AlmaLinux has announced the release of two significant security updates for its users: one for the pki-deps package and another for the mingw-sqlite package. These updates, categorized as important, were made available on August 20, 2025.
1. PKI-Deps Security Update (ALSA-2025:14126):
- Affected Package: pki-deps version 10.6
- Security Issue: This update addresses a potential StackOverflowError in the Jackson Core library (CVE-2025-52999), which could impact the Public Key Infrastructure Core essential for the AlmaLinux Certificate System.
- For further details, users can refer to the full announcement [here](https://errata.almalinux.org/8/ALSA-2025-14126.html).
2. MinGW-SQLite Security Update (ALSA-2025:14101):
- Affected Package: mingw-sqlite
- Security Issue: This update resolves an Integer Truncation vulnerability in SQLite (CVE-2025-6965). SQLite is a widely used C library that provides an SQL database engine, designed for ease of use and convenience.
- For more information, users can access the full announcement [here](https://errata.almalinux.org/8/ALSA-2025-14101.html).
For ongoing updates, users can keep an eye on AlmaLinux’s official communications and subscribe to errata notifications
Update Details:
1. PKI-Deps Security Update (ALSA-2025:14126):
- Affected Package: pki-deps version 10.6
- Security Issue: This update addresses a potential StackOverflowError in the Jackson Core library (CVE-2025-52999), which could impact the Public Key Infrastructure Core essential for the AlmaLinux Certificate System.
- For further details, users can refer to the full announcement [here](https://errata.almalinux.org/8/ALSA-2025-14126.html).
2. MinGW-SQLite Security Update (ALSA-2025:14101):
- Affected Package: mingw-sqlite
- Security Issue: This update resolves an Integer Truncation vulnerability in SQLite (CVE-2025-6965). SQLite is a widely used C library that provides an SQL database engine, designed for ease of use and convenience.
- For more information, users can access the full announcement [here](https://errata.almalinux.org/8/ALSA-2025-14101.html).
Importance of Updates:
Both updates are crucial for maintaining the security and stability of systems running AlmaLinux, particularly those utilizing the impacted packages. Users are encouraged to review the provided CVE details and assess the potential impact on their applications.Community Engagement:
The AlmaLinux team encourages users to reach out via their community chat for any questions related to these updates. Additionally, users can manage their notification settings through the AlmaLinux mailing list management portal.Conclusion:
Staying updated with security patches is essential for safeguarding systems against vulnerabilities. Users should ensure that these updates are applied promptly to maintain the integrity and security of their software environment.For ongoing updates, users can keep an eye on AlmaLinux’s official communications and subscribe to errata notifications
PKI-Deps and MinGW-SqLite updates for AlmaLinux
AlmaLinux has released two important security updates for pki-deps and mingw-sqlite:
ALSA-2025:14126: pki-deps:10.6 security update (Important)
ALSA-2025:14101: mingw-sqlite security update (Important)PKI-Deps and MinGW-SqLite updates for AlmaLinux @ Linux Compatible
