PHP 8.2 and 8.3 updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux has issued an important security update for PHP versions 8.2 and 8.3 across both AlmaLinux 8 and 9 environments. This release patches four distinct vulnerabilities that could allow attackers to crash services through ctype functions or exploit improper URL handling in PHP-FPM. A NULL pointer crash during SOAP decoding and an integer overflow inside the metaphone routine round out the list of critical flaws requiring immediate attention. Administrators should apply these fixes right away because unpatched servers remain highly exposed to denial of service attacks and XSS exploits.

ALSA-2026:22305: php:8.2 security update (Important)
ALSA-2026:22142: php:8.3 security update (Important)
ALSA-2026:22143: php:8.2 security update (Important)

.NET, Firefox, Thunderbird, Apache httpd, Flatpak and Cockpit CVE Patches for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux recently distributed a significant wave of important security patches for versions eight through ten across several essential software packages. These updates resolve serious flaws inside the .NET framework, Mozilla browsers, Apache httpd modules, Cockpit administration tools, and Flatpak desktop packaging systems. Malicious actors could leverage these weaknesses to crash services, break out of sandboxed environments, run unauthorized code, or slip past standard security controls.

ALSA-2026:21297: .NET 10.0 security update (Important)
ALSA-2026:21381: thunderbird security update (Important)
ALSA-2026:21296: .NET 9.0 security update (Important)
ALSA-2026:21391: httpd security update (Important)
ALSA-2026:21754: .NET 9.0 security update (Important)
ALSA-2026:21380: firefox security update (Important)
ALSA-2026:21676: cockpit security update (Important)
ALSA-2026:21382: firefox security update (Important)
ALSA-2026:21295: .NET 10.0 security update (Important)
ALSA-2026:21294: .NET 9.0 security update (Important)
ALSA-2026:21757: flatpak security update (Important)
ALSA-2026:21755: flatpak security update (Important)
ALSA-2026:21378: firefox security update (Important)

Critical Fixes for Flatpak, Cockpit, Kernel, .NET 8.0, and Apache HTTP Server for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux just pushed out a major security update that targets critical weaknesses across several widely used packages. The release fixes dangerous flaws in flatpak, cockpit, various kernel builds, .NET 8.0, and Apache httpd where malicious actors could trigger arbitrary code execution or force system crashes. Server administrators need to apply these patches right away because the unpatched vulnerabilities leave environments open to remote exploitation and privilege escalation. Full technical breakdowns along with direct download links are available through the standard AlmaLinux errata portal.

ALSA-2026:21756: flatpak security update (Important)
ALSA-2026:21700: cockpit security update (Important)
ALSA-2026:21745: kernel-rt security update (Important)
ALSA-2026:21293: .NET 8.0 security update (Important)
ALSA-2026:21291: .NET 8.0 security update (Important)
ALSA-2026:21468: cockpit security update (Important)
ALSA-2026:21706: kernel security update (Important)
ALSA-2026:21286: .NET 8.0 security update (Important)
ALSA-2026:21433: httpd security update (Important)

GDK-Pixbuf2, Python, Glibc, and more updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux distributed a series of security patches for versions 8 through 10. These updates target essential software components including the Linux kernel, Python, PostgreSQL, MySQL, Ruby, GnuTLS, Firefox, and glibc. Most advisories carry an Important severity rating while others sit at Moderate levels, all designed to patch dangerous flaws like heap buffer overflows, arbitrary code execution vectors, and denial of service triggers.

ALSA-2026:19127: gdk-pixbuf2 security update (Important)
ALSA-2026:19019: python3.14 security update (Important)
ALSA-2026:19061: glibc security update (Moderate)
ALSA-2026:19010: postgresql16 security update (Important)
ALSA-2026:19074: kernel security update (Important)
ALSA-2026:19009: postgresql18 security update (Important)
ALSA-2026:20929: libexif security update (Moderate)
ALSA-2026:20587: glibc security update (Moderate)
ALSA-2026:20614: ruby:3.3 security update (Important)
ALSA-2026:20611: gnutls security update (Important)
ALSA-2026:20594: glibc security update (Moderate)
ALSA-2026:20693: mysql8.4 security update (Moderate)
ALSA-2026:20596: ruby:4.0 security update (Important)
ALSA-2026:20566: firefox security update (Important)

Freeimpi, Skopeo, Luksmeta, and more updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux distributed a large batch of security updates for versions 8, 9, and 10. The notifications address dozens of packages with severity ratings that range from critical down to low priority concerns. System administrators must patch numerous flaws including arbitrary code execution, privilege escalation, memory corruption, and denial of service vulnerabilities.

ALSA-2026:19053: freeipmi security update (Moderate)
ALSA-2026:19031: skopeo security update (Important)
ALSA-2026:18421: luksmeta security update (Moderate)
ALSA-2026:19158: dnsmasq security update (Important)
ALSA-2026:19148: glib2 security update (Moderate)
ALSA-2026:19134: grafana security update (Important)
ALSA-2026:19032: buildah security update (Important)
ALSA-2026:19160: firefox security update (Important)
ALSA-2026:19135: opentelemetry-collector security update (Important)
ALSA-2026:19157: firefox security update (Important)
ALSA-2026:19153: thunderbird security update (Important)
ALSA-2026:19151: jq security update (Important)
ALSA-2026:19139: go-fdo-client security update (Important)
ALSA-2026:19136: grafana-pcp security update (Important)
ALSA-2026:19125: xorg-x11-server-Xwayland security update (Important)
ALSA-2026:19126: yggdrasil security update (Important)
ALSA-2026:19128: yggdrasil-worker-package-manager security update (Important)
ALSA-2026:19130: libcap security update (Important)
ALSA-2026:19133: git-lfs security update (Important)
ALSA-2026:19067: sudo security update (Important)
ALSA-2026:19034: python-tornado security update (Moderate)
ALSA-2026:19013: delve security update (Moderate)
ALSA-2026:18162: iputils security update (Moderate)
ALSA-2026:19367: giflib update (Important)
ALSA-2026:19374: nginx security update (Critical)
ALSA-2026:19361: glib2 security update (Moderate)
ALSA-2026:19372: nginx:1.26 security update (Critical)
ALSA-2026:20574: firefox security update (Important)
ALSA-2026:19181: golang security update (Important)
ALSA-2026:18786: bind security update (Important)
ALSA-2026:19371: nginx:1.24 security update (Critical)
ALSA-2026:19180: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)
ALSA-2026:19213: systemd security update (Moderate)
ALSA-2026:19354: PackageKit security update (Important)
ALSA-2026:18683: libssh security update (Moderate)
ALSA-2026:19208: freeipmi security update (Moderate)
ALSA-2026:19176: python3.14 security update (Important)
ALSA-2026:19357: krb5 security update (Important)
ALSA-2026:19368: rsync security update (Important)
ALSA-2026:19224: vim security update (Important)
ALSA-2026:19173: podman security update (Important)
ALSA-2026:18772: qemu-kvm security update (Moderate)
ALSA-2026:18748: libvirt security update (Moderate)
ALSA-2026:19225: kernel security update (Important)
ALSA-2026:19219: openssh security update (Important)
ALSA-2026:18868: linux-sgx security update (Important)
ALSA-2026:18705: mingw-glib2 security update (Moderate)
ALSA-2026:18597: NetworkManager security update (Low)
ALSA-2026:19370: firefox security update (Important)
ALSA-2026:19218: openssl security update (Moderate)
ALSA-2026:19363: libtiff security update (Important)
ALSA-2026:19197: python-jwcrypto security update (Low)
ALSA-2026:19216: python3.9 security update (Important)
ALSA-2026:19175: python3.11 security update (Important)
ALSA-2026:19177: python3.12 security update (Important)
ALSA-2026:18599: p11-kit security update (Moderate)
ALSA-2026:19365: jq security update (Important)
ALSA-2026:19343: xorg-x11-server security update (Important)
ALSA-2026:19210: gdk-pixbuf2 security update (Important)
ALSA-2026:18931: unbound security update (Moderate)
ALSA-2026:19610: libsndfile security update (Important)
ALSA-2026:18824: luksmeta security update (Moderate)
ALSA-2026:19373: dnsmasq security update (Important)
ALSA-2026:19356: libsoup security update (Moderate)
ALSA-2026:19345: LibRaw security update (Important)
ALSA-2026:19359: openexr security update (Important)
ALSA-2026:19346: libcap security update (Important)
ALSA-2026:19344: xorg-x11-server-Xwayland security update (Important)
ALSA-2026:19348: thunderbird security update (Important)
ALSA-2026:19352: grafana security update (Important)
ALSA-2026:19351: grafana-pcp security update (Important)
ALSA-2026:19220: sudo security update (Important)
ALSA-2026:19187: compat-openssl11 security update (Moderate)
ALSA-2026:19178: crun security update (Moderate)
ALSA-2026:19186: buildah security update (Important)
ALSA-2026:19350: git-lfs security update (Important)
ALSA-2026:19189: python-tornado security update (Moderate)
ALSA-2026:18913: containernetworking-plugins security update (Important)
ALSA-2026:20579: freeipmi security update (Moderate)
ALSA-2026:19353: opentelemetry-collector security update (Important)
ALSA-2026:20589: dnsmasq security update (Important)
ALSA-2026:20585: compat-libtiff3 security update (Important)
ALSA-2026:20586: thunderbird security update (Important)
AlmaLinux 10.2 released with GNOME 49, i686 userspace packages and more.
ALSA-2026:18143: p11-kit security update (Moderate)
ALSA-2026:19152: rsync security update (Important)
ALSA-2026:18326: libvirt security update (Moderate)
ALSA-2026:19024: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)
ALSA-2026:19054: tomcat security update (Important)
ALSA-2026:19149: dovecot security update (Important)
ALSA-2026:19073: vim security update (Important)
ALSA-2026:19159: nginx security update (Critical)
ALSA-2026:18465: edk2 security update (Important)
ALSA-2026:18480: linux-sgx security update (Important)
ALSA-2026:19145: krb5 security update (Important)
ALSA-2026:18479: qemu-kvm security update (Important)
ALSA-2026:19150: libtiff security update (Important)
ALSA-2026:18160: libssh security update (Moderate)
ALSA-2026:18142: NetworkManager security update (Low)
ALSA-2026:19155: python-markdown security update (Important)
ALSA-2026:18344: mingw-glib2 security update (Moderate)
ALSA-2026:18556: unbound security update (Moderate)
ALSA-2026:19042: python-jwcrypto security update (Low)
ALSA-2026:19022: golang security update (Important)
ALSA-2026:19068: systemd security update (Moderate)
ALSA-2026:19020: crun security update (Moderate)
ALSA-2026:19137: go-fdo-server security update (Important)
ALSA-2026:19064: python3.12 security update (Important)
ALSA-2026:19141: PackageKit security update (Important)
ALSA-2026:19143: libsoup3 security update (Moderate)
ALSA-2026:19560: libsndfile security update (Important)
ALSA-2026:19017: podman security update (Important)
ALSA-2026:19069: openssh security update (Important)
ALSA-2026:19066: openssl security update (Moderate)
ALSA-2026:19154: giflib security update (Important)

AlmaLinux 9.8 and 10.2 released

AlmaLinux 2572 Published by Philipp Esselbach 0

The AlmaLinux OS Foundation has released versions 9.8 and 10.2 simultaneously, marking the first time both stable builds launched on the same day. Version 9.8 delivers a critical kernel backport that eliminates excessive CPU spikes during task cleanup while updating core modules and security policies. Version 10.2 expands hardware compatibility by restoring disabled storage and network drivers, adds legacy i686 userspace support, and enables KVM for IBM POWER alongside modern language updates. Both releases include patches for recent high-profile vulnerabilities and are available across multiple architectures in ISO, cloud, container, and live image formats.

Kernel, Libsndfile, Firefox updates for AlmaLinux 8

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux recently pushed four important security patches for version 8 that target serious flaws in both system libraries and everyday software. The standard kernel and real-time variants address a local privilege escalation flaw linked to the Dirty Frag vulnerability plus a separate bug that exposed root files to regular users. Audio handling through libsndfile gets corrected for an integer overflow problem while Firefox and Thunderbird finally close memory safety gaps and prevent sandbox escapes in their web media components.

ALSA-2026:19666: kernel security update (Important)
ALSA-2026:19664: kernel-rt security update (Important)
ALSA-2026:19559: libsndfile security update (Important)
ALSA-2026:19588: firefox security update (Important)

Kernel, Ruby, Nginx, and more updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux distributed a batch of security patches that address serious vulnerabilities across versions 8 through 10 of its operating system. These updates target essential packages like the Linux kernel, Ruby, nginx, and libpng by closing flaws that could let attackers escalate privileges or run arbitrary code on compromised machines. You should apply these fixes right away because leaving systems unpatched leaves them wide open to remote exploitation.

ALSA-2026:16206: kernel security update (Important)
ALSA-2026:18065: ruby security update (Important)
ALSA-2026:18063: nginx security update (Critical)
ALSA-2026:18039: ruby security update (Important)
ALSA-2026:18030: ruby:3.3 security update (Important)
ALSA-2026:18064: libpng security update (Moderate)
ALSA-2026:18041: nginx:1.24 security update (Critical)

LibPNG and Nginx update for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux released two security updates to address serious vulnerabilities in popular server software. The moderate libpng patch resolves a use-after-free flaw that could allow arbitrary code execution. A separate critical advisory fixes nginx, which contains another vulnerability capable of enabling unauthorized remote commands. Administrators should install these packages immediately and consult the official errata links for complete technical details.

ALSA-2026:18028: libpng security update (Moderate)
ALSA-2026:18029: nginx security update (Critical)

Kernel, JQ, FreeRDP, GIMP, Rsync updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux pushed out a batch of critical security patches for versions 8 through 10. These updates tackle dangerous loopholes inside the core Linux kernel alongside popular utilities like jq, FreeRDP, GIMP, and rsync. You will find fixes for local privilege escalation bugs, remote code execution flaws, and memory corruption issues that could easily trigger service disruptions or unauthorized access. System owners ought to install these important errata right away to keep their networks safe from the newly disclosed threats.

ALSA-2026:A008: kernel security update (Important)
ALSA-2026:A010: kernel security update (Important)
ALSA-2026:16692: jq security update (Important)
ALSA-2026:A009: kernel security update (Important)
ALSA-2026:16482: freerdp security update (Moderate)
ALSA-2026:16195: kernel security update (Important)
ALSA-2026:17533: gimp:2.8 security update (Important)
ALSA-2026:17481: rsync security update (Important)

Yggdrasil, GIMP, Jq updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux released important security patches for yggdrasil, GIMP, and jq. These updates fix several critical vulnerabilities that could let attackers run malicious code or crash the software using crafted input files. Attackers could exploit these weaknesses through malformed image formats, broken JSON objects, and improper file permission checks.

ALSA-2026:17075: yggdrasil security update (Important)
ALSA-2026:16484: gimp security update (Important)
ALSA-2026:16693: jq security update (Important)

LibPNG, Corosync, Thunderbird, and more updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux recently distributed a series of security patches for versions 8 through 10. These updates target essential software components like FreeRDP, Thunderbird, Kerberos, and several graphics processing libraries across multiple operating system releases. The fixes resolve critical memory corruption flaws, privilege escalation risks, and denial of service conditions that could otherwise compromise system stability or expose sensitive data. System administrators should prioritize installing these corrections right away to prevent potential exploitation of the listed vulnerabilities.

ALSA-2026:14790: libpng security update (Moderate)
ALSA-2026:15969: glib2 security update (Moderate)
ALSA-2026:16014: freerdp security update (Moderate)
ALSA-2026:13644: corosync security update (Moderate)
ALSA-2026:14791: libpng security update (Moderate)
ALSA-2026:15892: thunderbird security update (Important)
ALSA-2026:15887: openexr security update (Important)
ALSA-2026:16875: git-lfs security update (Important)
ALSA-2026:16799: krb5 security update (Important)
ALSA-2026:16252: jq security update (Important)
ALSA-2026:16196: kernel-rt security update (Important)
ALSA-2026:16055: libtiff security update (Important)

OpenEXR, Libsoup3, Glib2, FreeRDP updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux released a batch of security patches for versions 8 through 10. The openexr update carries an important rating because it blocks arbitrary code execution triggered by malicious image files. Moderate fixes also target memory corruption bugs in glib2, denial of service flaws in libsoup3 and freerdp, plus several heap overflow issues that could leak sensitive data. System administrators should install these errata immediately to close the documented vulnerability gaps across their infrastructure.

ALSA-2026:15888: openexr security update (Important)
ALSA-2026:15968: libsoup3 security update (Moderate)
ALSA-2026:15971: glib2 security update (Moderate)
ALSA-2026:16019: freerdp security update (Moderate)
ALSA-2026:15953: glib2 security update (Moderate)

MiniGW, Kernel, Coresync, Freeipmi updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux distributed a series of security patches for operating system versions 8 through 10. These updates address critical flaws across several key packages including the Linux kernel, mingw-libtiff, corosync, and freeipmi that could otherwise enable remote code execution or cause service disruptions.

ALSA-2026:14929: mingw-libtiff security update (Important)
ALSA-2026:A007: kernel-rt security update (Important)
ALSA-2026:A004: kernel security update (Important)
ALSA-2026:A006: kernel security update (Important)
ALSA-2026:A005: kernel security update (Important)
ALSA-2026:13673: corosync security update (Moderate)
ALSA-2026:14819: freeipmi security update (Moderate)

Libsoup security update for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux released a moderate security update for version 8 to fix known issues in the libsoup HTTP library. The patch specifically targets CVE-2026-5119, an exploit that could leak sensitive cookie information while establishing HTTPS tunnels. You should install these refreshed packages right away to keep your systems safe from cleartext data exposure. Full technical reports and download links are available on the official errata website or by joining their community chat for support.

ALSA-2026:14087: libsoup security update (Moderate)

Python-Tornado, Corosync, Systemd, and more updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux distributed a batch of security errata for versions 8 through 10 throughout. The updates address moderate and important vulnerabilities in widely used software including the Linux kernel, Tornado web framework, Dovecot mail server, and several cluster management utilities. These patches fix critical weaknesses that could otherwise allow attackers to launch denial of service attacks, inject cookies, or escalate system privileges. IT administrators should apply these updates immediately to keep their networks secure and prevent potential service disruptions.

ALSA-2026:13670: python-tornado security update (Moderate)
ALSA-2026:13657: corosync security update (Moderate)
ALSA-2026:13902: resource-agents security update (Important)
ALSA-2026:13651: systemd security update (Moderate)
ALSA-2026:3840: image-builder security update (Important)
ALSA-2026:1838: image-builder security update (Moderate)
ALSA-2026:13916: fence-agents security update (Important)
ALSA-2026:13642: image-builder security update (Important)
ALSA-2026:13515: freeipmi security update (Moderate)
ALSA-2026:13641: python-tornado security update (Moderate)
ALSA-2026:13643: osbuild-composer security update (Important)
ALSA-2026:13498: dovecot security update (Important)
ALSA-2026:13565: kernel security update (Important)
ALSA-2026:13566: kernel security update (Important)
ALSA-2026:13917: fence-agents security update (Important)
ALSA-2026:13857: dovecot security update (Important)
ALSA-2026:13978: libsoup security update (Moderate)
ALSA-2026:14200: git-lfs security update (Important)

Kernel, Thunderbird, TigerVNC, and more updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux released a batch of security advisories to patch critical vulnerabilities across multiple system packages. Most notifications carry an Important severity rating and cover essential tools such as the Linux kernel, Thunderbird, TigerVNC, LibRaw, Dovecot, systemd, and image builder. Engineers addressed a wide array of dangerous flaws including memory corruption issues, privilege escalation risks, and information disclosure bugs that could compromise system stability. Administrators need to install these updates quickly because the patches also fix denial of service vulnerabilities in several widely deployed services.

ALSA-2026:13578: kernel-rt security update (Important)
ALSA-2026:13537: thunderbird security update (Important)
ALSA-2026:13414: tigervnc security update (Important)
ALSA-2026:13577: kernel security update (Important)
ALSA-2026:13284: LibRaw security update (Important)
ALSA-2026:13677: systemd security update (Moderate)
ALSA-2026:13671: image-builder security update (Important)
ALSA-2026:13830: dovecot security update (Important)
ALSA-2026:3839: image-builder security update (Important)

AlmaLinux 10.2 Beta released

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux 10.2 Beta Lavender Lion has arrived across all supported architectures, bringing a major refresh to the development stack with Python 3.14, PHP 8.4, Ruby 4.0, PostgreSQL 18, and MariaDB 11.8. The release restores legacy i686 userspace packages for older applications while updating core virtualization and container tools like Podman, QEMU-KVM, and libvirt. Security gets a noticeable upgrade through refreshed OpenSSL, OpenSSH, SELinux policies, and an early patch for the Copy Fail flaw tracked as CVE-2026-31431. Because this is strictly a beta build, system administrators should only validate it in isolated test environments and never push it to production until the stable version officially launches.

OpenSSH and Libcap updates for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux released important security updates for multiple system components. The OpenSSH patches cover versions 8 through 10 and fix five separate flaws that could enable privilege escalation or remote code execution. Another notification addresses a race condition in libcap version eight that might allow unauthorized access to file capabilities.

ALSA-2026:13381: openssh security update (Important)
ALSA-2026:13380: openssh security update (Important)
ALSA-2026:13285: libcap security update (Important)
ALSA-2026:13383: openssh security update (Important)

Thunderbird update for AlmaLinux

AlmaLinux 2572 Published by Philipp Esselbach 0

AlmaLinux has issued an important security update for Thunderbird on version 10 of its operating system. The patch addresses a long list of vulnerabilities that could allow attackers to exploit memory safety flaws or escalate privileges within the browser and email client. These issues range from incorrect boundary conditions in networking components to dangerous use after free errors that might leak sensitive information or bypass security mitigations. System administrators should install the updated packages as soon as possible to keep their mail clients secure and prevent potential exploitation.

ALSA-2026:12285: thunderbird security update (Important)

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...