Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

Three security updates have been released for AlmaLinux 8: two kernel security updates (ALSA-2025:16372 and ALSA-2025:16373) with a moderate severity rating and one additional kernel security update (ALSA-2025:15785) with an Important severity rating. The first two updates address vulnerabilities in the Linux kernel, including a TOCTOU issue and a HID core vulnerability. The third update addresses four separate issues, including a USB packet length limit and a notification handling bug.

ALSA-2025:16372: kernel security update (Moderate)
ALSA-2025:16373: kernel-rt security update (Moderate)
ALSA-2025:15785: kernel security update (Important)

GnuTLS, Python-Cryptography, OpenTelemetry, MySQL updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

A security update has been released for AlmaLinux 10, which includes fixes for vulnerabilities in GnuTLS (ALSA-2025:16115). Additionally, multiple security updates have been released for AlmaLinux 9, which includes fixes for vulnerabilities in python-cryptography (ALSA-2025:15874), OpenTelemetry-collector (ALSA-2025:15887), and multiple unspecified vulnerabilities in MySQL (ALSA-2025:16046).

ALSA-2025:16115: gnutls security, bug fix, and enhancement update (Moderate)
ALSA-2025:15874: python-cryptography security update (Moderate)
ALSA-2025:15887: opentelemetry-collector security update (Moderate)
ALSA-2025:16046: mysql:8.4 security update (Moderate)

Container-Tools, Podman, Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released three security updates: ALSA-2025:15904 for container-tools on AlmaLinux 8, ALSA-2025:15901 for podman on AlmaLinux 10, and ALSA-2025:15662 for kernel on AlmaLinux 10. The common issue addressed in all three updates is a vulnerability that could allow the "kube play" command to overwrite host files (CVE-2025-9566).

ALSA-2025:15904: container-tools:rhel8 security update (Important)
ALSA-2025:15901: podman security update (Important)
ALSA-2025:15662: kernel security update (Important)

Kernel and Kernel-RT updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several important security updates for kernel and kernel-rt packages to address various vulnerabilities. The first update (ALSA-2025:15429) fixes two vulnerabilities in the Linux kernel, including a buffer overflow during udmabuf creation (CVE-2025-37803). The second update (ALSA-2025:15661) addresses four additional security issues, including the use-after-free and double-free on init error (CVE-2025-22097), while the third update (ALSA-2025:15786) fixes three vulnerabilities in kernel-rt packages.

ALSA-2025:15429: kernel security update (Important)
ALSA-2025:15661: kernel security update (Important)
ALSA-2025:15786: kernel-rt security update (Important)

Kernel update for AlmaLinux 10

AlmaLinux 2483 Published by Philipp Esselbach 0

A security update has been released for AlmaLinux 10, which addresses several vulnerabilities in the Linux kernel. The update fixes issues with drm/vkms, udmabuf, net/sched, and drm/gem, including use-after-free and double-free errors, buffer size overflows, and notifications not being passed when child classes become empty. The CVEs for these vulnerabilities are CVE-2025-22097, CVE-2025-37803, CVE-2025-38350, and CVE-2025-38449.

ALSA-2025:15447: kernel security update (Important)

MySQL and CUPS updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux Security team has released two updates to fix vulnerabilities in their system. The first update, ALSA-2025:15699, addresses multiple security issues in MySQL and OpenSSL, affecting AlmaLinux 10 with a moderate severity rating. The second update, ALSA-2025:15702, fixes an authentication bypass vulnerability in the CUPS printing system, affecting AlmaLinux 8 with an important severity rating. Both updates are available for download on the AlmaLinux website, along with full details and references to learn more about the security issues fixed.

ALSA-2025:15699: mysql-selinux and mysql8.4 security update (Moderate)
ALSA-2025:15702: cups security update (Important)

Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released two important and one moderate security update for its kernel packages to address various vulnerabilities. The two important updates (ALSA-2025:15472 and ALSA-2025:15471) fix issues with bpf array range checking and posix-cpu-timers, while the moderate update (ALSA-2025:15008) addresses several vulnerabilities, including use-after-free bugs in RDMA/iwcm, scsi/lpfc, tipc, and net/sched.

ALSA-2025:15472: kernel-rt security update (Important)
ALSA-2025:15471: kernel security update (Important)
ALSA-2025:15008: kernel security update (Moderate)

AlmaLinux OS 10: Enhancing User Experience with CodeReady Linux Builder Repository

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has announced that the CodeReady Linux Builder (CRB) repository will be enabled by default in AlmaLinux OS 10, aiming to resolve common issues with installing packages from Fedora Extra Packages for Enterprise Linux (EPEL). This change is designed to simplify the user experience and reduce the number of erroneous bug reports filed with EPEL maintainers. Existing AlmaLinux OS systems will automatically have the CRB repository enabled in preparation for the upcoming AlmaLinux OS 10.1 release, although users can opt out by disabling it using config-manager.

PAM security update update for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

An AlmaLinux security update has been released for AlmaLinux 8. The update addresses a security vulnerability in Pluggable Authentication Modules (PAM) known as Linux-PAM directory traversal (CVE-2025-6020). This issue affects the linux-pam package, and users are advised to refer to the CVE page listed in the References section for more information on the security issue's impact.

ALSA-2025:14557: pam security update (Important)

HTTPD, Pam, PostgreSQL updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux team has released three security updates to address vulnerabilities in various packages: httpd (Apache HTTP Server), pam (Pluggable Authentication Modules), and postgresql:12. The first update, ALSA-2025:15095, resolves issues with mod_ssl in httpd, including insufficient escaping of user-supplied data and access control bypass by trusted clients. The second update, ALSA-2025:15099, addresses a directory traversal vulnerability in pam (CVE-2025-6020) and an incomplete fix for the same issue (CVE-2025-8941). The third update, ALSA-2025:15115, fixes two issues with postgresql:12, including arbitrary code execution during restore operations (CVE-2025-8715) and code execution in restore operations (CVE-2025-8714).

ALSA-2025:15095: httpd security update (Moderate)
ALSA-2025:15099: pam security update (Important)
ALSA-2025:15115: postgresql:12 security update (Important)

Kernel, PostgreSQL, mod_http2 updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux team has released several security updates to address vulnerabilities in various packages, including kernel-rt, kernel, postgresql:15, and mod_http2. The updates are categorized as moderate or Important severity and affect AlmaLinux 8 and 9 versions. Specific security fixes include patches for potential use-after-free bugs in the kernel and a fix for code execution vulnerabilities in postgresql:15.

ALSA-2025:15009: kernel-rt security update (Moderate)
ALSA-2025:14438: kernel security update (Moderate)
ALSA-2025:14862: postgresql:15 security update (Important)
ALSA-2025:14983: mod_http2 security update (Moderate)

Kernel and Python updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux Security team has released important and moderate severity updates to address vulnerabilities in the kernel and Python 3.9. The kernel update fixes three security issues, including a double list add bug (CVE-2025-37914), an MMIO write access issue (CVE-2025-38200), and an eswitch code memory leak (CVE-2025-38417). The Python 3.9 update addresses two vulnerabilities: a path traversal vulnerability in setuptools (CVE-2025-47273) and an infinite loop when parsing a tarfile (CVE-2025-8194).

ALSA-2025:14510: kernel security update (Important)
ALSA-2025:14900: python39:3.9 security update (Moderate)

PostgreSQL, Thunderbird, Python updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

Multiple security updates have been issued for different packages on AlmaLinux, encompassing PostgreSQL and Thunderbird. The updates tackle vulnerabilities including code execution in restore operations (CVE-2025-8714 and CVE-2025-8715) and denial-of-service resulting from out-of-memory issues (CVE-2025-9182). Additionally, a security update was released for Python 3.11, which fixes an infinite loop issue when parsing tarfiles (CVE-2025-8194).

ALSA-2025:14826: postgresql16 security update (Important)
ALSA-2025:14844: thunderbird security update (Important)
ALSA-2025:14640: thunderbird security update (Important)
ALSA-2025:14827: postgresql:16 security update (Important)
ALSA-2025:14878: postgresql security update (Important)
ALSA-2025:14841: python3.11 security update (Moderate)
ALSA-2025:14899: postgresql:16 security update (Important)

Thunderbird, Fence-Agents, Kernel-RT, Firefox, Python-Cryptography, AIDE updates for AlmaLinux 8

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates for AlmaLinux 8, including updates for Mozilla Thunderbird (ALSA-2025:14743), fence-agents (ALSA-2025:14750), kernel-rt (ALSA-2025:14439), Firefox (ALSA-2025:14442 and ALSA-2025:14553), python-cryptography (ALSA-2025:14553), and aide (ALSA-2025:14573). The updates address various security vulnerabilities, including denial-of-service, sandbox escape, same-origin policy bypass, and NULL-dereference issues. Some of the updates are rated as important, while others are rated as moderate.

ALSA-2025:14743: thunderbird security update (Important)
ALSA-2025:14750: fence-agents security update (Moderate)
ALSA-2025:14439: kernel-rt security update (Moderate)
ALSA-2025:14442: firefox security update (Important)
ALSA-2025:14553: python-cryptography security update (Moderate)
ALSA-2025:14573: aide security update (Important)

Firefox, AIDE, mod_http2, Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates for various packages, including kernel, firefox, aide, and mod_http2. The updates fix important vulnerabilities such as memory leaks, denial-of-service attacks, and sandbox escapes in kernel (CVE-2025-22058, CVE-2025-37914), firefox (CVE-2025-9182, CVE-2025-9179, CVE-2025-9180), aide (CVE-2025-54389), and mod_http2 (CVE-2025-49630). The updates are available for AlmaLinux 9 and 10.

ALSA-2025:14420: kernel security update (Important)
ALSA-2025:14416: firefox security update (Important)
ALSA-2025:14493: aide security update (Important)
ALSA-2025:14592: aide security update (Important)
ALSA-2025:14417: firefox security update (Important)
ALSA-2025:14625: mod_http2 security update (Moderate)

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...