LibTIFF updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

A security update for AlmaLinux 8 has been released to fix an important vulnerability in the libtiff packages. The issue, identified as CVE-2025-9900, is related to Libtiff Write-What-Where and requires immediate attention from users. For more information about the security issue, including impact, CVSS score, and acknowledgments, users can refer to the CVE page listed in the References section. Users can find full details on the update, updated packages, and other related information by visiting the provided link.

ALSA-2025:19276: libtiff security update (Important)

LibTIFF, OpenJDK, Redis updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates for its systems, including updates for libtiff (important), java-21-openjdk (moderate), and redis (important). The libtiff update fixes a Write-What-Where vulnerability (CVE-2025-9900) in the library. The java-21-openjdk update addresses three vulnerabilities, including Enhance Path Factories (CVE-2025-53066), Enhance Certificate Handling (CVE-2025-53057), and Enhance String Handling (CVE-2025-61748). The Redis updates address four vulnerabilities, including Lua library commands that may lead to integer overflow and potential RCE (CVE-2025-46817) and Redis: Authenticated users can execute LUA scripts as a different user (CVE-2025-46818).

ALSA-2025:19156: libtiff security update (Important)
ALSA-2025:18824: java-21-openjdk security update (Moderate)
ALSA-2025:18821: java-17-openjdk security update (Moderate)
ALSA-2025:18815: java-1.8.0-openjdk security update (Moderate)
ALSA-2025:18824: java-21-openjdk security update (Moderate)
ALSA-2025:19237: redis security update (Important)
ALSA-2025:18815: java-1.8.0-openjdk security update (Moderate)
ALSA-2025:18821: java-17-openjdk security update (Moderate)
ALSA-2025:18824: java-21-openjdk security update (Moderate)
ALSA-2025:19238: redis:6 security update (Important)

LibTIFF, Squid, Kernel, Thunderbird updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

Four security updates have been released for AlmaLinux, including updates for libtiff, squid, kernel, and thunderbird. The libtiff update addresses two vulnerabilities (CVE-2025-8176 and CVE-2025-9900) classified as Important, while the squid update fixes a vulnerability (CVE-2025-62168) also classified as Important. The kernel updates address six vulnerabilities (CVE-2023-53297, CVE-2025-39817, CVE-2023-53386, CVE-2022-50386, CVE-2025-39849, and CVE-2025-39841), all classified as moderate. Meanwhile, the Thunderbird update addresses seven security vulnerabilities (CVE-2025-11714 to CVE-2025-11712), also classified as important.

ALSA-2025:19113: libtiff security update (Important)
ALSA-2025:19107: squid:4 security update (Important)
ALSA-2025:19102: kernel security update (Moderate)
ALSA-2025:19103: kernel-rt security update (Moderate)
ALSA-2025:18983: thunderbird security update (Important)

Webkit2GTK3 security update for AlmaLinux 9

AlmaLinux 2483 Published by Philipp Esselbach 0

A security update has been released for AlmaLinux 9 to address several vulnerabilities in WebKitGTK, a web rendering engine. The vulnerabilities include potential crashes and unauthorized access to sensor information without user consent. The update fixes five security issues identified by CVE numbers: CVE-2025-43272, CVE-2025-43342, CVE-2025-43356, CVE-2025-43368, and CVE-2025-43343.

ALSA-2025:18097: webkit2gtk3 security update (Important)

Thunderbird, Kernel, IPA updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux team has released several security updates, including important updates for Mozilla Thunderbird and the kernel on AlmaLinux 10, as well as an important update for FreeIPA on AlmaLinux 9. The kernel updates address multiple vulnerabilities, including those that could lead to privilege escalation or denial-of-service attacks. Additionally, a new security update for Mozilla Thunderbird has been released for both AlmaLinux 9 and 10, addressing memory safety bugs and other issues.

ALSA-2025:18320: thunderbird security update (Important)
ALSA-2025:18318: kernel security update (Moderate)
ALSA-2025:17084: ipa security update (Important)
ALSA-2025:18321: thunderbird security update (Important)
ALSA-2025:18281: kernel security update (Moderate)

AlmaLinux 10.1 Beta released

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux OS Foundation has released the beta version of AlmaLinux 10.1, dubbed "Heliotrope Lion", which is available on various architectures, including x86_64, ARM64, and IBM Z. This beta release includes support for the Btrfs filesystem, improved performance enhancements, updated developer toolsets, and enhanced security features such as updated SELinux policies and OpenSSL. AlmaLinux 10.1 Beta also introduces new versions of key compilers and utilities, improved debugging and networking tools, and upgraded container and virtualization support. The full release notes are available on the wiki, and users can download the necessary ISO files from repo.almalinux.org, but it's not recommended for production installations due to potential bugs.

Kernel, Firefox, .NET, and more updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates for various packages, including kernel-rt, perl-JSON-XS, libssh, .NET 8.0, and Firefox. The updates address vulnerabilities such as memory safety bugs, out-of-bounds read/write issues, and buffer overflows (CVEs 2025-39757, 2025-39751, 2023-53373, 2025-40928, etc.). Most of the security fixes are considered moderate or important in severity.

ALSA-2025:18298: kernel-rt security update (Moderate)
ALSA-2025:17163: perl-JSON-XS security update (Moderate)
ALSA-2025:18286: libssh security update (Moderate)
ALSA-2025:18148: .NET 8.0 security update (Important)
ALSA-2025:18297: kernel security update (Moderate)
ALSA-2025:18285: firefox security update (Important)
ALSA-2025:18154: firefox security update (Important)
ALSA-2025:17162: perl-JSON-XS security update (Moderate)
ALSA-2025:18155: firefox security update (Important)
ALSA-2025:18149: .NET 8.0 security update (Important)

LibSSH and Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

Two security updates have been released for AlmaLinux: one for libssh (ALSA-2025:18275) and another for the kernel (ALSA-2025:17776). The libssh update, which was initially released on October 17, 2025, addresses an out-of-bounds read in sftp_handle() (CVE-2025-5318), classified as a moderate security risk. The kernel update, also released on October 17, 2025, fixes three vulnerabilities: HID: core: Harden s32ton(), wifi: ath12k: Decrement TID on RX peer frag setup error handling, and ALSA: usb-audio: Validate UAC3 cluster segment descriptors (CVE-2025-38556, CVE-2025-39761, and CVE-2025-39757). These updates are available for AlmaLinux versions 9 and 10.

ALSA-2025:18275: libssh security update (Moderate)
ALSA-2025:17776: kernel security update (Moderate)
ALSA-2025:18231: libssh security update (Moderate)

Kernel and Libsoup updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux Security team has released two security updates: one for kernel (moderate severity) and one for libsoup3 (important severity). The kernel update fixes four vulnerabilities, including ones that affect HID, eventpoll, ALSA, and crypto components. The libsoup3 update addresses a single vulnerability related to an out-of-bounds read in cookie date handling in the HTTP library. Both updates are available on AlmaLinux versions 9 and 10, respectively, with detailed information found at the provided links.

ALSA-2025:17760: kernel security update (Moderate)
ALSA-2025:18183: libsoup3 security update (Important)

Kernel, Webkit2GTK3, VIM updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux Security team has released security updates for various packages, including kernel, webkit2gtk3, kernel-rt, and vim. The updates address multiple vulnerabilities, including issues with path traversal and use-after-free bugs. Three separate updates were released for different versions of AlmaLinux (8, 10, and 9), each addressing the same vulnerabilities in the respective packages.

ALSA-2025:17797: kernel security update (Moderate)
ALSA-2025:17802: webkit2gtk3 security update (Important)
ALSA-2025:17812: kernel-rt security update (Moderate)
ALSA-2025:17913: vim security update (Moderate)
ALSA-2025:17742: vim security update (Moderate)

IPUtils, Open-VM-Tools, Compat-LibTIFF3, Vim updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates, including for iputils (Moderate), open-vm-tools (Important), libtiff3 (Important), and vim (Moderate). The iputils update fixes an integer overflow vulnerability (CVE-2025-48964) and is applicable to AlmaLinux 9. The other updates fix vulnerabilities in open-vm-tools, libtiff3, and vim, with the former two being important and the latter moderate.

ALSA-2025:17558: iputils security update (Moderate)
ALSA-2025:17428: open-vm-tools security update (Important)
ALSA-2025:17675: compat-libtiff3 security update (Important)
ALSA-2025:17715: vim security update (Moderate)

Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

Two security updates have been released for AlmaLinux: one for version 9 (ALSA-2025:17377) and another for version 10 (ALSA-2025:17396), both classified as moderate severity. The update for AlmaLinux 9 addresses three vulnerabilities, including CVE-2024-50301, CVE-2025-38351, and CVE-2025-39761 in the Linux kernel. The update for AlmaLinux 10 fixes two vulnerabilities, namely CVE-2025-22026 and CVE-2025-38718, also affecting the kernel packages.

ALSA-2025:17377: kernel security update (Moderate)
ALSA-2025:17396: kernel security update (Moderate)

Open-VM-Tools, Kernel, GnuTLS updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux team has released several security updates to address vulnerabilities and issues in various packages. The first update (ALSA-2025:17509) addresses a local privilege escalation vulnerability in open-vm-tools, affecting AlmaLinux 8. The second and third updates (ALSA-2025:17397 and ALSA-2025:17398) resolve use-after-free and filehandle bounds checking issues in the kernel, also affecting AlmaLinux 8. A fourth update (ALSA-2025:17415) resolves vulnerabilities and bugs in the gnutls package, including a NULL pointer dereference issue.

ALSA-2025:17509: open-vm-tools security update (Important)
ALSA-2025:17397: kernel security update (Moderate)
ALSA-2025:17398: kernel-rt security update (Moderate)
ALSA-2025:17415: gnutls security, bug fix, and enhancement update (Moderate)

AlmaLinux 9.7 Beta released

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux OS Foundation has released the beta version of AlmaLinux 9.7, called "Moss Jungle Cat," which supports multiple architectures including Intel/AMD, ARM64, IBM PowerPC, and IBM Z. This beta release is still under development, and users who choose to upgrade their systems during this period do so at their own risk. The new version includes features such as improved performance, updated development tools, stronger security, and better support for containers and virtualization through newer versions of Podman and Buildah. Users can find detailed information about the release in the AlmaLinux OS wiki, which provides a comprehensive summary of all the new features and enhancements included in the latest beta version.

IdM and Kernel updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux team has released two security updates: ALSA-2025:17129 and ALSA-2025:16904. The first update, ALSA-2025:17129, is for AlmaLinux 8 and fixes an important vulnerability in FreeIPA that allows privilege escalation from host to domain admin (CVE-2025-7493). The second update, ALSA-2025:16904, affects AlmaLinux 10 and addresses six moderate security issues, including a secretmem LSM bypass and use-after-free bugs (CVEs 2025-38396, 2025-38527, 2025-38523, 2025-39682, 2025-39698, and 2025-39694).

ALSA-2025:17129: idm:DL1 security update (Important)
ALSA-2025:16904: kernel security update (Moderate)

Kernel, MySQL, OpenSSH, Perl-JSON-XS updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

A series of security updates have been released for various packages, including kernel and MySQL, which address vulnerabilities such as crashes, use-after-free bugs, and integer buffer overflows. The updates include fixes for Linux kernels 9 and 8, as well as a MySQL update for version 8. Other packages that have received security updates are openssh, perl-JSON-XS, and kernel-rt.

ALSA-2025:16880: kernel security update (Moderate)
ALSA-2025:16919: kernel security update (Moderate)
ALSA-2025:16861: mysql:8.0 security update (Moderate)
ALSA-2025:16920: kernel-rt security update (Moderate)
ALSA-2025:16823: openssh security update (Moderate)
ALSA-2025:17119: perl-JSON-XS security update (Moderate)

Python 3.12, Kernel, UDisks2, and more updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates to address vulnerabilities in various packages, including Python3.12, Kernel, UDisks2, HTTPD, Firefox, MySQL, Podman, and GnuTLS. The severity of these updates ranges from moderate to important, with several critical patches included for kernel, cups, postgresql, and php. Additionally, security updates have been released for other packages such as Python 3.9, Python 3.11, CUPS, Avahi, libtpms, and opentelemetry-collector.

ALSA-2025:15007: python3.12 security update (Moderate)
ALSA-2025:15011: kernel security update (Important)
ALSA-2025:15018: udisks2 security update (Important)
ALSA-2025:15019: python3.9 security update (Moderate)
ALSA-2025:15023: httpd security update (Moderate)
ALSA-2025:15010: python3.11 security update (Moderate)
ALSA-2025:15700: cups security update (Important)
ALSA-2025:16108: firefox security update (Important)
ALSA-2025:16086: mysql security update (Moderate)
ALSA-2025:15900: podman security update (Important)
ALSA-2025:16116: gnutls security, bug fix, and enhancement update (Moderate)
ALSA-2025:16398: kernel security update (Moderate)
ALSA-2025:14984: python3.12 security update (Moderate)
ALSA-2025:16432: opentelemetry-collector security update (Moderate)
ALSA-2025:15005: kernel security update (Moderate)
ALSA-2025:16354: kernel security update (Moderate)
ALSA-2025:13941: golang security update (Important)
ALSA-2025:15020: udisks2 security update (Important)
ALSA-2025:15701: cups security update (Important)
ALSA-2025:16428: libtpms security update (Moderate)
ALSA-2025:16441: avahi security update (Moderate)
ALSA-2025:14560: python3 security update (Moderate)
ALSA-2025:15017: udisks2 security update (Important)
ALSA-2025:15021: postgresql:13 security update (Important)
ALSA-2025:15022: postgresql:15 security update (Important)
ALSA-2025:15687: php:8.2 security update (Moderate)

Kernel, Firefox, Thunderbird updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

AlmaLinux has released several security updates for its users, including Kernel, Firefox, and Thunderbird updates. The kernel update (ALSA-2025:15782) fixes seven vulnerabilities with a severity level of Moderate, while the Firefox/Thunderbird updates (ALSA-2025:16109, ALSA-2025:16157, ALSA-2025:16156, and ALSA-2025:16589) fix seven vulnerabilities each with a severity level of Important.

ALSA-2025:15782: kernel security update (Moderate)
ALSA-2025:16109: firefox security update (Important)
ALSA-2025:16157: thunderbird security update (Important)
ALSA-2025:16156: thunderbird security update (Important)
ALSA-2025:16589: thunderbird security update (Important)
ALSA-2025:16260: firefox security update (Important)

Kernel and Grub2 updates for AlmaLinux

AlmaLinux 2483 Published by Philipp Esselbach 0

The AlmaLinux team has released two security updates: one for the kernel (ALSA-2025:15740) and another for grub2 (ALSA-2025:16154). The kernel update, which affects AlmaLinux 9, addresses a moderate-severity vulnerability related to IPv6 multicast. The grub2 update, affecting AlmaLinux 10, fixes multiple vulnerabilities, including integer overflows, use-after-free issues, and out-of-bounds writes that can be triggered by malicious input.

ALSA-2025:15740: kernel security update (Moderate)
ALSA-2025:16154: grub2 security update (Moderate)

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...