Kernel, Munge, Grafana updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several important security updates to address vulnerabilities in various packages, including the kernel-rt, kernel, munge, and grafana software. The updates address multiple use-after-free issues in the kernel, as well as a buffer overflow vulnerability in MUNGE and CPU consumption and memory exhaustion issues in Grafana.

ALSA-2026:3110: kernel-rt security update (Important)
ALSA-2026:2720: kernel security update (Moderate)
ALSA-2026:3032: munge security update (Important)
ALSA-2026:3083: kernel security update (Important)
ALSA-2026:3188: grafana security update (Important)
ALSA-2026:3187: grafana-pcp security update (Important)

OpenSSL and Kernel-RT updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has issued two updates: ALSA-2026:3042, a moderate security update for OpenSSL, and ALSA-2026:2821, another moderate update for the kernel-rt packages. The OpenSSL update fixes an arbitrary code execution vulnerability in PKCS#12 processing (CVE-2025-69419). The kernel-rt update addresses multiple vulnerabilities, including out-of-bounds writes, use-after-free errors, and privilege escalation possibilities (CVE-2025-40168, CVE-2023-53762, and CVE-2025-40304). Users can find more information about the updates on the AlmaLinux errata page.

ALSA-2026:3042: openssl security update (Moderate)
ALSA-2026:2821: kernel-rt security update (Moderate)

Grafana security update for AlmaLinux 10

AlmaLinux 2538 Published by Philipp Esselbach 0

A security update has been released for Grafana on AlmaLinux 10. The update fixes multiple vulnerabilities, including denial of service due to crafted certificates and privilege escalation through dashboard permissions bypass. Other issues addressed include excessive CPU consumption when building archives and memory exhaustion during query parameter parsing.

ALSA-2026:2914: grafana security update (Important)

Go, GnuPG2, NodeJS, EDK2, GlibC, PHP updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Several security updates are available for AlmaLinux, including patches for Go and Node.js. The Go update fixes multiple vulnerabilities that could lead to CPU consumption issues, memory exhaustion, or code execution, while the Node.js update addresses several denial-of-service and file permissions bypass issues. Other updates include a GnuPG patch that fixes a buffer overflow vulnerability in tpm2daemon and a glibc update that addresses integer overflows and information disclosure issues.

ALSA-2026:2706: golang security update (Important)
ALSA-2026:2719: gnupg2 security update (Important)
ALSA-2026:2781: nodejs:24 security update (Important)
ALSA-2026:2776: edk2 security update (Moderate)
ALSA-2026:2786: glibc security update (Moderate)
ALSA-2026:2799: php security update (Moderate)

Golang and GIMP updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux team has released two security updates: one for golang and another for GIMP, both classified as Important. The golang update addresses four vulnerabilities that could allow an attacker to perform excessive CPU consumption, memory exhaustion, code smuggling, or unexpected session resumption. The GIMP update fixes a heap-based buffer overflow vulnerability in the program that could be exploited by specially crafted PSP files (CVE-2025-15059).

ALSA-2026:2709: golang security update (Important)
ALSA-2026:2707: gimp security update (Important)

Go-Toolset for AlmaLinux 8

AlmaLinux 2538 Published by Philipp Esselbach 0

An important security update for AlmaLinux 8 has been released, addressing four vulnerabilities in the Go Toolset. The issues include excessive CPU consumption when building archive index, memory exhaustion while parsing query parameters, potential code smuggling via doc comments, and unexpected session resumption. These problems have been fixed with new updates available on the AlmaLinux website.

ALSA-2026:2708: go-toolset:rhel8 security update (Important)

PHP, NodeJS, GCC-Toolset, Firefox, Python updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Multiple security updates have been announced for AlmaLinux 8, affecting various packages including PHP 7.4, Node.js, GCC toolset binutils, Firefox, and Python 3.12. The updates address several vulnerabilities, including potential code execution, information disclosure, denial of service, and heap buffer overflows. Most of the updates are categorized as Moderate or Important severity, with a few being rated as Critical.

ALSA-2026:2470: php:7.4 security update (Moderate)
ALSA-2026:2421: nodejs:22 security update (Important)
ALSA-2026:2627: gcc-toolset-14-binutils security update (Moderate)
ALSA-2026:2420: nodejs:24 security update (Important)
ALSA-2026:0667: firefox security update (Important)
ALSA-2026:2419: python3.12 security update (Moderate)
ALSA-2026:2422: nodejs:20 security update (Important)

Kernel, PCS, Libsoup3, Image-Builder, Keylime updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux, including kernel and pcs package updates. The kernel updates address multiple vulnerabilities, such as memory corruption and use-after-free bugs, while the pcs update fixes a prototype pollution issue in the lodash library. Additionally, keylime and libsoup3 packages have also received security updates to fix an authentication bypass vulnerability and a stack-based buffer overflow issue, respectively.

ALSA-2026:2282: kernel security update (Moderate)
ALSA-2026:2438: pcs security update (Important)
ALSA-2026:2410: libsoup3 security update (Important)
ALSA-2026:1377: image-builder security update (Moderate)
ALSA-2026:2212: kernel security update (Moderate)
ALSA-2026:2452: pcs security update (Important)
ALSA-2026:2224: keylime security update (Critical)

GIT-LFS and Broti updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux has released two security updates for its users: ALSA-2026:2323 and ALSA-2026:2389. The first update addresses a denial of service vulnerability in Git Large File Storage (LFS) due to excessive resource consumption via crafted certificates, affecting the crypto/x509 module in golang. The second update fixes a Python brotli decompression bomb DoS issue in Scrapy's python-scrapy package. Both updates are available for AlmaLinux 8 and have been released as part of an Important security patch.

ALSA-2026:2323: git-lfs security update (Important)
ALSA-2026:2389: brotli security update (Important)

FreRDP, Keylime, Fontforge, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux has released multiple security updates to address vulnerabilities in several packages. The most severe update is ALSA-2026:2222, which affects FreeRDP and fixes six vulnerabilities that could allow for denial of service or code execution. Other important updates include ALSA-2026:1905, which addresses a vulnerability in the fence-agents package, and ALSA-2026:2230, which fixes three vulnerabilities in the FontForge package. Additionally, multiple other packages have received security updates, including util-linux, pyasn1, and open-telemetry-collector.

ALSA-2026:2048: freerdp security update (Important)
ALSA-2026:2222: freerdp security update (Important)
ALSA-2026:2225: keylime security update (Critical)
ALSA-2026:2230: fontforge security update (Important)
ALSA-2026:1905: fence-agents security update (Important)
ALSA-2026:1852: util-linux security update (Moderate)
ALSA-2026:1906: fence-agents security update (Important)
ALSA-2026:1907: opentelemetry-collector security update (Important)
ALSA-2026:2378: kernel-rt security update (Moderate)
ALSA-2026:1904: resource-agents security update (Important)
ALSA-2026:2220: thunderbird security update (Important)
ALSA-2026:2216: libsoup security update (Important)
ALSA-2026:1903: fence-agents security update (Important)
ALSA-2026:1908: opentelemetry-collector security update (Important)
ALSA-2026:1913: util-linux security update (Moderate)
ALSA-2026:1939: python3.12-wheel security update (Important)

Fontforge, NodeJS, Thunderbird, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Multiple security updates have been released by AlmaLinux, including patches for FontForge, Node.js, Mozilla Thunderbird, and Firefox to address remote code execution vulnerabilities and other issues. The updates also include fixes for a heap-based buffer overflow in BMP file parsing, a use-after-free bug in SFD file parsing, and denial of service vulnerabilities in Node.js. Additionally, the kernel packages have been updated to resolve several security issues, including a Linux kernel ALSA USB audio driver buffer overflow that could lead to information disclosure and denial of service. Users can find more details about these updates on the AlmaLinux errata website, which includes full package listings and other related information.

ALSA-2026:2039: fontforge security update (Important)
ALSA-2026:1843: nodejs22 security update (Important)
ALSA-2026:2286: thunderbird security update (Important)
ALSA-2026:2271: firefox security update (Important)
ALSA-2026:1831: qemu-kvm security update (Moderate)
ALSA-2026:1837: osbuild-composer security update (Moderate)
ALSA-2026:2182: libsoup3 security update (Important)
ALSA-2026:1842: nodejs24 security update (Important)
ALSA-2026:2215: libsoup security update (Important)
ALSA-2026:2264: kernel security update (Moderate)
ALSA-2026:2124: osbuild-composer security update (Important)

Python, FreeRDP, Kernel updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Multiple security updates are available for various packages on AlmaLinux systems, including Python 3 and FreeRDP. The affected versions include AlmaLinux 8 and 9, with vulnerabilities addressed in the updates including a privilege escalation or code execution flaw in Python 3.12-wheel and several heap buffer overflow issues in FreeRDP. Additionally, a kernel security update is available for AlmaLinux 9, addressing flaws such as a stack out-of-bounds write vulnerability.

ALSA-2026:2090: python3.12-wheel security update (Important)
ALSA-2026:2128: python3 security update (Moderate)
ALSA-2026:2081: freerdp security update (Important)
ALSA-2026:1617: kernel security update (Moderate)

Kernel, CURL, Brotli, Python updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several important and moderate security updates to address vulnerabilities in various packages, including kernel, python-wheel, curl, python3.12, and brotli. These updates aim to fix issues such as use-after-free vulnerabilities, out-of-bounds reads, and denial of service attacks that could compromise system security. The CVEs listed for each update include Linux kernel vulnerabilities (CVE-2025-37819, CVE-2025-38349), python-wheel privilege escalation (CVE-2026-24049), curl out-of-bounds read (CVE-2025-9086), and brotli decompression bomb DoS (CVE-2025-6176).

ALSA-2026:1690: kernel security update (Important)
ALSA-2026:1902: python-wheel security update (Important)
ALSA-2026:1825: curl security update (Moderate)
ALSA-2026:1828: python3.12 security update (Moderate)
ALSA-2026:2042: brotli security update (Important)

Wireshark, Util-Linux, Golang-Github-Openprinting-IPP-USB updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

AlmaLinux has issued three security updates to address vulnerabilities in its system. The first update, ALSA-2026:1714, fixes a NULL Pointer Dereference in Wireshark (CVE-2025-9817) and is rated as Moderate severity. The second update, ALSA-2026:1696, addresses a Heap buffer overread in util-linux (CVE-2025-14104), also classified as Moderate severity. The third update, ALSA-2026:1715, fixes a Denial of Service vulnerability due to excessive resource consumption in golang-github-openprinting-ipp-usb and is rated as Important severity.

ALSA-2026:1714: wireshark security update (Moderate)
ALSA-2026:1696: util-linux security update (Moderate)
ALSA-2026:1715: golang-github-openprinting-ipp-usb security update (Important)

Kernel, Iperf3, PHP, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux team has released several security updates to address various vulnerabilities in their operating system and related packages. The updates include fixes for issues such as denial of service, heap buffer overflows, and information disclosure in packages like kernel, iperf3, PHP, fence-agents, openssl, and python3. The severity levels of the updates range from Moderate to Important, with multiple patches released for critical vulnerabilities.

ALSA-2026:1178: kernel security update (Moderate)
ALSA-2026:1597: iperf3 security update (Moderate)
ALSA-2026:1628: php security update (Important)
ALSA-2026:1239: fence-agents security update (Important)
ALSA-2026:1359: gcc-toolset-15-binutils security update (Moderate)
ALSA-2026:1409: php:8.2 security update (Important)
ALSA-2026:1381: osbuild-composer security update (Moderate)
ALSA-2026:1473: openssl security update (Important)
ALSA-2026:1595: iperf3 security update (Moderate)
ALSA-2026:1662: kernel security update (Moderate)
ALSA-2026:1661: kernel-rt security update (Moderate)
ALSA-2026:1631: python3 security update (Moderate)
ALSA-2026:1592: iperf3 security update (Moderate)
ALSA-2026:1412: php:8.2 security update (Important)

Python, PHP, Kernel, OpenJDK, CURL updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux 9, addressing vulnerabilities in various packages, including Python, PHP, kernel, Java, and curl. The updates are categorized by severity, with one update marked as important due to its potential impact on system stability. Specific security fixes include excessive read buffering DoS in http.client, heap-based buffer overflow in array_merge(), and use-after-free in device mapper.

ALSA-2026:1410: python3.11 security update (Moderate)
ALSA-2026:1429: php:8.3 security update (Important)
ALSA-2026:1143: kernel security update (Important)
ALSA-2026:0932: java-1.8.0-openjdk security update (Important)
ALSA-2026:1350: curl security update (Moderate)
ALSA-2026:1408: python3.12 security update (Moderate)

GIMP, Grafana-PCP, Python, and more updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

Security updates have been released for AlmaLinux. These updates include patches for various security issues, such as remote code execution vulnerabilities (CVE-2025-14422 and CVE-2026-21441), denial of service due to excessive resource consumption via crafted certificates (CVE-2025-61729), and integer overflows leading to heap corruption (CVE-2026-0861). The updates cover several packages, including GIMP, Grafana, python-urllib3, osbuild-composer, and glibc.

ALSA-2026:1574: gimp:2.8 security update (Important)
ALSA-2026:1518: grafana-pcp security update (Important)
ALSA-2026:1254: python-urllib3 security update (Important)
ALSA-2026:1374: python3.11 security update (Moderate)
ALSA-2026:1380: osbuild-composer security update (Moderate)
ALSA-2026:1344: grafana security update (Important)
ALSA-2026:1334: glibc security update (Moderate)

OpenJDK, Python, OpenSSL updates for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several security updates for various packages, including java-1.8.0-openjdk and openssl. The updates address important vulnerabilities such as arbitrary code execution, denial of service, and information disclosure. For example, the java-1.8.0-openjdk update fixes three security issues (CVE-2026-21925 to CVE-2026-21945), while the openssl update addresses 12 vulnerabilities (CVE-2025-11187 to CVE-2026-22796). Users can find more information and updated packages on the AlmaLinux Errata website, including links to CVE pages for each vulnerability.

ALSA-2026:0932: java-1.8.0-openjdk security update (Important)
ALSA-2026:0933: java-25-openjdk security update (Important)
ALSA-2026:0933: java-25-openjdk security update (Important)
ALSA-2026:1478: python3.9 security update (Moderate)
ALSA-2026:1472: openssl security update (Important)

Python3.12-urllib3 security update for AlmaLinux

AlmaLinux 2538 Published by Philipp Esselbach 0

The AlmaLinux Security team has issued several security updates for the python3-urllib3 package, which includes fixes for three vulnerabilities: unbounded decompression chain leading to resource exhaustion (CVE-2025-66418), improper handling of highly compressed data (CVE-2025-66471), and bypassing of decompression-bomb safeguard when following HTTP redirects (CVE-2026-21441). These updates are important and affect multiple versions of the python3-urllib3 package, including those for AlmaLinux 8 and 9.

ALSA-2026:1226: python3.12-urllib3 security update (Important)
ALSA-2026:1224: python3.11-urllib3 security update (Important)
ALSA-2026:1087: python-urllib3 security update (Important)
ALSA-2026:1089: python3.11-urllib3 security update (Important)
ALSA-2026:1088: python3.12-urllib3 security update (Important)

Previous Page

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...