The AlmaLinux Security team has announced two significant updates aimed at addressing vulnerabilities within their operating system. The first update, identified as ALSA-2025:15699, is targeted at AlmaLinux version 10 and covers multiple security concerns related to MySQL and OpenSSL, which have been assessed with a moderate severity rating. The second update, ALSA-2025:15702, addresses a critical authentication bypass vulnerability in the CUPS printing system for AlmaLinux version 8, rated as important.
MySQL and OpenSSL Update (ALSA-2025:15699):
- Release Date: September 12, 2025
- Severity: Moderate
- Key Vulnerabilities:
- Timing side-channel issue in ECDSA signature computation (CVE-2024-13176).
- A range of unspecified vulnerabilities within MySQL affecting various components such as replication, optimizers, and InnoDB, with numerous CVEs listed (CVE-2025-30722, CVE-2025-30688, etc.).
- Additional Information: Users can find more details, including impacts and CVSS scores, on the official AlmaLinux errata page for this update.
CUPS Security Update (ALSA-2025:15702):
- Release Date: September 12, 2025
- Severity: Important
- Key Vulnerabilities:
- An authentication bypass issue in CUPS authorization handling (CVE-2025-58060).
- Additional Information: Full details and references are provided on the AlmaLinux errata page dedicated to this update.
Both updates are crucial for maintaining system security and integrity. Users are encouraged to download the updates from the AlmaLinux website and review the detailed errata for further information on the vulnerabilities addressed.
Moreover, AlmaLinux users should consider joining community forums or mailing lists to receive timely updates and support from the AlmaLinux team and fellow users, fostering a collaborative environment for addressing security concerns
MySQL and OpenSSL Update (ALSA-2025:15699):
- Release Date: September 12, 2025
- Severity: Moderate
- Key Vulnerabilities:
- Timing side-channel issue in ECDSA signature computation (CVE-2024-13176).
- A range of unspecified vulnerabilities within MySQL affecting various components such as replication, optimizers, and InnoDB, with numerous CVEs listed (CVE-2025-30722, CVE-2025-30688, etc.).
- Additional Information: Users can find more details, including impacts and CVSS scores, on the official AlmaLinux errata page for this update.
CUPS Security Update (ALSA-2025:15702):
- Release Date: September 12, 2025
- Severity: Important
- Key Vulnerabilities:
- An authentication bypass issue in CUPS authorization handling (CVE-2025-58060).
- Additional Information: Full details and references are provided on the AlmaLinux errata page dedicated to this update.
Both updates are crucial for maintaining system security and integrity. Users are encouraged to download the updates from the AlmaLinux website and review the detailed errata for further information on the vulnerabilities addressed.
Extensions:
In light of these updates, it is essential for users and system administrators to regularly check for updates and apply them promptly to mitigate potential security risks. Additionally, considering the increasing sophistication of cyber threats, users should implement best practices such as regular system audits, user access controls, and monitoring for unusual activities. Staying informed about vulnerabilities through community discussions and security forums can also enhance overall system security.Moreover, AlmaLinux users should consider joining community forums or mailing lists to receive timely updates and support from the AlmaLinux team and fellow users, fostering a collaborative environment for addressing security concerns
MySQL and CUPS updates for AlmaLinux
The AlmaLinux Security team has released two updates to fix vulnerabilities in their system. The first update, ALSA-2025:15699, addresses multiple security issues in MySQL and OpenSSL, affecting AlmaLinux 10 with a moderate severity rating. The second update, ALSA-2025:15702, fixes an authentication bypass vulnerability in the CUPS printing system, affecting AlmaLinux 8 with an important severity rating. Both updates are available for download on the AlmaLinux website, along with full details and references to learn more about the security issues fixed.
ALSA-2025:15699: mysql-selinux and mysql8.4 security update (Moderate)
ALSA-2025:15702: cups security update (Important)
