AlmaLinux has released a series of critical security updates affecting various packages, including Ghostscript, OSBuild-Composer, Grafana, the Linux kernel, 389-ds-base, Python Tornado, and Libsoup. Each update addresses significant vulnerabilities that could pose risks to system integrity and security.

Summary of Security Updates:

1. Ghostscript (Moderate): Fixes include addressing a dangling pointer, buffer overflows, arbitrary code execution vulnerabilities, and directory traversal issues.

2. OSBuild-Composer (Important): Resolves excessive memory allocation during header parsing, which could lead to denial of service.

3. Grafana (Important): Addresses cross-site scripting (XSS) vulnerabilities and open redirect issues.

4. Kernel Updates (Important): Multiple fixes were issued for various vulnerabilities, including memory corruption and out-of-bounds read issues.

5. 389-ds-base (Moderate): Fixes a null pointer dereference that could lead to denial of service.

6. Python Tornado (Important): Addresses a denial of service vulnerability related to multipart form-data handling.

7. Libsoup (Important): Multiple vulnerabilities fixed, including heap buffer over-reads, denial of service attacks, and out-of-bounds reads.

Extended Overview:

These updates are crucial for maintaining system security and stability. Users and administrators are advised to apply these updates promptly to mitigate potential threats. Each update includes links to detailed information about the vulnerabilities and the specific security fixes applied.

AlmaLinux emphasizes the importance of staying informed about security issues and encourages users to engage with the community through their chat platform for any inquiries or support. Additionally, users can manage their notification settings to stay updated on future releases.

For more detailed information on each specific update and to access the respective CVE references, users can visit the AlmaLinux errata pages linked in the notifications.

Action Recommended: System administrators should prioritize updating their AlmaLinux systems to the latest versions of the affected packages to safeguard against these vulnerabilities and ensure optimal performance and security of their environments

Ghostscript, OSBuild-Composer, Grafana, and more updates for AlmaLinux

AlmaLinux has implemented a series of important security updates, encompassing ghostscript, osbuild-composer, grafana, kernel, 389-ds-base, python-tornado, and libsoup:

ALSA-2025:7422: ghostscript security update (Moderate)
ALSA-2025:7425: osbuild-composer security update (Important)
ALSA-2025:7893: grafana security update (Important)
ALSA-2025:7903: kernel security update (Important)
ALSA-2025:7395: 389-ds-base security update (Moderate)
ALSA-2025:7423: kernel security update (Important)
ALSA-2025:8136: python-tornado security update (Important)
ALSA-2025:8126: libsoup security update (Important)
ALSA-2025:8132: libsoup security update (Important)

Ghostscript, OSBuild-Composer, Grafana, and more updates for AlmaLinux @ Linux Compatible