AlmaLinux has released updates for several crucial components, including OpenJDK, OpenIDC, and WebKit2GTK3, aimed at enhancing security across its versions. The updates include:
1. Java OpenJDK (java-1.8.0-openjdk):
- Severity: Moderate
- Release Date: April 22, 2025
- Notable Security Fixes:
- Improvement in TLS connection support (CVE-2025-21587)
- Enhanced compiler transformations (CVE-2025-30691)
- Better handling of Buffered Images (CVE-2025-30698)
- Available for both AlmaLinux 8 and 9.
2. OpenID Connect Module (mod_auth_openidc:2.3):
- Severity: Important
- Release Date: April 21, 2025
- Key Security Fix:
- Addressed an issue where mod_auth_openidc could leak protected data via OIDCProviderAuthRequestMethod POSTs (CVE-2025-31492).
- Applicable for AlmaLinux 8.
3. WebKitGTK (webkit2gtk3):
- Severity: Important
- Release Date: April 21, 2025
- Significant Security Fixes:
- Multiple vulnerabilities that could lead to process crashes, data exfiltration, denial-of-service attacks, and potential cross-site scripting attacks (CVE-2024-44192, CVE-2024-54467, CVE-2024-54551, CVE-2025-24208, CVE-2025-24209, CVE-2025-24216, CVE-2025-30427).
- Relevant for AlmaLinux 8.
For detailed information on each update, including CVSS scores and full references, users can visit the AlmaLinux errata pages linked within the announcements. This proactive approach to security ensures that users of AlmaLinux benefit from the latest enhancements and fixes, reinforcing the platform's reliability and safety.
Extension: AlmaLinux's commitment to security is evident through these updates, which not only address current vulnerabilities but also enhance the overall performance and stability of the software. It is crucial for users to stay informed about these updates and apply them promptly to protect their systems from potential threats. The AlmaLinux community also offers support through chat channels, fostering a collaborative environment for users to discuss issues and share solutions. Regular updates and security patches are essential in today's evolving cyber landscape, and AlmaLinux's responsiveness to these needs is a testament to its dedication to user security and satisfaction
1. Java OpenJDK (java-1.8.0-openjdk):
- Severity: Moderate
- Release Date: April 22, 2025
- Notable Security Fixes:
- Improvement in TLS connection support (CVE-2025-21587)
- Enhanced compiler transformations (CVE-2025-30691)
- Better handling of Buffered Images (CVE-2025-30698)
- Available for both AlmaLinux 8 and 9.
2. OpenID Connect Module (mod_auth_openidc:2.3):
- Severity: Important
- Release Date: April 21, 2025
- Key Security Fix:
- Addressed an issue where mod_auth_openidc could leak protected data via OIDCProviderAuthRequestMethod POSTs (CVE-2025-31492).
- Applicable for AlmaLinux 8.
3. WebKitGTK (webkit2gtk3):
- Severity: Important
- Release Date: April 21, 2025
- Significant Security Fixes:
- Multiple vulnerabilities that could lead to process crashes, data exfiltration, denial-of-service attacks, and potential cross-site scripting attacks (CVE-2024-44192, CVE-2024-54467, CVE-2024-54551, CVE-2025-24208, CVE-2025-24209, CVE-2025-24216, CVE-2025-30427).
- Relevant for AlmaLinux 8.
For detailed information on each update, including CVSS scores and full references, users can visit the AlmaLinux errata pages linked within the announcements. This proactive approach to security ensures that users of AlmaLinux benefit from the latest enhancements and fixes, reinforcing the platform's reliability and safety.
Extension: AlmaLinux's commitment to security is evident through these updates, which not only address current vulnerabilities but also enhance the overall performance and stability of the software. It is crucial for users to stay informed about these updates and apply them promptly to protect their systems from potential threats. The AlmaLinux community also offers support through chat channels, fostering a collaborative environment for users to discuss issues and share solutions. Regular updates and security patches are essential in today's evolving cyber landscape, and AlmaLinux's responsiveness to these needs is a testament to its dedication to user security and satisfaction
OpenJDK, OpenIDC, Webkit2GTK3 updates for AlmaLinux
AlmaLinux has been updated with multiple security enhancements, including java-1.8.0-openjdk, mod_auth_openidc:2.3, and webkit2gtk3:
ALSA-2025:3845: java-1.8.0-openjdk security update (Moderate)
ALSA-2025:3845: java-1.8.0-openjdk security update (Moderate)
ALSA-2025:3997: mod_auth_openidc:2.3 security update (Important)
ALSA-2025:3974: webkit2gtk3 security update (Important)OpenJDK, OpenIDC, Webkit2GTK3 updates for AlmaLinux @ Linux Compatible
