ALSA-2026:36879: tomcat security, bug fix, and enhancement update (Important)
ALSA-2026:36639: nginx:1.26 security, bug fix, and enhancement update (Important)
ALSA-2026:36645: kernel update (Important)
ALSA-2026:36618: nginx:1.24 security, bug fix, and enhancement update (Important)
ALSA-2026:36018: kernel security, bug fix, and enhancement update (Important)
ALSA-2026:37130: gstreamer1-plugins-bad-free security update (Important)
ALSA-2026:36774: gstreamer1-plugins-good security update (Important)
ALSA-2026:36617: oci-seccomp-bpf-hook security update (Important)
ALSA-2026:36734: libxml2 security update (Low)
ALSA-2026:36733: cups security update (Moderate)
ALSA-2026:36674: gstreamer1-plugins-ugly-free security update (Moderate)
ALSA-2026:36732: python-urllib3 security update (Moderate)
ALSA-2026:36730: libsolv security update (Moderate)
ALSA-2026:36728: libtasn1 security update (Low)
ALSA-2026:36721: edk2 security, bug fix, and enhancement update (Moderate)
GhostLock (CVE-2026-43499) kernel privilege escalation: Call for testing
ALSA-2026:36541: kernel security, bug fix, and enhancement update (Important)
ALSA-2026:36749: gstreamer1-plugins-bad-free security update (Important)
ALSA-2026:36782: aardvark-dns security update (Moderate)
Januscape and Bad Epoll: AlmaLinux 9 and 10 patches released
ALSA-2026:36879: tomcat security, bug fix, and enhancement update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor (CVE-2026-29146)
* Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass (CVE-2026-34486)
Bug Fix(es) and Enhancement(s):
* Remove tomcat clustering JAR from RPM builds (JIRA:AlmaLinux-183992)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36879.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36639: nginx:1.26 security, bug fix, and enhancement update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers (CVE-2026-42055)
Bug Fix(es) and Enhancement(s):
* nginx:1.26/nginx: "HTTP/2 bomb" nginx fix breaks module ABI causing crashes [almalinux-9.8.z] (JIRA:AlmaLinux-191774)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36639.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36645: kernel update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
The kernel packages contain the Linux kernel, the core of any Linux operating
system.
Security Fix(es):
* kernel: eventpoll: defer struct eventpoll free to RCU grace period
(CVE-2026-43074)
* kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF
(CVE-2026-46242)
* kernel: Linux kernel: netfilter: ebtables SNAT target writes to shared memory pages during ARP hardware address rewrite (CVE-2026-53266)
Bug Fix(es) and Enhancement(s):
* kernel: Linux kernel: netfilter: ebtables SNAT target writes to shared memory pages during ARP hardware address rewrite [almalinux-9.8.z] (JIRA:AlmaLinux-182344)
* [AlmaLinux 9] Bonding reports unknown speed/duplex for tg3 interface [almalinux-9.8.z] (JIRA:AlmaLinux-182768)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36645.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36618: nginx:1.24 security, bug fix, and enhancement update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers (CVE-2026-42055)
Bug Fix(es) and Enhancement(s):
* nginx:1.24/nginx: "HTTP/2 bomb" nginx fix breaks module ABI causing crashes [almalinux-9.8.z] (JIRA:AlmaLinux-191773)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36618.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36018: kernel security, bug fix, and enhancement update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-07-08
Summary:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)
* kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path (CVE-2026-43276)
* kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs (CVE-2026-46323)
* kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (CVE-2026-46116)
* kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)
* kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)
* kernel: smb/client: fix out-of-bounds read in smb2_compound_op() (CVE-2026-46155)
* kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync (CVE-2026-46244)
* kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (CVE-2026-46259)
* kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources (CVE-2025-10263)
* kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry (CVE-2026-46316)
Bug Fix(es) and Enhancement(s):
* WARNING at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:1585 r535_gsp_fini+0x2fb/0x310 [nouveau] [almalinux-9.8.z] (JIRA:AlmaLinux-160966)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36018.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:37130: gstreamer1-plugins-bad-free security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.
Security Fix(es):
* gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720)
* gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-37130.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36774: gstreamer1-plugins-good security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Security Fix(es):
* gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow (CVE-2026-53705)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36774.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36617: oci-seccomp-bpf-hook security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes.
Security Fix(es):
* net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36617.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36734: libxml2 security update (Low)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Low
Release date: 2026-07-09
Summary:
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling (CVE-2025-6170)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36734.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36733: cups security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2026-07-09
Summary:
The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.
Security Fix(es):
* cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network (CVE-2026-34980)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36733.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36674: gstreamer1-plugins-ugly-free security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Moderate
Release date: 2026-07-09
Summary:
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL.
Security Fix(es):
* gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser (CVE-2026-53703)
* gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser (CVE-2026-53704)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-36674.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36732: python-urllib3 security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2026-07-09
Summary:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers (CVE-2026-44431)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36732.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36730: libsolv security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2026-07-09
Summary:
The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm.
Security Fix(es):
* libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data (CVE-2026-48864)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36730.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36728: libtasn1 security update (Low)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Low
Release date: 2026-07-09
Summary:
A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.
Security Fix(es):
* libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string (CVE-2025-13151)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36728.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36721: edk2 security, bug fix, and enhancement update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2026-07-09
Summary:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
* openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)
Bug Fix(es) and Enhancement(s):
* [FJ8.10 Bug] How to Update Secure Boot Certificates with Microsoft 2023 in KVM Guests (JIRA:AlmaLinux-151949)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-36721.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
GhostLock (CVE-2026-43499) kernel privilege escalation: Call for testing
A new Linux kernel local-privilege-escalation flaw has been disclosed, and we are shipping patched kernels for it. GhostLock (CVE-2026-43499) is a use-after-free in the kernel’s real-time mutex (rtmutex) priority-inheritance code. An unprivileged local user can exploit it to gain root, and it works from inside a container to escape to the host. No special capabilities are required. Every supported AlmaLinux release (8, 9, and 10) is affected. Patched kernels are available in the testing repository today, and we would like your help verifying them before we push them to production.
GhostLock (CVE-2026-43499) kernel privilege escalation: Call for testing
ALSA-2026:36541: kernel security, bug fix, and enhancement update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 10
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: eventpoll: defer struct eventpoll free to RCU grace period (CVE-2026-43074)
* kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path (CVE-2026-43276)
* kernel: net/ipv6: ioam6: prevent schema length wraparound in trace fill (CVE-2026-43341)
* kernel: smb/client: fix out-of-bounds read in smb2_compound_op() (CVE-2026-46155)
* kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF (CVE-2026-46242)
* kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (CVE-2026-46259)
Bug Fix(es) and Enhancement(s):
* CNB103: net: page_pool: avoid false positive warning if NAPI was never added [almalinux-10.2.z] (JIRA:AlmaLinux-162140)
* [AlmaLinux 10] Bonding reports unknown speed/duplex for tg3 interface [almalinux-10.2.z] (JIRA:AlmaLinux-182770)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/10/ALSA-2026-36541.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36749: gstreamer1-plugins-bad-free security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 10
Type: Security
Severity: Important
Release date: 2026-07-09
Summary:
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.
Security Fix(es):
* gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion (CVE-2026-52718)
* gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder (CVE-2026-52719)
* gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720)
* gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/10/ALSA-2026-36749.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:36782: aardvark-dns security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 10
Type: Security
Severity: Moderate
Release date: 2026-07-09
Summary:
Authoritative DNS server for A/AAAA container records Forwards other request to configured resolvers. Read more about configuration in `src/backend/mod.rs`.
Security Fix(es):
* aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset (CVE-2026-35406)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/10/ALSA-2026-36782.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
Januscape and Bad Epoll: AlmaLinux 9 and 10 patches released
Update: AlmaLinux 9 and 10 patches are now in productionThe patched kernels for Januscape (CVE-2026-53359) and Bad Epoll (CVE-2026-46242) have been released to the production repositories for AlmaLinux 9 and AlmaLinux 10. On those releases you no longer need to enable the testing repo. Just run:
sudo dnf clean metadata && sudo dnf upgrade
sudo reboot
The fixed versions released to production are kernel-5.14.0-687.23.1.el9_8 (AlmaLinux 9) and kernel-6.12.0-211.31.1.el10_2 (AlmaLinux 10), or higher. Confirm you are running the patched version with uname -r after rebooting. Most mirrors sync every few hours, so if the update is not available to you yet, try again a little later.Januscape and Bad Epoll: AlmaLinux 9 and 10 patches released