AlmaLinux has released several important security updates for various software packages, including OpenJDK (both versions 17 and 21), GnuTLS, OSBuild, Thunderbird, Firefox, Emacs, and Python 3.9. These updates are designed to address vulnerabilities and enhance security across the platform.

Key Updates:

1. OpenJDK Updates:
- java-17-openjdk (Moderate severity): Addresses TLS connection support, compiler transformations, and image handling.
- java-21-openjdk (Moderate severity): Similar updates as java-17, also enhancing TLS support and image handling.

2. GnuTLS Update:
- gnutls (Moderate severity): Fixes an issue related to inefficient DER decoding that could lead to remote denial of service (DoS).

3. OSBuild Update:
- osbuild-composer (Important severity): Resolves a vulnerability allowing excessive memory allocation during JWT header parsing.

4. Thunderbird Updates:
- Multiple updates (Important severity) addressing user interface misrepresentation, information disclosure, and memory safety issues.

5. Firefox Updates:
- Several updates (Important severity) that fix privilege escalation, unsafe attribute access, and memory safety bugs, which could affect both Firefox and Thunderbird.

6. Emacs Update:
- emacs (Moderate severity): Addresses a vulnerability that could allow arbitrary code execution through Lisp macro expansion.

7. Python Update:
- python39:3.9 (Moderate severity): Fixes a bypass related to trusted proxy headers.

Summary of Security Fixes:

- CVE References: Each update includes references to specific CVEs (Common Vulnerabilities and Exposures) that detail the vulnerabilities being addressed.
- Severity Ratings: The updates are categorized by severity (Moderate, Important) to help users prioritize their patching efforts.

Notifications:

Users subscribed to AlmaLinux security notifications will receive emails detailing these updates, including links for further information and management options for notification settings.

Conclusion:

These updates are crucial for maintaining system security and ensuring that users are protected against known vulnerabilities. It is recommended that AlmaLinux users apply these updates promptly to secure their systems against potential exploits. For further assistance or queries, users can engage with the AlmaLinux community through their chat and mailing list services

OpenJDK, GnuTLS, OSBuild, Thunderbird, Firefox, Emacs, Python updates for AlmaLinux

AlmaLinux has been updated with multiple security enhancements, encompassing java-17-openjdk, java-21-openjdk, gnutls, osbuild-composer, thunderbird, firefox, emacs, and python39:3.9.

ALSA-2025:3852: java-17-openjdk security update (Moderate)
ALSA-2025:3855: java-21-openjdk security update (Moderate)
ALSA-2025:4051: gnutls security update (Moderate)
ALSA-2025:4669: osbuild-composer security update (Important)
ALSA-2025:4649: thunderbird security update (Important)
ALSA-2025:4460: thunderbird security update (Important)
ALSA-2025:4458: firefox security update (Important)
ALSA-2025:4787: emacs security update (Moderate)
ALSA-2025:3855: java-21-openjdk security update (Moderate)
ALSA-2025:3852: java-17-openjdk security update (Moderate)
ALSA-2025:4443: firefox security update (Important)
ALSA-2025:4797: thunderbird security update (Important)
ALSA-2025:4791: python39:3.9 security update (Moderate)

OpenJDK, GnuTLS, OSBuild, Thunderbird, Firefox, Emacs, Python updates for AlmaLinux @ Linux Compatible