AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux has issued multiple important security advisories for versions eight and nine that address critical flaws across several core packages. The X.Org server update resolves numerous stack buffer overflows and use-after-free errors that could destabilize graphical interfaces or leak sensitive data. Separate patches fix command injection risks in dracut, memory disclosure bugs in rsync, certificate validation weaknesses in podman, and a malformed code issue in postfix. IT teams need to deploy these errata right away since the vulnerabilities could allow attackers to gain root access or disrupt network services.

ALSA-2026:26709: xorg-x11-server security, bug fix, and enhancement update (Important)
ALSA-2026:26533: dracut security update (Important)
ALSA-2026:26205: postfix security update (Important)
ALSA-2026:26410: rsync security update (Important)
ALSA-2026:26447: podman security update (Important)
ALSA-2026:26534: dracut security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux released a major security update to patch critical vulnerabilities across numerous system packages. The errata addresses severe memory corruption bugs and command injection flaws inside the Linux kernel, OpenSSL toolkit, and PostgreSQL database engine. Administrators need to apply these fixes right away since outdated systems face serious exposure to remote code execution and privilege escalation threats. Detailed vulnerability reports plus direct installation guides for AlmaLinux 8 and 10 are available through the official tracking portal.

ALSA-2026:26532: dracut security update (Important)
ALSA-2026:26562: xorg-x11-server-Xwayland security, bug fix, and enhancement update (Important)
ALSA-2026:26408: rsync security update (Important)
ALSA-2026:26352: opencryptoki security update (Moderate)
ALSA-2026:26181: postgresql:15 security update (Important)
ALSA-2026:26335: hplip security update (Important)
ALSA-2026:26275: openssl security update (Important)
ALSA-2026:26354: libxml2 security update (Low)
ALSA-2026:26347: libpng15 security update (Moderate)
ALSA-2026:26348: libpng12 security update (Moderate)
ALSA-2026:26428: kernel-rt security update (Important)
ALSA-2026:26355: libxslt security update (Moderate)
ALSA-2026:26427: kernel security update (Important)
ALSA-2026:26332: rsync security, bug fix, and enhancement update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux recently distributed essential security patches that resolve numerous flaws within WebKitGTK, Postfix, and MySQL across multiple operating system versions. The updates carry important ratings for the web engine and mail server while addressing moderate database risks tied to recent processor vendor advisories. Malicious actors could leverage these weaknesses to force unexpected application crashes, bypass strict security policies, or steal sensitive user data through specially crafted inputs. Server administrators must install these errata promptly to safeguard their infrastructure against active exploitation attempts.

ALSA-2026:25927: webkit2gtk3 security update (Important)
ALSA-2026:25918: webkit2gtk3 security update (Important)
ALSA-2026:25932: postfix security update (Important)
ALSA-2026:26180: mysql:8.4 security update (Moderate)
ALSA-2026:25919: mysql:8.0 security update (Moderate)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux has released an important security patch for version 10 that addresses a critical flaw in the mod_http2 Apache module. The update specifically targets CVE-2026-49975, which allows attackers to trigger remote denial of service attacks using compression bombs and Slowloris techniques. System administrators should apply this errata immediately to protect their web servers from potential service disruptions. Full technical details along with the updated packages are available through the official AlmaLinux errata portal.

ALSA-2026:25225: mod_http2 security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux recently distributed a series of important security advisories for version 9. The updates cover essential infrastructure components like several dotnet framework versions, Redis seven, OpenSSL, and the base Linux kernel. Each notification highlights critical flaws including remote code execution risks, denial of service vulnerabilities, and dangerous memory corruption issues that attackers could easily exploit. IT teams need to apply these patches immediately to secure their servers against known threats before any damage occurs.

ALSA-2026:25221: .NET 9.0 security update (Important)
ALSA-2026:25219: redis:7 security update (Important)
ALSA-2026:25222: .NET 10.0 security update (Important)
ALSA-2026:25220: .NET 8.0 security update (Important)
ALSA-2026:25239: openssl security update (Important)
ALSA-2026:24381: kernel security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux has issued a major security that covers versions 8 through 10 alongside vital server components like OpenSSL, Samba, and BIND. These patches resolve numerous severe vulnerabilities including remote code execution risks in file sharing services, critical memory corruption flaws within the Linux kernel, and denial of service weaknesses affecting web servers and cryptographic libraries. IT teams must apply these fixes immediately to protect infrastructure from exploitation of unhandled pointer dereferences and buffer overflow conditions. Detailed vulnerability references and installation guides can be accessed directly through the official AlmaLinux errata tracking website.

ALSA-2026:25237: openssl security update (Important)
ALSA-2026:25191: kernel security update (Critical)
ALSA-2026:25217: kernel security update (Important)
ALSA-2026:23230: expat security update (Important)
ALSA-2026:25049: samba security update (Critical)
ALSA-2026:24367: bind security update (Important)
ALSA-2026:25058: poppler security update (Important)
ALSA-2026:25057: mod_http2 security update (Important)
ALSA-2026:25090: httpd:2.4 security update (Important)
ALSA-2026:25110: .NET 8.0 security update (Important)
ALSA-2026:25113: .NET 9.0 security update (Important)
ALSA-2026:25114: .NET 10.0 security update (Important)
ALSA-2026:25121: kernel security update (Critical)
ALSA-2026:25120: kernel-rt security update (Critical)
ALSA-2026:24985: poppler security update (Important)
ALSA-2026:24470: podman security update (Important)
ALSA-2026:25111: .NET 8.0 security update (Important)
ALSA-2026:25112: .NET 9.0 security update (Important)
ALSA-2026:25115: .NET 10.0 security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux released an important security update for version 8 that tackles critical flaws in the postgresql-jdbc and poppler packages. The postgresql-jdbc fix closes a client side denial of service vulnerability caused by malicious SCRAM SHA 256 authentication requests. You will also find a patched poppler library that eliminates an integer overflow bug capable of causing heap buffer overflows during PDF rendering. System administrators are strongly encouraged to apply these updates right away to keep their servers secure.

ALSA-2026:25030: postgresql-jdbc security update (Important)
ALSA-2026:24984: poppler security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux issued two important security advisories for version 8 to patch critical flaws in BIND and libyang. The BIND update resolves memory exhaustion risks and denial of service vulnerabilities tied to GSS API negotiation. You will also need to address a dangerous libyang issue that allows arbitrary code execution through crafted binary blobs. Apply these patches right away to keep your DNS services and data modeling tools secure.

ALSA-2026:24339: bind security update (Important)
ALSA-2026:24545: libyang security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux has issued a batch of critical security patches for versions eight and ten that target serious vulnerabilities across the Linux kernel and several essential network services. These updates address dangerous flaws in BIND and Unbound DNS resolvers that could allow attackers to crash servers or exhaust system memory. Administrators should prioritize applying the kernel fixes immediately because the patches resolve numerous memory corruption bugs and privilege escalation risks that threaten system stability. You can download the corrected packages and review the full technical documentation through the official AlmaLinux errata portal.

ALSA-2026:24365: unbound security update (Important)
ALSA-2026:18134: kernel security update (Moderate)
ALSA-2026:23329: kernel security update (Important)
ALSA-2026:21557: kernel security update (Important)
ALSA-2026:24338: bind security update (Important)
ALSA-2026:19569: kernel security update (Important)
ALSA-2026:24340: frr security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux released three kernel security errata for version 9 to address a wide array of system vulnerabilities. These notifications cover important and moderate severity issues while patching dozens of CVEs across networking and virtualization stacks. Dangerous flaws like Dirty Frag privilege escalation and unauthorized file access require immediate attention from system operators. You should apply these packages quickly to keep your servers secure.

ALSA-2026:21556: kernel security update (Important)
ALSA-2026:18587: kernel security update (Moderate)
ALSA-2026:19568: kernel security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux has released important security updates for PHP on version 10 and the real-time kernel on version 8 to patch several dangerous flaws. These patches address critical issues including denial of service attacks, cross-site scripting risks, and multiple memory corruption vulnerabilities that could crash systems or leak data. Server administrators should apply these fixes immediately since they were published on June fifth to stop potential exploitation. Complete technical details and updated package files are available through the official AlmaLinux errata portal.

ALSA-2026:23388: php security update (Important)
ALSA-2026:23259: kernel-rt security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux released a batch of security advisories to address critical vulnerabilities across multiple software packages. The updates target widely used tools like Samba, Ruby, Unbound, and Vim while patching remote code execution flaws and denial of service risks that could compromise system integrity. Administrators managing AlmaLinux versions eight through ten should prioritize these patches immediately since several issues allow attackers to bypass authentication or trigger arbitrary file overwrites. Regular maintenance cycles remain essential for keeping network infrastructure secure against rapidly evolving threats.

ALSA-2026:22730: vim security update (Moderate)
ALSA-2026:23231: unbound security update (Important)
ALSA-2026:22715: expat security update (Important)
ALSA-2026:23102: delve security update (Important)
ALSA-2026:22717: vim security update (Moderate)
ALSA-2026:22551: mod_http2 security update (Moderate)
ALSA-2026:20606: ruby4.0 security update (Important)
ALSA-2026:22963: samba security update (Critical)
ALSA-2026:23258: kernel security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux released a comprehensive set of security errata to patch critical flaws across several major software packages. These updates directly address dangerous vulnerabilities in widely deployed applications like Mozilla Thunderbird, Apache HTTP Server, Samba, and OpenSSL. Administrators will find that the patches resolve severe issues including remote code execution, sandbox escapes, and memory corruption bugs that threaten system stability. You should apply these fixes immediately to protect your infrastructure from potential exploitation and maintain a secure computing environment.

ALSA-2026:22325: thunderbird security update (Important)
ALSA-2026:22553: libexif security update (Moderate)
ALSA-2026:22312: openssl security update (Moderate)
ALSA-2026:22721: expat security update (Important)
ALSA-2026:22644: samba security update (Important)
ALSA-2026:22140: httpd:2.4 security update (Important)
ALSA-2026:22315: compat-openssl10 security update (Moderate)
ALSA-2026:22643: thunderbird security update (Important)
ALSA-2026:22145: .NET 10.0 security update (Important)
ALSA-2026:22711: vim security update (Moderate)
ALSA-2026:22314: openssl security update (Moderate)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux has issued an important security update for PHP versions 8.2 and 8.3 across both AlmaLinux 8 and 9 environments. This release patches four distinct vulnerabilities that could allow attackers to crash services through ctype functions or exploit improper URL handling in PHP-FPM. A NULL pointer crash during SOAP decoding and an integer overflow inside the metaphone routine round out the list of critical flaws requiring immediate attention. Administrators should apply these fixes right away because unpatched servers remain highly exposed to denial of service attacks and XSS exploits.

ALSA-2026:22305: php:8.2 security update (Important)
ALSA-2026:22142: php:8.3 security update (Important)
ALSA-2026:22143: php:8.2 security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux recently distributed a significant wave of important security patches for versions eight through ten across several essential software packages. These updates resolve serious flaws inside the .NET framework, Mozilla browsers, Apache httpd modules, Cockpit administration tools, and Flatpak desktop packaging systems. Malicious actors could leverage these weaknesses to crash services, break out of sandboxed environments, run unauthorized code, or slip past standard security controls.

ALSA-2026:21297: .NET 10.0 security update (Important)
ALSA-2026:21381: thunderbird security update (Important)
ALSA-2026:21296: .NET 9.0 security update (Important)
ALSA-2026:21391: httpd security update (Important)
ALSA-2026:21754: .NET 9.0 security update (Important)
ALSA-2026:21380: firefox security update (Important)
ALSA-2026:21676: cockpit security update (Important)
ALSA-2026:21382: firefox security update (Important)
ALSA-2026:21295: .NET 10.0 security update (Important)
ALSA-2026:21294: .NET 9.0 security update (Important)
ALSA-2026:21757: flatpak security update (Important)
ALSA-2026:21755: flatpak security update (Important)
ALSA-2026:21378: firefox security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux just pushed out a major security update that targets critical weaknesses across several widely used packages. The release fixes dangerous flaws in flatpak, cockpit, various kernel builds, .NET 8.0, and Apache httpd where malicious actors could trigger arbitrary code execution or force system crashes. Server administrators need to apply these patches right away because the unpatched vulnerabilities leave environments open to remote exploitation and privilege escalation. Full technical breakdowns along with direct download links are available through the standard AlmaLinux errata portal.

ALSA-2026:21756: flatpak security update (Important)
ALSA-2026:21700: cockpit security update (Important)
ALSA-2026:21745: kernel-rt security update (Important)
ALSA-2026:21293: .NET 8.0 security update (Important)
ALSA-2026:21291: .NET 8.0 security update (Important)
ALSA-2026:21468: cockpit security update (Important)
ALSA-2026:21706: kernel security update (Important)
ALSA-2026:21286: .NET 8.0 security update (Important)
ALSA-2026:21433: httpd security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux 2606 Published by Philipp Esselbach 0

AlmaLinux distributed a large batch of security updates for versions 8, 9, and 10. The notifications address dozens of packages with severity ratings that range from critical down to low priority concerns. System administrators must patch numerous flaws including arbitrary code execution, privilege escalation, memory corruption, and denial of service vulnerabilities.

ALSA-2026:19053: freeipmi security update (Moderate)
ALSA-2026:19031: skopeo security update (Important)
ALSA-2026:18421: luksmeta security update (Moderate)
ALSA-2026:19158: dnsmasq security update (Important)
ALSA-2026:19148: glib2 security update (Moderate)
ALSA-2026:19134: grafana security update (Important)
ALSA-2026:19032: buildah security update (Important)
ALSA-2026:19160: firefox security update (Important)
ALSA-2026:19135: opentelemetry-collector security update (Important)
ALSA-2026:19157: firefox security update (Important)
ALSA-2026:19153: thunderbird security update (Important)
ALSA-2026:19151: jq security update (Important)
ALSA-2026:19139: go-fdo-client security update (Important)
ALSA-2026:19136: grafana-pcp security update (Important)
ALSA-2026:19125: xorg-x11-server-Xwayland security update (Important)
ALSA-2026:19126: yggdrasil security update (Important)
ALSA-2026:19128: yggdrasil-worker-package-manager security update (Important)
ALSA-2026:19130: libcap security update (Important)
ALSA-2026:19133: git-lfs security update (Important)
ALSA-2026:19067: sudo security update (Important)
ALSA-2026:19034: python-tornado security update (Moderate)
ALSA-2026:19013: delve security update (Moderate)
ALSA-2026:18162: iputils security update (Moderate)
ALSA-2026:19367: giflib update (Important)
ALSA-2026:19374: nginx security update (Critical)
ALSA-2026:19361: glib2 security update (Moderate)
ALSA-2026:19372: nginx:1.26 security update (Critical)
ALSA-2026:20574: firefox security update (Important)
ALSA-2026:19181: golang security update (Important)
ALSA-2026:18786: bind security update (Important)
ALSA-2026:19371: nginx:1.24 security update (Critical)
ALSA-2026:19180: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)
ALSA-2026:19213: systemd security update (Moderate)
ALSA-2026:19354: PackageKit security update (Important)
ALSA-2026:18683: libssh security update (Moderate)
ALSA-2026:19208: freeipmi security update (Moderate)
ALSA-2026:19176: python3.14 security update (Important)
ALSA-2026:19357: krb5 security update (Important)
ALSA-2026:19368: rsync security update (Important)
ALSA-2026:19224: vim security update (Important)
ALSA-2026:19173: podman security update (Important)
ALSA-2026:18772: qemu-kvm security update (Moderate)
ALSA-2026:18748: libvirt security update (Moderate)
ALSA-2026:19225: kernel security update (Important)
ALSA-2026:19219: openssh security update (Important)
ALSA-2026:18868: linux-sgx security update (Important)
ALSA-2026:18705: mingw-glib2 security update (Moderate)
ALSA-2026:18597: NetworkManager security update (Low)
ALSA-2026:19370: firefox security update (Important)
ALSA-2026:19218: openssl security update (Moderate)
ALSA-2026:19363: libtiff security update (Important)
ALSA-2026:19197: python-jwcrypto security update (Low)
ALSA-2026:19216: python3.9 security update (Important)
ALSA-2026:19175: python3.11 security update (Important)
ALSA-2026:19177: python3.12 security update (Important)
ALSA-2026:18599: p11-kit security update (Moderate)
ALSA-2026:19365: jq security update (Important)
ALSA-2026:19343: xorg-x11-server security update (Important)
ALSA-2026:19210: gdk-pixbuf2 security update (Important)
ALSA-2026:18931: unbound security update (Moderate)
ALSA-2026:19610: libsndfile security update (Important)
ALSA-2026:18824: luksmeta security update (Moderate)
ALSA-2026:19373: dnsmasq security update (Important)
ALSA-2026:19356: libsoup security update (Moderate)
ALSA-2026:19345: LibRaw security update (Important)
ALSA-2026:19359: openexr security update (Important)
ALSA-2026:19346: libcap security update (Important)
ALSA-2026:19344: xorg-x11-server-Xwayland security update (Important)
ALSA-2026:19348: thunderbird security update (Important)
ALSA-2026:19352: grafana security update (Important)
ALSA-2026:19351: grafana-pcp security update (Important)
ALSA-2026:19220: sudo security update (Important)
ALSA-2026:19187: compat-openssl11 security update (Moderate)
ALSA-2026:19178: crun security update (Moderate)
ALSA-2026:19186: buildah security update (Important)
ALSA-2026:19350: git-lfs security update (Important)
ALSA-2026:19189: python-tornado security update (Moderate)
ALSA-2026:18913: containernetworking-plugins security update (Important)
ALSA-2026:20579: freeipmi security update (Moderate)
ALSA-2026:19353: opentelemetry-collector security update (Important)
ALSA-2026:20589: dnsmasq security update (Important)
ALSA-2026:20585: compat-libtiff3 security update (Important)
ALSA-2026:20586: thunderbird security update (Important)
AlmaLinux 10.2 released with GNOME 49, i686 userspace packages and more.
ALSA-2026:18143: p11-kit security update (Moderate)
ALSA-2026:19152: rsync security update (Important)
ALSA-2026:18326: libvirt security update (Moderate)
ALSA-2026:19024: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update (Important)
ALSA-2026:19054: tomcat security update (Important)
ALSA-2026:19149: dovecot security update (Important)
ALSA-2026:19073: vim security update (Important)
ALSA-2026:19159: nginx security update (Critical)
ALSA-2026:18465: edk2 security update (Important)
ALSA-2026:18480: linux-sgx security update (Important)
ALSA-2026:19145: krb5 security update (Important)
ALSA-2026:18479: qemu-kvm security update (Important)
ALSA-2026:19150: libtiff security update (Important)
ALSA-2026:18160: libssh security update (Moderate)
ALSA-2026:18142: NetworkManager security update (Low)
ALSA-2026:19155: python-markdown security update (Important)
ALSA-2026:18344: mingw-glib2 security update (Moderate)
ALSA-2026:18556: unbound security update (Moderate)
ALSA-2026:19042: python-jwcrypto security update (Low)
ALSA-2026:19022: golang security update (Important)
ALSA-2026:19068: systemd security update (Moderate)
ALSA-2026:19020: crun security update (Moderate)
ALSA-2026:19137: go-fdo-server security update (Important)
ALSA-2026:19064: python3.12 security update (Important)
ALSA-2026:19141: PackageKit security update (Important)
ALSA-2026:19143: libsoup3 security update (Moderate)
ALSA-2026:19560: libsndfile security update (Important)
ALSA-2026:19017: podman security update (Important)
ALSA-2026:19069: openssh security update (Important)
ALSA-2026:19066: openssl security update (Moderate)
ALSA-2026:19154: giflib security update (Important)

AlmaLinux 2606 Published by Philipp Esselbach 0

The AlmaLinux OS Foundation has released versions 9.8 and 10.2 simultaneously, marking the first time both stable builds launched on the same day. Version 9.8 delivers a critical kernel backport that eliminates excessive CPU spikes during task cleanup while updating core modules and security policies. Version 10.2 expands hardware compatibility by restoring disabled storage and network drivers, adds legacy i686 userspace support, and enables KVM for IBM POWER alongside modern language updates. Both releases include patches for recent high-profile vulnerabilities and are available across multiple architectures in ISO, cloud, container, and live image formats.