AlmaLinux has released a series of important security updates for multiple packages, including Apache Tomcat, the Linux kernel, OpenJDK 17, GLib2, and Cloud-Init. The updates include significant security fixes aimed at addressing vulnerabilities that could potentially impact system integrity and performance.
Key updates include:
1. Tomcat Security Updates (ALSA-2025:11335 & ALSA-2025:11333):
- Addressed vulnerabilities related to Remote Code Execution (RCE) and Denial of Service (DoS) due to malformed HTTP/2 frames.
- Severity: Important.
2. Kernel Security Update (ALSA-2025:10837):
- Fixes an out-of-bounds issue for systems with CPU-less NUMA nodes.
- Severity: Moderate.
3. Java-17-OpenJDK Security Update (ALSA-2025:10867):
- Enhancements made to glyph drawing, TLS protocol support, and HTTP client header handling.
- Severity: Important.
4. GLib2 Security Updates (ALSA-2025:11140 & ALSA-2025:11327):
- Fixes include buffer overflow and underflow issues.
- Severity: Moderate.
5. Cloud-Init Security Update (ALSA-2025:11324):
- Addresses a permissions flaw that could affect cloud instance initialization.
- Severity: Important.
These updates are critical for maintaining the security posture of AlmaLinux systems, and users are urged to apply them promptly. For more information on each update, including potential impacts and CVSS scores, users can refer to the detailed errata pages provided in the notifications.
In addition, AlmaLinux encourages users to engage with the community for any queries or discussion regarding these updates. The AlmaLinux team emphasizes the importance of staying informed about security vulnerabilities and updates to ensure the reliability and security of their systems.
To manage notification settings or for further assistance, users can visit the AlmaLinux mailing lists and community chat.
As cybersecurity threats continue to evolve, AlmaLinux's proactive approach in releasing timely updates is essential for safeguarding user systems against potential exploits. Users should remain vigilant and ensure that they regularly check for and apply updates to keep their systems secure
Key updates include:
1. Tomcat Security Updates (ALSA-2025:11335 & ALSA-2025:11333):
- Addressed vulnerabilities related to Remote Code Execution (RCE) and Denial of Service (DoS) due to malformed HTTP/2 frames.
- Severity: Important.
2. Kernel Security Update (ALSA-2025:10837):
- Fixes an out-of-bounds issue for systems with CPU-less NUMA nodes.
- Severity: Moderate.
3. Java-17-OpenJDK Security Update (ALSA-2025:10867):
- Enhancements made to glyph drawing, TLS protocol support, and HTTP client header handling.
- Severity: Important.
4. GLib2 Security Updates (ALSA-2025:11140 & ALSA-2025:11327):
- Fixes include buffer overflow and underflow issues.
- Severity: Moderate.
5. Cloud-Init Security Update (ALSA-2025:11324):
- Addresses a permissions flaw that could affect cloud instance initialization.
- Severity: Important.
These updates are critical for maintaining the security posture of AlmaLinux systems, and users are urged to apply them promptly. For more information on each update, including potential impacts and CVSS scores, users can refer to the detailed errata pages provided in the notifications.
In addition, AlmaLinux encourages users to engage with the community for any queries or discussion regarding these updates. The AlmaLinux team emphasizes the importance of staying informed about security vulnerabilities and updates to ensure the reliability and security of their systems.
To manage notification settings or for further assistance, users can visit the AlmaLinux mailing lists and community chat.
As cybersecurity threats continue to evolve, AlmaLinux's proactive approach in releasing timely updates is essential for safeguarding user systems against potential exploits. Users should remain vigilant and ensure that they regularly check for and apply updates to keep their systems secure
Tomcat, Kernel, Java-17-OpenJDK, Glib2, Cloud-Init updates for AlmaLinux
AlmaLinux has received multiple security upgrades, including tomcat, kernel, java-17-openjdk, glib2, and cloud-init:
ALSA-2025:11335: tomcat security update (Important)
ALSA-2025:10837: kernel security update (Moderate)
ALSA-2025:10867: java-17-openjdk security update (Important)
ALSA-2025:11140: glib2 security update (Moderate)
ALSA-2025:11333: tomcat security update (Important)
ALSA-2025:11327: glib2 security update (Moderate)
ALSA-2025:11324: cloud-init security update (Important)Tomcat, Kernel, Java-17-OpenJDK, Glib2, Cloud-Init updates for AlmaLinux @ Linux Compatible
