Go-RPM-Macros, Nginx, Kernel, Thunderbird, Valkey updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux 9, including updates for Go-rpm-macros, nginx, kernel, Thunderbird, and Valkey. The updates address various vulnerabilities, such as memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) and data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733). These security issues can lead to severe consequences, including data corruption or loss, and should be addressed promptly.

ALSA-2026:3668: go-rpm-macros security update (Important)
ALSA-2026:3638: nginx:1.24 security update (Moderate)
ALSA-2026:3488: kernel security update (Moderate)
ALSA-2026:3516: thunderbird security update (Important)
ALSA-2026:3507: valkey security update (Important)

Kernel, Container-Tools, MinGW, Firefox updates for AlmaLinux 8

AlmaLinux 2562 Published by Philipp Esselbach 0

Multiple security updates have been announced for AlmaLinux 8, addressing various vulnerabilities in packages such as kernel-rt, container-tools, and firefox. The updates include patches for denial-of-service (DoS) vulnerabilities, memory safety bugs, and use-after-free issues in the Linux kernel, container tools, and web browser components. Users are advised to update their systems with the latest packages to ensure security and stability.

ALSA-2026:3463: kernel-rt security update (Moderate)
ALSA-2026:3428: container-tools:rhel8 security update (Important)
ALSA-2026:3464: kernel security update (Moderate)
ALSA-2026:3407: mingw-fontconfig security update (Important)
ALSA-2026:3338: firefox security update (Important)

GnuTLS, Kernel, Libpng, Skopeo, Containernetworking Plugins updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

AlmaLinux has released several security updates to address vulnerabilities in various packages, including gnutls, kernel, libpng, and skopeo. The gnutls update fixes two issues: a stack-based buffer overflow and a denial-of-service vulnerability due to excessive resource consumption. The kernel update addresses four vulnerabilities, including a double-free issue and use-after-free bugs, while the libpng update fixes three security issues related to information disclosure and denial of service. Additionally, the skopeo update fixes three vulnerabilities in the golang library, including a denial-of-service bug due to excessive resource consumption.

ALSA-2026:3477: gnutls security update (Moderate)
ALSA-2026:3275: kernel security update (Moderate)
ALSA-2026:3405: libpng security update (Important)
ALSA-2026:3340: skopeo security update (Important)
ALSA-2026:3341: containernetworking-plugins security update (Important)

FreeRDP, Grafana, Firefox, and more updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several security updates for various packages, including FreeRDP, Grafana, Firefox, and more. The updates address multiple vulnerabilities, with some being classified as "Important" due to their potential impact on system security. Users are encouraged to review the details of each update and apply them as soon as possible to ensure their systems remain secure. More information can be found on the AlmaLinux Errata page for each update.

ALSA-2026:3334: freerdp security update (Important)
ALSA-2026:3035: grafana-pcp security update (Important)
ALSA-2026:3068: freerdp security update (Important)
ALSA-2026:3297: buildah security update (Important)
ALSA-2026:3361: firefox security update (Important)
ALSA-2026:3067: freerdp security update (Important)
ALSA-2026:3291: runc security update (Important)
ALSA-2026:3189: 389-ds-base security update (Moderate)
ALSA-2026:3298: buildah security update (Important)
ALSA-2026:3339: firefox security update (Important)
ALSA-2026:3337: podman security update (Important)
ALSA-2026:3031: libpng15 security update (Important)
ALSA-2026:3034: munge security update (Important)
ALSA-2026:3359: python-pyasn1 security update (Important)
ALSA-2026:3066: kernel security update (Moderate)
ALSA-2026:2783: nodejs:20 security update (Important)
ALSA-2026:3095: protobuf security update (Important)
ALSA-2026:2722: kernel security update (Moderate)
ALSA-2026:2782: nodejs:22 security update (Important)
ALSA-2026:3336: podman security update (Important)
ALSA-2026:3033: munge security update (Important)
ALSA-2026:3354: python-pyasn1 security update (Important)
ALSA-2026:3092: golang-github-openprinting-ipp-usb security update (Important)
ALSA-2026:3208: 389-ds-base security update (Moderate)
ALSA-2026:3343: skopeo security update (Important)
ALSA-2026:3094: protobuf security update (Important)
ALSA-2026:2721: kernel security update (Moderate)

Kernel, Munge, Grafana updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several important security updates to address vulnerabilities in various packages, including the kernel-rt, kernel, munge, and grafana software. The updates address multiple use-after-free issues in the kernel, as well as a buffer overflow vulnerability in MUNGE and CPU consumption and memory exhaustion issues in Grafana.

ALSA-2026:3110: kernel-rt security update (Important)
ALSA-2026:2720: kernel security update (Moderate)
ALSA-2026:3032: munge security update (Important)
ALSA-2026:3083: kernel security update (Important)
ALSA-2026:3188: grafana security update (Important)
ALSA-2026:3187: grafana-pcp security update (Important)

OpenSSL and Kernel-RT updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

The AlmaLinux Security team has issued two updates: ALSA-2026:3042, a moderate security update for OpenSSL, and ALSA-2026:2821, another moderate update for the kernel-rt packages. The OpenSSL update fixes an arbitrary code execution vulnerability in PKCS#12 processing (CVE-2025-69419). The kernel-rt update addresses multiple vulnerabilities, including out-of-bounds writes, use-after-free errors, and privilege escalation possibilities (CVE-2025-40168, CVE-2023-53762, and CVE-2025-40304). Users can find more information about the updates on the AlmaLinux errata page.

ALSA-2026:3042: openssl security update (Moderate)
ALSA-2026:2821: kernel-rt security update (Moderate)

Grafana security update for AlmaLinux 10

AlmaLinux 2562 Published by Philipp Esselbach 0

A security update has been released for Grafana on AlmaLinux 10. The update fixes multiple vulnerabilities, including denial of service due to crafted certificates and privilege escalation through dashboard permissions bypass. Other issues addressed include excessive CPU consumption when building archives and memory exhaustion during query parameter parsing.

ALSA-2026:2914: grafana security update (Important)

Go, GnuPG2, NodeJS, EDK2, GlibC, PHP updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

Several security updates are available for AlmaLinux, including patches for Go and Node.js. The Go update fixes multiple vulnerabilities that could lead to CPU consumption issues, memory exhaustion, or code execution, while the Node.js update addresses several denial-of-service and file permissions bypass issues. Other updates include a GnuPG patch that fixes a buffer overflow vulnerability in tpm2daemon and a glibc update that addresses integer overflows and information disclosure issues.

ALSA-2026:2706: golang security update (Important)
ALSA-2026:2719: gnupg2 security update (Important)
ALSA-2026:2781: nodejs:24 security update (Important)
ALSA-2026:2776: edk2 security update (Moderate)
ALSA-2026:2786: glibc security update (Moderate)
ALSA-2026:2799: php security update (Moderate)

Golang and GIMP updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

The AlmaLinux team has released two security updates: one for golang and another for GIMP, both classified as Important. The golang update addresses four vulnerabilities that could allow an attacker to perform excessive CPU consumption, memory exhaustion, code smuggling, or unexpected session resumption. The GIMP update fixes a heap-based buffer overflow vulnerability in the program that could be exploited by specially crafted PSP files (CVE-2025-15059).

ALSA-2026:2709: golang security update (Important)
ALSA-2026:2707: gimp security update (Important)

Go-Toolset for AlmaLinux 8

AlmaLinux 2562 Published by Philipp Esselbach 0

An important security update for AlmaLinux 8 has been released, addressing four vulnerabilities in the Go Toolset. The issues include excessive CPU consumption when building archive index, memory exhaustion while parsing query parameters, potential code smuggling via doc comments, and unexpected session resumption. These problems have been fixed with new updates available on the AlmaLinux website.

ALSA-2026:2708: go-toolset:rhel8 security update (Important)

PHP, NodeJS, GCC-Toolset, Firefox, Python updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

Multiple security updates have been announced for AlmaLinux 8, affecting various packages including PHP 7.4, Node.js, GCC toolset binutils, Firefox, and Python 3.12. The updates address several vulnerabilities, including potential code execution, information disclosure, denial of service, and heap buffer overflows. Most of the updates are categorized as Moderate or Important severity, with a few being rated as Critical.

ALSA-2026:2470: php:7.4 security update (Moderate)
ALSA-2026:2421: nodejs:22 security update (Important)
ALSA-2026:2627: gcc-toolset-14-binutils security update (Moderate)
ALSA-2026:2420: nodejs:24 security update (Important)
ALSA-2026:0667: firefox security update (Important)
ALSA-2026:2419: python3.12 security update (Moderate)
ALSA-2026:2422: nodejs:20 security update (Important)

Kernel, PCS, Libsoup3, Image-Builder, Keylime updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux, including kernel and pcs package updates. The kernel updates address multiple vulnerabilities, such as memory corruption and use-after-free bugs, while the pcs update fixes a prototype pollution issue in the lodash library. Additionally, keylime and libsoup3 packages have also received security updates to fix an authentication bypass vulnerability and a stack-based buffer overflow issue, respectively.

ALSA-2026:2282: kernel security update (Moderate)
ALSA-2026:2438: pcs security update (Important)
ALSA-2026:2410: libsoup3 security update (Important)
ALSA-2026:1377: image-builder security update (Moderate)
ALSA-2026:2212: kernel security update (Moderate)
ALSA-2026:2452: pcs security update (Important)
ALSA-2026:2224: keylime security update (Critical)

GIT-LFS and Broti updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

AlmaLinux has released two security updates for its users: ALSA-2026:2323 and ALSA-2026:2389. The first update addresses a denial of service vulnerability in Git Large File Storage (LFS) due to excessive resource consumption via crafted certificates, affecting the crypto/x509 module in golang. The second update fixes a Python brotli decompression bomb DoS issue in Scrapy's python-scrapy package. Both updates are available for AlmaLinux 8 and have been released as part of an Important security patch.

ALSA-2026:2323: git-lfs security update (Important)
ALSA-2026:2389: brotli security update (Important)

FreRDP, Keylime, Fontforge, and more updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

AlmaLinux has released multiple security updates to address vulnerabilities in several packages. The most severe update is ALSA-2026:2222, which affects FreeRDP and fixes six vulnerabilities that could allow for denial of service or code execution. Other important updates include ALSA-2026:1905, which addresses a vulnerability in the fence-agents package, and ALSA-2026:2230, which fixes three vulnerabilities in the FontForge package. Additionally, multiple other packages have received security updates, including util-linux, pyasn1, and open-telemetry-collector.

ALSA-2026:2048: freerdp security update (Important)
ALSA-2026:2222: freerdp security update (Important)
ALSA-2026:2225: keylime security update (Critical)
ALSA-2026:2230: fontforge security update (Important)
ALSA-2026:1905: fence-agents security update (Important)
ALSA-2026:1852: util-linux security update (Moderate)
ALSA-2026:1906: fence-agents security update (Important)
ALSA-2026:1907: opentelemetry-collector security update (Important)
ALSA-2026:2378: kernel-rt security update (Moderate)
ALSA-2026:1904: resource-agents security update (Important)
ALSA-2026:2220: thunderbird security update (Important)
ALSA-2026:2216: libsoup security update (Important)
ALSA-2026:1903: fence-agents security update (Important)
ALSA-2026:1908: opentelemetry-collector security update (Important)
ALSA-2026:1913: util-linux security update (Moderate)
ALSA-2026:1939: python3.12-wheel security update (Important)

Fontforge, NodeJS, Thunderbird, and more updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

Multiple security updates have been released by AlmaLinux, including patches for FontForge, Node.js, Mozilla Thunderbird, and Firefox to address remote code execution vulnerabilities and other issues. The updates also include fixes for a heap-based buffer overflow in BMP file parsing, a use-after-free bug in SFD file parsing, and denial of service vulnerabilities in Node.js. Additionally, the kernel packages have been updated to resolve several security issues, including a Linux kernel ALSA USB audio driver buffer overflow that could lead to information disclosure and denial of service. Users can find more details about these updates on the AlmaLinux errata website, which includes full package listings and other related information.

ALSA-2026:2039: fontforge security update (Important)
ALSA-2026:1843: nodejs22 security update (Important)
ALSA-2026:2286: thunderbird security update (Important)
ALSA-2026:2271: firefox security update (Important)
ALSA-2026:1831: qemu-kvm security update (Moderate)
ALSA-2026:1837: osbuild-composer security update (Moderate)
ALSA-2026:2182: libsoup3 security update (Important)
ALSA-2026:1842: nodejs24 security update (Important)
ALSA-2026:2215: libsoup security update (Important)
ALSA-2026:2264: kernel security update (Moderate)
ALSA-2026:2124: osbuild-composer security update (Important)

Python, FreeRDP, Kernel updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

Multiple security updates are available for various packages on AlmaLinux systems, including Python 3 and FreeRDP. The affected versions include AlmaLinux 8 and 9, with vulnerabilities addressed in the updates including a privilege escalation or code execution flaw in Python 3.12-wheel and several heap buffer overflow issues in FreeRDP. Additionally, a kernel security update is available for AlmaLinux 9, addressing flaws such as a stack out-of-bounds write vulnerability.

ALSA-2026:2090: python3.12-wheel security update (Important)
ALSA-2026:2128: python3 security update (Moderate)
ALSA-2026:2081: freerdp security update (Important)
ALSA-2026:1617: kernel security update (Moderate)

Kernel, CURL, Brotli, Python updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

The AlmaLinux Security team has released several important and moderate security updates to address vulnerabilities in various packages, including kernel, python-wheel, curl, python3.12, and brotli. These updates aim to fix issues such as use-after-free vulnerabilities, out-of-bounds reads, and denial of service attacks that could compromise system security. The CVEs listed for each update include Linux kernel vulnerabilities (CVE-2025-37819, CVE-2025-38349), python-wheel privilege escalation (CVE-2026-24049), curl out-of-bounds read (CVE-2025-9086), and brotli decompression bomb DoS (CVE-2025-6176).

ALSA-2026:1690: kernel security update (Important)
ALSA-2026:1902: python-wheel security update (Important)
ALSA-2026:1825: curl security update (Moderate)
ALSA-2026:1828: python3.12 security update (Moderate)
ALSA-2026:2042: brotli security update (Important)

Wireshark, Util-Linux, Golang-Github-Openprinting-IPP-USB updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

AlmaLinux has issued three security updates to address vulnerabilities in its system. The first update, ALSA-2026:1714, fixes a NULL Pointer Dereference in Wireshark (CVE-2025-9817) and is rated as Moderate severity. The second update, ALSA-2026:1696, addresses a Heap buffer overread in util-linux (CVE-2025-14104), also classified as Moderate severity. The third update, ALSA-2026:1715, fixes a Denial of Service vulnerability due to excessive resource consumption in golang-github-openprinting-ipp-usb and is rated as Important severity.

ALSA-2026:1714: wireshark security update (Moderate)
ALSA-2026:1696: util-linux security update (Moderate)
ALSA-2026:1715: golang-github-openprinting-ipp-usb security update (Important)

Kernel, Iperf3, PHP, and more updates for AlmaLinux

AlmaLinux 2562 Published by Philipp Esselbach 0

The AlmaLinux team has released several security updates to address various vulnerabilities in their operating system and related packages. The updates include fixes for issues such as denial of service, heap buffer overflows, and information disclosure in packages like kernel, iperf3, PHP, fence-agents, openssl, and python3. The severity levels of the updates range from Moderate to Important, with multiple patches released for critical vulnerabilities.

ALSA-2026:1178: kernel security update (Moderate)
ALSA-2026:1597: iperf3 security update (Moderate)
ALSA-2026:1628: php security update (Important)
ALSA-2026:1239: fence-agents security update (Important)
ALSA-2026:1359: gcc-toolset-15-binutils security update (Moderate)
ALSA-2026:1409: php:8.2 security update (Important)
ALSA-2026:1381: osbuild-composer security update (Moderate)
ALSA-2026:1473: openssl security update (Important)
ALSA-2026:1595: iperf3 security update (Moderate)
ALSA-2026:1662: kernel security update (Moderate)
ALSA-2026:1661: kernel-rt security update (Moderate)
ALSA-2026:1631: python3 security update (Moderate)
ALSA-2026:1592: iperf3 security update (Moderate)
ALSA-2026:1412: php:8.2 security update (Important)

Previous Page

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...