FreeRDP, Nginx, NodeJS, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux has issued numerous security updates for versions eight through ten. Covering applications ranging from database servers to font editors, these advisories highlight critical flaws that allow attackers to execute arbitrary code on vulnerable systems. Specific vulnerabilities include heap buffer overflows and uninitialized variables that enable remote code execution alongside denial of service attacks. System administrators should review the linked CVE pages to understand the impact and apply the necessary fixes immediately through their package managers.

ALSA-2026:6799: freerdp security update (Important)
ALSA-2026:6906: nginx security update (Important)
ALSA-2026:7080: nodejs22 security update (Important)
ALSA-2026:6463: openssh security update (Important)
ALSA-2026:7081: libtiff security update (Moderate)
ALSA-2026:6631: fontforge security update (Important)
ALSA-2026:6766: python3.9 security update (Important)
ALSA-2026:6923: nginx:1.24 security update (Important)
ALSA-2026:6462: openssh security update (Important)
ALSA-2026:6628: fontforge security update (Important)
ALSA-2025:4049: libtasn1 security update (Moderate)
ALSA-2025:4063: ruby:3.1 security update (Moderate)
ALSA-2025:2872: pcs security update (Important)
ALSA-2025:11047: pcs security update (Moderate)
ALSA-2025:3210: container-tools:rhel8 security update (Important)
ALSA-2025:3026: kernel security update (Important)
ALSA-2024:10987: pcs security update (Moderate)
ALSA-2025:3027: kernel-rt security update (Important)
ALSA-2025:3388: python-jinja2 security update (Important)
ALSA-2025:4048: xmlrpc-c security update (Moderate)
ALSA-2025:8254: pcs security update (Important)
ALSA-2025:12527: virt:rhel and virt-devel:rhel security update (Moderate)
ALSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
ALSA-2026:6949: go-toolset:rhel8 security update (Important)
ALSA-2026:6915: vim security update (Important)
ALSA-2026:6918: freerdp security update (Important)
ALSA-2026:6391: mysql:8.4 security update (Moderate)
ALSA-2026:6435: mariadb:10.11 security update (Moderate)
ALSA-2026:6461: openssh security update (Important)

Crun and Kernel updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux recently issued several notifications about moderate security issues across different operating system versions. AlmaLinux 8 users must prioritize kernel updates that resolve memory handling flaws and potential denial of service attacks immediately. There are also separate advisories for the crun runtime on AlmaLinux 9 and 10 which address a parsing error allowing privilege escalation through command line options.

ALSA-2026:6621: crun security update (Moderate)
ALSA-2026:6572: kernel-rt security update (Moderate)
ALSA-2026:6571: kernel security update (Moderate)
ALSA-2026:6622: crun security update (Moderate)

LibPNG, FreeRDP, Kernel, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux security updates have been released for multiple software packages across versions 8 through 10. These advisories classify most fixes as important while a few kernel and rsync patches remain at moderate risk levels. The updates address serious flaws including heap buffer overflows, arbitrary code execution vectors, and potential privilege escalation issues found in libraries like libpng and GStreamer.

ALSA-2026:6445: libpng12 security update (Important)
ALSA-2026:6470: perl-YAML-Syck security update (Important)
ALSA-2026:6473: python3 security update (Important)
ALSA-2026:6005: freerdp security update (Important)
ALSA-2026:6388: grafana-pcp security update (Important)
ALSA-2026:6259: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)
ALSA-2026:6344: grafana security update (Important)
ALSA-2026:6053: kernel security update (Moderate)
ALSA-2026:6436: rsync security update (Moderate)
ALSA-2026:6439: libpng15 security update (Important)
ALSA-2026:6300: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)

Rsync, FreeRDP, Grafana, Kernel, Thunderbird updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

5 security updates have been released for AlmaLinux. Although rsync and kernel updates are rated moderate, administrators must prioritize critical patches for freerdp, grafana, and thunderbird because they address severe memory safety issues like heap buffer overflows. These flaws could potentially allow attackers to execute code or bypass sandbox protections if left unaddressed on production systems.

ALSA-2026:6390: rsync security update (Moderate)
ALSA-2026:6340: freerdp security update (Important)
ALSA-2026:6382: grafana security update (Important)
ALSA-2026:6153: kernel security update (Moderate)
ALSA-2026:6188: thunderbird security update (Important)

Python, Squid, LibXSLT, FreeRDP, Thunderbird updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux recently released security notifications for versions 8, 9, and 10 of its Linux distribution covering essential software updates. Many advisories focus on significant risks found within Python, Squid, FreeRDP, and the Thunderbird email client that require urgent attention from system administrators. Identified risks range from command line injections to memory corruption allowing attackers to execute code remotely or crash services entirely.

ALSA-2026:6283: python3.12 security update (Important)
ALSA-2026:6281: python3.11 security update (Important)
ALSA-2026:6286: python3.11 security update (Important)
ALSA-2026:6301: squid security update (Important)
ALSA-2026:6266: libxslt security update (Moderate)
ALSA-2026:6285: python3.12 security update (Important)
ALSA-2026:6004: freerdp security update (Important)
ALSA-2026:6342: thunderbird security update (Important)
ALSA-2026:6256: python3.12 security update (Important)

Kernel and Firefox updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

New security updates for AlmaLinux versions 8 through 10 are available. Addressing moderate severity levels, the kernel and kernel-rt packages resolve a use-after-free vulnerability in the ATM subsystem alongside fixes for macvlan and net/sched components. Separate advisories highlight important severity vulnerabilities within Mozilla Firefox and Thunderbird involving memory safety bugs, sandbox escapes, and JavaScript engine flaws across multiple versions.

ALSA-2026:6037: kernel security update (Moderate)
ALSA-2026:6036: kernel-rt security update (Moderate)
ALSA-2026:5932: firefox security update (Important)
ALSA-2026:5930: firefox security update (Important)
ALSA-2026:5931: firefox security update (Important)

Ncurses, FreeRDP, Go updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux released a series of security advisories regarding updates for ncurses, FreeRDP, and golang libraries. Certain vulnerabilities carry an important severity rating because they involve buffer overflows or incorrect parsing that could allow arbitrary code execution on affected machines. These notifications specifically target installations of both AlmaLinux version 9 and newer version 10 for these components.

ALSA-2026:5913: ncurses security update (Moderate)
ALSA-2026:5939: freerdp security update (Important)
ALSA-2026:5941: golang security update (Important)
ALSA-2026:5942: golang security update (Important)

TigerVNC and LibPNG updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

New security updates are available for both tigervnc and libpng packages on Slackware 15.0 and -current systems. The tigervnc upgrade to version 1.16.2 fixes missing security patches from the previous release. Libpng version 1.6.56 addresses two vulnerabilities including a use-after-free issue and an out-of-bounds read/write problem on ARM Neon processors.

tigervnc (SSA:2026-085-01)
libpng (SSA:2026-085-02)

VIM, MySQL, Nginx, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux issued moderate security advisories for both version 8 and version 9 on March 26, 2026 regarding multiple software packages. The updates resolve dangerous vulnerabilities found in tools like MySQL, nginx, and Python that could allow attackers to execute arbitrary code or gain elevated privileges. Additionally, patches are required to fix buffer overflows and data injection risks within TLS connections and cryptographic libraries used by the system. Administrators should apply these fixes immediately since ignoring them leaves infrastructure exposed to potential exploitation attempts.

ALSA-2026:5602: vim security update (Moderate)
ALSA-2026:5640: mysql:8.4 security update (Moderate)
ALSA-2026:5603: opencryptoki security update (Moderate)
ALSA-2026:5581: nginx:1.24 security update (Moderate)
ALSA-2026:5578: virt:rhel and virt-devel:rhel security update (Moderate)
ALSA-2026:5599: nginx security update (Moderate)
ALSA-2026:5580: mysql:8.0 security update (Moderate)
ALSA-2026:5513: 389-ds:1.4 security update (Moderate)
ALSA-2026:5585: gnutls security update (Moderate)
ALSA-2026:5587: opencryptoki security update (Moderate)
ALSA-2026:5588: python3 security update (Moderate)

Yggdrasil, Libarchive, VIM, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux released several security notifications covering versions eight through ten during late March 2026. Important fixes address critical flaws in applications like GIMP and libarchive that could allow remote code execution or denial of service attacks. Moderate severity patches also resolve issues within the Linux kernel, Python modules, and network utilities used across these distributions.

ALSA-2026:5146: yggdrasil security update (Important)
ALSA-2026:5063: libarchive security update (Important)
ALSA-2026:4715: vim security update (Moderate)
ALSA-2026:4717: opencryptoki security update (Moderate)
ALSA-2026:5145: yggdrasil-worker-package-manager security update (Important)
ALSA-2026:5113: gimp:2.8 security update (Important)
ALSA-2026:4649: grub2 security update (Moderate)
ALSA-2026:4713: python3.12 security update (Moderate)
ALSA-2026:4723: kernel security update (Moderate)
ALSA-2026:4705: nginx security update (Moderate)
ALSA-2026:4629: libvpx security update (Important)
ALSA-2026:4759: kernel security update (Moderate)
ALSA-2026:5080: libarchive security update (Important)
ALSA-2026:4898: capstone security update (Important)
ALSA-2026:4760: grub2 security update (Moderate)
ALSA-2026:4828: mysql security update (Moderate)

LibPNG, Glibc, Python updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Three security advisories were released by AlmaLinux 8. An Important severity update targets libpng because integer truncation flaws might allow attackers to exploit information disclosure or denial of service vulnerabilities within the simplified write API. Moderate patches update glibc and Python 3.11 to fix network leaks and injection flaws.

ALSA-2026:4728: libpng security update (Important)
ALSA-2026:4772: glibc security update (Moderate)
ALSA-2026:4473: python3.11 security update (Moderate)

Grub2, .NET, Containter-Tools, Compat-OpenSSL, Libvpx updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux systems, addressing various vulnerabilities in different software packages. One update affects the grub2 package, which provides a highly configurable boot loader with modular architecture, and fixes an issue that could lead to use-after-free (CVE-2025-61662). Additionally, other updates address issues in container-tools, including golang, crypto/tls, and libvpx, as well as .NET 10.0 and .NET 9.0, which implement a managed-software framework and include a CLR implementation.

ALSA-2026:4648: grub2 security update (Moderate)
ALSA-2026:4672: container-tools:rhel8 security update (Important)
ALSA-2026:4445: .NET 10.0 security update (Important)
ALSA-2026:4472: compat-openssl11 security update (Moderate)
ALSA-2026:4447: libvpx security update (Important)
ALSA-2026:4456: .NET 9.0 security update (Important)

Kernel, .NET, NFS-Utils, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Several security updates have been released for various packages, including the kernel, .NET framework, and Python. These updates address multiple vulnerabilities, including use-after-free errors, denial of service attacks, and information disclosure issues. The most severe vulnerability is in the .NET framework, where a Denial of Service (DoS) attack can occur via an out-of-bounds read error. This issue affects multiple versions of .NET, including 8.0, 9.0, and 10.0. Other notable vulnerabilities include a use-after-free error in the kernel's device mapper, which can be exploited to gain elevated privileges; information disclosure issues in Python, specifically in its IMAP and POP3 libraries; and buffer overflows in the libpng library used by Mingw.

ALSA-2026:4012: kernel security update (Moderate)
ALSA-2026:4450: .NET 9.0 security update (Important)
ALSA-2026:4453: .NET 10.0 security update (Important)
ALSA-2026:4451: .NET 8.0 security update (Important)
ALSA-2026:3940: nfs-utils security update (Moderate)
ALSA-2026:3842: delve security update (Moderate)
ALSA-2026:4168: python3.9 security update (Moderate)
ALSA-2026:4177: opentelemetry-collector security update (Important)
ALSA-2026:4188: gnutls security update (Moderate)
ALSA-2026:4216: python3.11 security update (Moderate)
ALSA-2026:4454: .NET 8.0 security update (Important)
ALSA-2026:3985: git-lfs security update (Important)
ALSA-2026:4306: mingw-libpng security update (Important)
ALSA-2026:4458: .NET 10.0 security update (Important)
ALSA-2026:4455: .NET 8.0 security update (Important)
ALSA-2026:4463: python3.12 security update (Moderate)
ALSA-2026:4442: vim security update (Moderate)
ALSA-2026:4443: .NET 9.0 security update (Important)

PostgreSQL, Kernel-RT, Libvpx, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several security updates for various packages, including kernel-rt, postgresql, and libvpx, which contain important fixes to prevent denial-of-service attacks and arbitrary code execution. The updates also address vulnerabilities in other packages such as nfs-utils, osbuild-composer, python3.12, and gimp, which could lead to privilege escalation or data injection. The security updates are available for different versions of AlmaLinux, including 8, 9, and 10.

ALSA-2026:3898: osbuild-composer security update (Important)
ALSA-2026:4024: postgresql:13 security update (Important)
ALSA-2026:4059: postgresql:15 security update (Important)
ALSA-2026:4063: postgresql:16 security update (Important)
ALSA-2026:4146: python-pyasn1 security update (Important)
ALSA-2026:3964: kernel-rt security update (Moderate)
ALSA-2026:3963: kernel security update (Moderate)
ALSA-2026:3938: nfs-utils security update (Moderate)
ALSA-2026:3967: libvpx security update (Important)
ALSA-2026:4162: mysql8.4 security update (Moderate)
ALSA-2026:3966: kernel security update (Moderate)
ALSA-2026:3752: osbuild-composer security update (Important)
ALSA-2026:3040: grafana-pcp security update (Important)
ALSA-2026:3939: nfs-utils security update (Moderate)
ALSA-2026:4110: postgresql:16 security update (Important)
ALSA-2026:4165: python3.12 security update (Moderate)
ALSA-2026:4164: git-lfs security update (Important)
ALSA-2026:4173: gimp security update (Important)
ALSA-2026:4235: nginx:1.26 security update (Moderate)
ALSA-2026:3896: postgresql:15 security update (Important)
ALSA-2026:3753: osbuild-composer security update (Important)
ALSA-2026:3730: postgresql security update (Important)
ALSA-2026:4174: opentelemetry-collector security update (Important)

Delve, GIT-LFS, PostgreSQL updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Three important security updates were released for AlmaLinux: one for Delve (a debugger for Go), one for Git Large File Storage (LFS), and one for PostgreSQL 16. The Delve update fixes Denial of Service issues in crypto/x509, net/url, and crypto/tls, while the LFS update also addresses these issues. Additionally, the PostgreSQL 16 update fixes three vulnerabilities: missing validation of multibyte character length, intarray input type validation, and a heap buffer overflow in pgcrypto.

ALSA-2026:3864: delve security update (Important)
ALSA-2026:3928: git-lfs security update (Important)
ALSA-2026:3887: postgresql16 security update (Important)

Udisks2, Libpng, Valkey, Thunderbird, Go-RPM-Macros updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Multiple important security updates have been released for various packages on AlmaLinux 10, including udisks2, libpng, valkey, thunderbird, and go-rpm-macros. These updates fix vulnerabilities such as missing authorization checks, heap buffer overflows, integer truncation, and use-after-free issues in components like udisks, libpng, and firefox. The updates address a total of 46 security issues across the mentioned packages, which could potentially allow for unauthorized access, data tampering, or denial-of-service attacks if left unpatched.

ALSA-2026:3476: udisks2 security update (Important)
ALSA-2026:3551: libpng security update (Important)
ALSA-2026:3443: valkey security update (Important)
ALSA-2026:3517: thunderbird security update (Important)
ALSA-2026:3669: go-rpm-macros security update (Important)
ALSA-2026:3515: thunderbird security update (Important)

Go-RPM-Macros, Nginx, Kernel, Thunderbird, Valkey updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux 9, including updates for Go-rpm-macros, nginx, kernel, Thunderbird, and Valkey. The updates address various vulnerabilities, such as memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) and data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733). These security issues can lead to severe consequences, including data corruption or loss, and should be addressed promptly.

ALSA-2026:3668: go-rpm-macros security update (Important)
ALSA-2026:3638: nginx:1.24 security update (Moderate)
ALSA-2026:3488: kernel security update (Moderate)
ALSA-2026:3516: thunderbird security update (Important)
ALSA-2026:3507: valkey security update (Important)

Kernel, Container-Tools, MinGW, Firefox updates for AlmaLinux 8

AlmaLinux 2538 Published by Philipp Esselbach 0

Multiple security updates have been announced for AlmaLinux 8, addressing various vulnerabilities in packages such as kernel-rt, container-tools, and firefox. The updates include patches for denial-of-service (DoS) vulnerabilities, memory safety bugs, and use-after-free issues in the Linux kernel, container tools, and web browser components. Users are advised to update their systems with the latest packages to ensure security and stability.

ALSA-2026:3463: kernel-rt security update (Moderate)
ALSA-2026:3428: container-tools:rhel8 security update (Important)
ALSA-2026:3464: kernel security update (Moderate)
ALSA-2026:3407: mingw-fontconfig security update (Important)
ALSA-2026:3338: firefox security update (Important)

GnuTLS, Kernel, Libpng, Skopeo, Containernetworking Plugins updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux has released several security updates to address vulnerabilities in various packages, including gnutls, kernel, libpng, and skopeo. The gnutls update fixes two issues: a stack-based buffer overflow and a denial-of-service vulnerability due to excessive resource consumption. The kernel update addresses four vulnerabilities, including a double-free issue and use-after-free bugs, while the libpng update fixes three security issues related to information disclosure and denial of service. Additionally, the skopeo update fixes three vulnerabilities in the golang library, including a denial-of-service bug due to excessive resource consumption.

ALSA-2026:3477: gnutls security update (Moderate)
ALSA-2026:3275: kernel security update (Moderate)
ALSA-2026:3405: libpng security update (Important)
ALSA-2026:3340: skopeo security update (Important)
ALSA-2026:3341: containernetworking-plugins security update (Important)

FreeRDP, Grafana, Firefox, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several security updates for various packages, including FreeRDP, Grafana, Firefox, and more. The updates address multiple vulnerabilities, with some being classified as "Important" due to their potential impact on system security. Users are encouraged to review the details of each update and apply them as soon as possible to ensure their systems remain secure. More information can be found on the AlmaLinux Errata page for each update.

ALSA-2026:3334: freerdp security update (Important)
ALSA-2026:3035: grafana-pcp security update (Important)
ALSA-2026:3068: freerdp security update (Important)
ALSA-2026:3297: buildah security update (Important)
ALSA-2026:3361: firefox security update (Important)
ALSA-2026:3067: freerdp security update (Important)
ALSA-2026:3291: runc security update (Important)
ALSA-2026:3189: 389-ds-base security update (Moderate)
ALSA-2026:3298: buildah security update (Important)
ALSA-2026:3339: firefox security update (Important)
ALSA-2026:3337: podman security update (Important)
ALSA-2026:3031: libpng15 security update (Important)
ALSA-2026:3034: munge security update (Important)
ALSA-2026:3359: python-pyasn1 security update (Important)
ALSA-2026:3066: kernel security update (Moderate)
ALSA-2026:2783: nodejs:20 security update (Important)
ALSA-2026:3095: protobuf security update (Important)
ALSA-2026:2722: kernel security update (Moderate)
ALSA-2026:2782: nodejs:22 security update (Important)
ALSA-2026:3336: podman security update (Important)
ALSA-2026:3033: munge security update (Important)
ALSA-2026:3354: python-pyasn1 security update (Important)
ALSA-2026:3092: golang-github-openprinting-ipp-usb security update (Important)
ALSA-2026:3208: 389-ds-base security update (Moderate)
ALSA-2026:3343: skopeo security update (Important)
ALSA-2026:3094: protobuf security update (Important)
ALSA-2026:2721: kernel security update (Moderate)

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...