AlmaLinux Security Updates: GIMP and LibXSLT
AlmaLinux has recently released important security updates for two key software components: GIMP and libxslt. These updates address critical vulnerabilities and enhance system security for users.
- Release Date: April 7, 2025
- Severity: Important
- Affected Version: AlmaLinux 9
Overview: GIMP (GNU Image Manipulation Program) is a widely-used image editing tool that offers a comprehensive set of features for image manipulation, including layers, effects, and multi-level undo capabilities.
Security Vulnerabilities Addressed:
- CVE-2023-44441: DDS buffer overflow leading to Remote Code Execution (RCE)
- CVE-2023-44442: PSD buffer overflow leading to RCE
- CVE-2023-44443: PSP integer overflow leading to RCE
- CVE-2023-44444: PSP off-by-one error leading to RCE
For a detailed breakdown of the vulnerabilities, including their impacts and CVSS scores, users can refer to the full update on the AlmaLinux errata page [here](https://errata.almalinux.org/9/ALSA-2025-3617.html).
- Release Date: April 7, 2025
- Severity: Important
- Affected Version: AlmaLinux 8
Overview: libxslt is a powerful library designed for transforming XML documents into different formats using XSLT (Extensible Stylesheet Language Transformations).
Security Vulnerabilities Addressed:
- CVE-2025-24855: Use-After-Free vulnerability in libxslt numbers.c
- CVE-2024-55549: Use-After-Free vulnerability in the xsltGetInheritedNsList function
For comprehensive information on these vulnerabilities, please visit the AlmaLinux errata page [here](https://errata.almalinux.org/8/ALSA-2025-3615.html).
These updates are crucial for maintaining the security and integrity of systems running AlmaLinux. Users are encouraged to apply these patches to protect against potential exploits associated with the identified vulnerabilities. For any questions or further information, users can reach out via the AlmaLinux community chat or manage their notification settings through the AlmaLinux mailing lists.
Note: This message is automatically generated; for any inquiries, please do not reply directly to this email
AlmaLinux has recently released important security updates for two key software components: GIMP and libxslt. These updates address critical vulnerabilities and enhance system security for users.
GIMP Security Update (ALSA-2025:3617)
- Release Date: April 7, 2025
- Severity: Important
- Affected Version: AlmaLinux 9
Overview: GIMP (GNU Image Manipulation Program) is a widely-used image editing tool that offers a comprehensive set of features for image manipulation, including layers, effects, and multi-level undo capabilities.
Security Vulnerabilities Addressed:
- CVE-2023-44441: DDS buffer overflow leading to Remote Code Execution (RCE)
- CVE-2023-44442: PSD buffer overflow leading to RCE
- CVE-2023-44443: PSP integer overflow leading to RCE
- CVE-2023-44444: PSP off-by-one error leading to RCE
For a detailed breakdown of the vulnerabilities, including their impacts and CVSS scores, users can refer to the full update on the AlmaLinux errata page [here](https://errata.almalinux.org/9/ALSA-2025-3617.html).
LibXSLT Security Update (ALSA-2025:3615)
- Release Date: April 7, 2025
- Severity: Important
- Affected Version: AlmaLinux 8
Overview: libxslt is a powerful library designed for transforming XML documents into different formats using XSLT (Extensible Stylesheet Language Transformations).
Security Vulnerabilities Addressed:
- CVE-2025-24855: Use-After-Free vulnerability in libxslt numbers.c
- CVE-2024-55549: Use-After-Free vulnerability in the xsltGetInheritedNsList function
For comprehensive information on these vulnerabilities, please visit the AlmaLinux errata page [here](https://errata.almalinux.org/8/ALSA-2025-3615.html).
Conclusion
These updates are crucial for maintaining the security and integrity of systems running AlmaLinux. Users are encouraged to apply these patches to protect against potential exploits associated with the identified vulnerabilities. For any questions or further information, users can reach out via the AlmaLinux community chat or manage their notification settings through the AlmaLinux mailing lists.
Note: This message is automatically generated; for any inquiries, please do not reply directly to this email
GIMP and LibXSLT updates for AlmaLinux
AlmaLinux has been updated with two important security patches: the GIMP security update (ALSA-2025:3617) and the libxslt security update (ALSA-2025:3615)
ALSA-2025:3617: gimp security update (Important)
ALSA-2025:3615: libxslt security update (Important)
