AlmaLinux has released important security updates for several packages, specifically PostgreSQL, Expat, and Bluez, as part of their commitment to maintaining system security and reliability. The updates are as follows:
1. PostgreSQL (ALSA-2025:3082): This security update for PostgreSQL version 12 is classified as important and addresses a significant vulnerability related to quoting APIs that fail to neutralize quoting syntax in improperly encoded text (CVE-2025-1094). This could potentially lead to security risks if not patched.
2. Expat (ALSA-2025:3913): The update for the Expat library, which is essential for parsing XML documents, is classified as moderate. The vulnerability (CVE-2024-8176) involves improper restrictions on XML entity expansion depth, which may lead to performance or security issues.
3. Bluez (ALSA-2025:4043): This moderate update addresses two vulnerabilities in the Bluez package, which provides Bluetooth utilities. These vulnerabilities include a remote code execution risk (CVE-2023-27349) and an out-of-bounds read that could lead to information disclosure (CVE-2023-51589).
All of these updates were released on April 22, 2025, and users are encouraged to review the detailed security issues and their impacts on the respective CVE pages linked in the notifications. For additional information about the updates and to manage notification preferences, users can visit the AlmaLinux community chat or the mailing list management page.
In conclusion, maintaining up-to-date software is crucial for ensuring the security and efficiency of your systems. Users of AlmaLinux should prioritize these updates to mitigate potential vulnerabilities. Regular checks for updates and security notifications are recommended to stay informed about the latest patches and fixes in the evolving landscape of cybersecurity threats
1. PostgreSQL (ALSA-2025:3082): This security update for PostgreSQL version 12 is classified as important and addresses a significant vulnerability related to quoting APIs that fail to neutralize quoting syntax in improperly encoded text (CVE-2025-1094). This could potentially lead to security risks if not patched.
2. Expat (ALSA-2025:3913): The update for the Expat library, which is essential for parsing XML documents, is classified as moderate. The vulnerability (CVE-2024-8176) involves improper restrictions on XML entity expansion depth, which may lead to performance or security issues.
3. Bluez (ALSA-2025:4043): This moderate update addresses two vulnerabilities in the Bluez package, which provides Bluetooth utilities. These vulnerabilities include a remote code execution risk (CVE-2023-27349) and an out-of-bounds read that could lead to information disclosure (CVE-2023-51589).
All of these updates were released on April 22, 2025, and users are encouraged to review the detailed security issues and their impacts on the respective CVE pages linked in the notifications. For additional information about the updates and to manage notification preferences, users can visit the AlmaLinux community chat or the mailing list management page.
In conclusion, maintaining up-to-date software is crucial for ensuring the security and efficiency of your systems. Users of AlmaLinux should prioritize these updates to mitigate potential vulnerabilities. Regular checks for updates and security notifications are recommended to stay informed about the latest patches and fixes in the evolving landscape of cybersecurity threats
PostgreSQL, Expat, Bluez updates for AlmaLinux
AlmaLinux has received several security updates, including PostgreSQL, Expat, and Bluez:
ALSA-2025:3082: postgresql:12 security update (Important)
ALSA-2025:3913: expat security update (Moderate)
ALSA-2025:4043: bluez security update (Moderate)PostgreSQL, Expat, Bluez updates for AlmaLinux @ Linux Compatible
