OSBuild-Composer and Kernel updates for AlmaLinux 9

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux released two critical security updates for version 9. The first patch targets osbuild-composer to fix how the tool parses IPv6 addresses inside URLs. Meanwhile, administrators must also install a kernel update that corrects traffic scheduling logic and resolves a storage driver memory leak.

ALSA-2026:9044: osbuild-composer security update (Important)
ALSA-2026:8921: kernel security update (Important)

Kernel updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux released an important security patch for both the standard and real-time kernel packages on version 8. The update resolves two specific flaws identified as CVE-2025-68741 and CVE-2026-23191, which involve improper memory handling in storage drivers and race conditions within audio subsystem triggers. System administrators should apply these fixes promptly to prevent potential stability issues or unauthorized access on affected machines. Detailed documentation and download links are available through the official AlmaLinux errata portal for anyone needing further technical guidance.

ALSA-2026:9135: kernel-rt security update (Important)
ALSA-2026:9131: kernel security update (Important)

ELevate NG upgrade to AlmaLinux 10 x86_64_v2 released for testing

AlmaLinux 2566 Published by Philipp Esselbach 0

ELevate NG finally lets system administrators push AlmaLinux 9 into the new x86_64_v2-based AlmaLinux 10 or Kitten release, but the upgrade swaps old patching methods for a fresh rootfs image download. The migration tool requires pulling the testing repository config and installing specific leapp packages before it can even map out what needs replacing. Preupgrade scans routinely flag missing dependencies and force manual answers to configuration prompts, so skipping that step guarantees a broken boot sequence. Once the system restarts into the transitional environment, verifying package versions and deleting the temporary bootstrap files keeps the new architecture from quietly breaking custom services later.

Go-RPM-Macros, Delve, FreeRDP, and more updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux just pushed out important security fixes for a handful of popular packages on versions eight through ten. You will find patches for Go build macros, the Delve debugger, FreeRDP, giflib, OpenEXR, libarchive, and several .NET framework releases. These updates close dangerous gaps that could let attackers run malicious code or crash your systems using crafted files and network traffic. Make sure to apply these updates as soon as possible to protect your servers from known exploits.

ALSA-2026:8840: go-rpm-macros security update (Important)
ALSA-2026:8842: delve security update (Important)
ALSA-2026:8458: freerdp security update (Important)
ALSA-2026:8858: giflib security update (Important)
ALSA-2026:8470: .NET 8.0 security update (Important)
ALSA-2026:8841: go-rpm-macros security update (Important)
ALSA-2026:8888: openexr security update (Important)
ALSA-2026:8468: .NET 8.0 security update (Important)
ALSA-2026:8473: .NET 10.0 security update (Important)
ALSA-2026:8534: libarchive security update (Important)
ALSA-2026:8475: .NET 9.0 security update (Important)
ALSA-2026:8945: freerdp security update (Important)

.NET, Libarchive, FreeRDP, Thunderbird updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux rolled out a series of critical security patches that affect both version nine and ten of its platform. The updates address multiple high risk vulnerabilities across .NET versions eight and nine, FreeRDP, Thunderbird, and libarchive. Attackers could potentially exploit these flaws to run malicious code remotely or crash systems through memory handling errors and parsing bugs. Administrators need to deploy these fixes right away since the issues carry an important severity rating and leave systems wide open to exploitation.

ALSA-2026:8472: .NET 9.0 security update (Important)
ALSA-2026:8492: libarchive security update (Important)
ALSA-2026:8457: freerdp security update (Important)
ALSA-2026:8469: .NET 8.0 security update (Important)
ALSA-2026:8459: thunderbird security update (Important)
ALSA-2026:8510: libarchive security update (Important)

NodeJS, Squid, BIND, PCS updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux issued a batch of security advisories that address important vulnerabilities across several key software packages. These updates specifically target denial of service risks found in Node.js, Squid, BIND, and PCS components running on version 8 or version 10 systems. Full details regarding the impact and CVSS scores are available in the references section of each advisory for further review.

ALSA-2026:8339: nodejs:20 security update (Important)
ALSA-2026:8317: squid:4 security update (Important)
ALSA-2026:8312: bind security update (Important)
ALSA-2026:8093: pcs security update (Moderate)
ALSA-2026:8352: bind security update (Important)

Keep your 32-bit x86 systems alive with AlmaLinux OS Kitten 10 i686 support

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux OS Kitten 10 expands its reach by adding official i686 userspace support for those clinging to 32-bit x86 hardware or legacy software requirements. While there is no installer ISO, users can now access the necessary repositories and container images through the dedicated Kitten vault without relying on third-party mirrors. Docker commands allow developers to spin up 32-bit environments directly using a platform flag to ensure compatibility with specific glibc needs in CI pipelines. 

Firefox, Squid, Cockpit, and more updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

Updates issued for AlmaLinux versions eight through ten address critical vulnerabilities across a wide array of software packages running on the system. The updates range from important to critical ratings and resolve dangerous flaws including arbitrary code execution or denial of service issues within tools like Firefox, Node.js, and the Linux kernel itself. These advisories urge users to apply patches immediately to prevent potential exploitation by malicious actors seeking system access. Detailed information regarding the specific CVEs and updated packages can be found on the official AlmaLinux errata website linked within each notification message.

ALSA-2026:7672: firefox security update (Important)
ALSA-2026:7666: nghttp2 security update (Important)
ALSA-2026:6817: capstone security update (Important)
ALSA-2026:8119: squid security update (Important)
ALSA-2026:7675: nodejs24 security update (Important)
ALSA-2026:7682: openexr security update (Important)
ALSA-2026:6825: rsync security update (Moderate)
ALSA-2026:6632: kernel security update (Moderate)
ALSA-2026:7711: vim security update (Important)
ALSA-2026:7680: perl-XML-Parser security update (Important)
ALSA-2026:7992: golang-github-openprinting-ipp-usb security update (Important)
ALSA-2026:7383: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection (Critical)
ALSA-2026:7342: kea security update (Important)
ALSA-2026:7005: git-lfs security update (Important)
ALSA-2026:8075: bind security update (Important)
ALSA-2026:8259: vim security update (Important)
ALSA-2026:7915: bind9.18 security update (Important)
ALSA-2026:8052: firefox security update (Important)
ALSA-2026:6570: kernel security update (Moderate)
ALSA-2026:7002: nginx security update (Important)
ALSA-2026:7350: nodejs:24 security update (Important)
ALSA-2026:7384: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection (Critical)
ALSA-2026:7259: git-lfs security update (Important)
ALSA-2026:7343: nginx:1.26 security update (Important)
ALSA-2026:7668: nghttp2 security update (Important)
ALSA-2026:7671: firefox security update (Important)
ALSA-2026:7679: perl-XML-Parser security update (Important)
ALSA-2026:8096: perl:5.32 security update (Moderate)
ALSA-2026:7896: nodejs:20 security update (Important)
ALSA-2026:6917: thunderbird security update (Important)
ALSA-2026:7009: grafana-pcp security update (Important)
ALSA-2026:7677: fontforge security update (Important)
ALSA-2026:7123: nodejs:22 security update (Important)
ALSA-2026:7011: grafana security update (Important)
ALSA-2026:7670: nodejs:24 security update (Important)
ALSA-2026:1240: fence-agents security update (Important)
ALSA-2026:6907: nginx:1.24 security update (Important)
ALSA-2026:1241: resource-agents security update (Important)
ALSA-2026:8155: bind9.16 security update (Important)
ALSA-2026:7681: perl-XML-Parser security update (Important)
ALSA-2026:7667: nghttp2 security update (Important)

FreeRDP, Nginx, NodeJS, and more updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux has issued numerous security updates for versions eight through ten. Covering applications ranging from database servers to font editors, these advisories highlight critical flaws that allow attackers to execute arbitrary code on vulnerable systems. Specific vulnerabilities include heap buffer overflows and uninitialized variables that enable remote code execution alongside denial of service attacks. System administrators should review the linked CVE pages to understand the impact and apply the necessary fixes immediately through their package managers.

ALSA-2026:6799: freerdp security update (Important)
ALSA-2026:6906: nginx security update (Important)
ALSA-2026:7080: nodejs22 security update (Important)
ALSA-2026:6463: openssh security update (Important)
ALSA-2026:7081: libtiff security update (Moderate)
ALSA-2026:6631: fontforge security update (Important)
ALSA-2026:6766: python3.9 security update (Important)
ALSA-2026:6923: nginx:1.24 security update (Important)
ALSA-2026:6462: openssh security update (Important)
ALSA-2026:6628: fontforge security update (Important)
ALSA-2025:4049: libtasn1 security update (Moderate)
ALSA-2025:4063: ruby:3.1 security update (Moderate)
ALSA-2025:2872: pcs security update (Important)
ALSA-2025:11047: pcs security update (Moderate)
ALSA-2025:3210: container-tools:rhel8 security update (Important)
ALSA-2025:3026: kernel security update (Important)
ALSA-2024:10987: pcs security update (Moderate)
ALSA-2025:3027: kernel-rt security update (Important)
ALSA-2025:3388: python-jinja2 security update (Important)
ALSA-2025:4048: xmlrpc-c security update (Moderate)
ALSA-2025:8254: pcs security update (Important)
ALSA-2025:12527: virt:rhel and virt-devel:rhel security update (Moderate)
ALSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
ALSA-2026:6949: go-toolset:rhel8 security update (Important)
ALSA-2026:6915: vim security update (Important)
ALSA-2026:6918: freerdp security update (Important)
ALSA-2026:6391: mysql:8.4 security update (Moderate)
ALSA-2026:6435: mariadb:10.11 security update (Moderate)
ALSA-2026:6461: openssh security update (Important)

Crun and Kernel updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux recently issued several notifications about moderate security issues across different operating system versions. AlmaLinux 8 users must prioritize kernel updates that resolve memory handling flaws and potential denial of service attacks immediately. There are also separate advisories for the crun runtime on AlmaLinux 9 and 10 which address a parsing error allowing privilege escalation through command line options.

ALSA-2026:6621: crun security update (Moderate)
ALSA-2026:6572: kernel-rt security update (Moderate)
ALSA-2026:6571: kernel security update (Moderate)
ALSA-2026:6622: crun security update (Moderate)

LibPNG, FreeRDP, Kernel, and more updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux security updates have been released for multiple software packages across versions 8 through 10. These advisories classify most fixes as important while a few kernel and rsync patches remain at moderate risk levels. The updates address serious flaws including heap buffer overflows, arbitrary code execution vectors, and potential privilege escalation issues found in libraries like libpng and GStreamer.

ALSA-2026:6445: libpng12 security update (Important)
ALSA-2026:6470: perl-YAML-Syck security update (Important)
ALSA-2026:6473: python3 security update (Important)
ALSA-2026:6005: freerdp security update (Important)
ALSA-2026:6388: grafana-pcp security update (Important)
ALSA-2026:6259: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)
ALSA-2026:6344: grafana security update (Important)
ALSA-2026:6053: kernel security update (Moderate)
ALSA-2026:6436: rsync security update (Moderate)
ALSA-2026:6439: libpng15 security update (Important)
ALSA-2026:6300: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)

Rsync, FreeRDP, Grafana, Kernel, Thunderbird updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

5 security updates have been released for AlmaLinux. Although rsync and kernel updates are rated moderate, administrators must prioritize critical patches for freerdp, grafana, and thunderbird because they address severe memory safety issues like heap buffer overflows. These flaws could potentially allow attackers to execute code or bypass sandbox protections if left unaddressed on production systems.

ALSA-2026:6390: rsync security update (Moderate)
ALSA-2026:6340: freerdp security update (Important)
ALSA-2026:6382: grafana security update (Important)
ALSA-2026:6153: kernel security update (Moderate)
ALSA-2026:6188: thunderbird security update (Important)

Python, Squid, LibXSLT, FreeRDP, Thunderbird updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux recently released security notifications for versions 8, 9, and 10 of its Linux distribution covering essential software updates. Many advisories focus on significant risks found within Python, Squid, FreeRDP, and the Thunderbird email client that require urgent attention from system administrators. Identified risks range from command line injections to memory corruption allowing attackers to execute code remotely or crash services entirely.

ALSA-2026:6283: python3.12 security update (Important)
ALSA-2026:6281: python3.11 security update (Important)
ALSA-2026:6286: python3.11 security update (Important)
ALSA-2026:6301: squid security update (Important)
ALSA-2026:6266: libxslt security update (Moderate)
ALSA-2026:6285: python3.12 security update (Important)
ALSA-2026:6004: freerdp security update (Important)
ALSA-2026:6342: thunderbird security update (Important)
ALSA-2026:6256: python3.12 security update (Important)

Kernel and Firefox updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

New security updates for AlmaLinux versions 8 through 10 are available. Addressing moderate severity levels, the kernel and kernel-rt packages resolve a use-after-free vulnerability in the ATM subsystem alongside fixes for macvlan and net/sched components. Separate advisories highlight important severity vulnerabilities within Mozilla Firefox and Thunderbird involving memory safety bugs, sandbox escapes, and JavaScript engine flaws across multiple versions.

ALSA-2026:6037: kernel security update (Moderate)
ALSA-2026:6036: kernel-rt security update (Moderate)
ALSA-2026:5932: firefox security update (Important)
ALSA-2026:5930: firefox security update (Important)
ALSA-2026:5931: firefox security update (Important)

Ncurses, FreeRDP, Go updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux released a series of security advisories regarding updates for ncurses, FreeRDP, and golang libraries. Certain vulnerabilities carry an important severity rating because they involve buffer overflows or incorrect parsing that could allow arbitrary code execution on affected machines. These notifications specifically target installations of both AlmaLinux version 9 and newer version 10 for these components.

ALSA-2026:5913: ncurses security update (Moderate)
ALSA-2026:5939: freerdp security update (Important)
ALSA-2026:5941: golang security update (Important)
ALSA-2026:5942: golang security update (Important)

TigerVNC and LibPNG updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

New security updates are available for both tigervnc and libpng packages on Slackware 15.0 and -current systems. The tigervnc upgrade to version 1.16.2 fixes missing security patches from the previous release. Libpng version 1.6.56 addresses two vulnerabilities including a use-after-free issue and an out-of-bounds read/write problem on ARM Neon processors.

tigervnc (SSA:2026-085-01)
libpng (SSA:2026-085-02)

VIM, MySQL, Nginx, and more updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux issued moderate security advisories for both version 8 and version 9 on March 26, 2026 regarding multiple software packages. The updates resolve dangerous vulnerabilities found in tools like MySQL, nginx, and Python that could allow attackers to execute arbitrary code or gain elevated privileges. Additionally, patches are required to fix buffer overflows and data injection risks within TLS connections and cryptographic libraries used by the system. Administrators should apply these fixes immediately since ignoring them leaves infrastructure exposed to potential exploitation attempts.

ALSA-2026:5602: vim security update (Moderate)
ALSA-2026:5640: mysql:8.4 security update (Moderate)
ALSA-2026:5603: opencryptoki security update (Moderate)
ALSA-2026:5581: nginx:1.24 security update (Moderate)
ALSA-2026:5578: virt:rhel and virt-devel:rhel security update (Moderate)
ALSA-2026:5599: nginx security update (Moderate)
ALSA-2026:5580: mysql:8.0 security update (Moderate)
ALSA-2026:5513: 389-ds:1.4 security update (Moderate)
ALSA-2026:5585: gnutls security update (Moderate)
ALSA-2026:5587: opencryptoki security update (Moderate)
ALSA-2026:5588: python3 security update (Moderate)

Yggdrasil, Libarchive, VIM, and more updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

AlmaLinux released several security notifications covering versions eight through ten during late March 2026. Important fixes address critical flaws in applications like GIMP and libarchive that could allow remote code execution or denial of service attacks. Moderate severity patches also resolve issues within the Linux kernel, Python modules, and network utilities used across these distributions.

ALSA-2026:5146: yggdrasil security update (Important)
ALSA-2026:5063: libarchive security update (Important)
ALSA-2026:4715: vim security update (Moderate)
ALSA-2026:4717: opencryptoki security update (Moderate)
ALSA-2026:5145: yggdrasil-worker-package-manager security update (Important)
ALSA-2026:5113: gimp:2.8 security update (Important)
ALSA-2026:4649: grub2 security update (Moderate)
ALSA-2026:4713: python3.12 security update (Moderate)
ALSA-2026:4723: kernel security update (Moderate)
ALSA-2026:4705: nginx security update (Moderate)
ALSA-2026:4629: libvpx security update (Important)
ALSA-2026:4759: kernel security update (Moderate)
ALSA-2026:5080: libarchive security update (Important)
ALSA-2026:4898: capstone security update (Important)
ALSA-2026:4760: grub2 security update (Moderate)
ALSA-2026:4828: mysql security update (Moderate)

LibPNG, Glibc, Python updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

Three security advisories were released by AlmaLinux 8. An Important severity update targets libpng because integer truncation flaws might allow attackers to exploit information disclosure or denial of service vulnerabilities within the simplified write API. Moderate patches update glibc and Python 3.11 to fix network leaks and injection flaws.

ALSA-2026:4728: libpng security update (Important)
ALSA-2026:4772: glibc security update (Moderate)
ALSA-2026:4473: python3.11 security update (Moderate)

Grub2, .NET, Containter-Tools, Compat-OpenSSL, Libvpx updates for AlmaLinux

AlmaLinux 2566 Published by Philipp Esselbach 0

Several security updates have been released for AlmaLinux systems, addressing various vulnerabilities in different software packages. One update affects the grub2 package, which provides a highly configurable boot loader with modular architecture, and fixes an issue that could lead to use-after-free (CVE-2025-61662). Additionally, other updates address issues in container-tools, including golang, crypto/tls, and libvpx, as well as .NET 10.0 and .NET 9.0, which implement a managed-software framework and include a CLR implementation.

ALSA-2026:4648: grub2 security update (Moderate)
ALSA-2026:4672: container-tools:rhel8 security update (Important)
ALSA-2026:4445: .NET 10.0 security update (Important)
ALSA-2026:4472: compat-openssl11 security update (Moderate)
ALSA-2026:4447: libvpx security update (Important)
ALSA-2026:4456: .NET 9.0 security update (Important)

Previous Page

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...