Django4, python313-Django6, python315, sudo, systemd, tar, tekton-cli, tigervnc, util-linux, and zlib), and Ubuntu (mongodb, qemu, and retroarch).

    https://lwn.net/Articles/1067436/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)
  • From LWN.net@86:200/23 to All on Tue Apr 21 06:40:26 2026
    Security updates have been issued by AlmaLinux (.NET 10.0, .NET 8.0, .NET 9.0, delve, freerdp, giflib, go-rpm-macros, libarchive, and openexr), Debian (gimp, imagemagick, luanti, mapserver, mupdf, opam, perl, pillow, postgresql-13, and tiff), Fedora (aqualung, awstats, curl, incus, mac, mbedtls, mingw-LibRaw, python-msal, python3.11, python3.12, python3.15, smb4k, stb, and usd), Gentoo (DTrace and FUSE), Mageia (gdk-pixbuf2.0, giflib, polkit-122, python-cairosvg, and rsync), Oracle (.NET 10.0, .NET 8.0, .NET 9.0, 389-ds-base, bind, freerdp, go-rpm-macros, kernel, libarchive, nodejs:20, openexr, perl:5.32, python, python3, squid:4, thunderbird, and uek-kernel), Slackware (tigervnc), and SUSE (aardvark-dns, avahi, bind, blender, Botan, bouncycastle, chromedriver, cpp-httplib-devel, flannel, gdk-pixbuf, GraphicsMagick, ignition, ImageMagick, jetty-annotations, jetty-minimal, kernel, kubo, leancrypto-devel, libcap, liblog4cxx-devel, libpng16-16, libraw, libraw-devel, NetworkManager, opam, openssl-3, openvswitch, openvswitch3, podman, polkit, python-cryptography, python-djangorestframework, python-Django, python-ecdsa, python311-Django, python311-jwcrypto, python311-Pillow, roundcubemail, skopeo, tempo-cli, and vim).

    https://lwn.net/Articles/1068681/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)