Key Updates:
1. Valkey - An advanced key-value store has received an important security update addressing a Redis DoS vulnerability (CVE-2025-21605).2. Firefox - Multiple critical updates have been released to mitigate several vulnerabilities, including out-of-bounds access issues that could lead to system crashes or data leaks (CVE-2025-4918, CVE-2025-4919).
3. .NET (8.0 and 9.0) - Security updates have been issued for both versions to fix a spoofing vulnerability (CVE-2025-26646).
4. Ghostscript - A moderate-level update has been provided to fix a compression buffer overflow issue (CVE-2025-27832).
5. SQLite - An important update addressing an integer overflow vulnerability (CVE-2025-3277) has been made available.
6. Ruby - Updates have been implemented to address several vulnerabilities including potential DoS attacks and memory leaks (CVE-2025-25186, CVE-2025-27219, CVE-2025-27221).
7. GStreamer - An important security update to fix a stack-based buffer overflow vulnerability (CVE-2025-3887).
8. Libsoup - Updates have been made to address multiple denial-of-service vulnerabilities and a cookie domain validation bypass (CVE-2025-32049, CVE-2025-32907, CVE-2025-4035).
9. Perl - An important update to fix a heap buffer overflow vulnerability when handling non-ASCII bytes (CVE-2024-56406).
10. XZ Utils - An important update addressing a heap-use-after-free bug in the threaded decoder (CVE-2025-31115).
Importance of Updates:
These updates are crucial for maintaining the integrity and security of systems running AlmaLinux. Users are encouraged to apply these updates as soon as possible to protect against the identified vulnerabilities.How to Stay Updated:
- Users subscribed to AlmaLinux security notifications will receive emails regarding these updates. For those who wish to manage their subscription settings or have further inquiries, they can do so via the AlmaLinux community chat and mailing list management portal.In summary, AlmaLinux continues to prioritize security by regularly introducing updates that address vulnerabilities across a range of essential software packages, thereby enhancing overall system resilience against potential attacks
Valkey, Firefox, .NET, and more updates for AlmaLinux
AlmaLinux has been updated with multiple security enhancements, encompassing valkey, .NET 9.0, .NET 8.0, ghostscript, xz, ruby, sqlite, perl, gstreamer1-plugins-bad-free, libsoup3, and firefox, along with additional security updates for firefox.
ALSA-2025:7509: valkey security update (Important)
ALSA-2025:8125: firefox security update (Important)
ALSA-2025:8047: unbound security update (Moderate)
ALSA-2025:7601: .NET 9.0 security update (Important)
ALSA-2025:7599: .NET 8.0 security update (Important)
ALSA-2025:7593: ghostscript security update (Moderate)
ALSA-2025:7524: xz security update (Important)
ALSA-2025:8131: ruby security update (Moderate)
ALSA-2025:7517: sqlite security update (Important)
ALSA-2025:7500: perl security update (Important)
ALSA-2025:8184: gstreamer1-plugins-bad-free security update (Important)
ALSA-2025:8128: libsoup3 security update (Important)
ALSA-2025:8293: firefox security update (Important)
ALSA-2025:8292: mingw-freetype security update (Important)
ALSA-2025:8308: firefox security update (Important)Valkey, Firefox, .NET, and more updates for AlmaLinux @ Linux Compatible
