Security & Maintenance Update

By Jakob Ward | November 10, 2025

Version 1.3.4 / System & Security Enhancements

Overview
This update addresses upstream Red Hat advisories mirrored in AlmaLinux 9/10 and focuses on critical security updates for database, kernel, and container environments across all Hostbotica production nodes.

Highlights

MariaDB Security Update (RHSA-2025:19572 / RHSA-2025:19584)
Applied patched builds across all WordPress and ColdFusion database clusters to address privilege escalation and data integrity vulnerabilities.
runC / Containerd Update (RHSA-2025:19927)
Updated container runtime packages to resolve multiple container escape and arbitrary write vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881).
BIND9 Resolver Update (RHSA-2025:19912 / 19793)
Updated internal DNS resolver packages to prevent potential cache poisoning and query amplification exploits.
Kernel Security Patch (RHSA-2025:19886+)
Rolled out to all AlmaLinux 9/10 systems to mitigate privilege escalation and memory corruption issues.
libssh Library Update (RHSA-2025:19472)
Updated SSH-linked libraries used by Git and system utilities for improved session handling and authentication safety.
Redis Security Update (RHSA-2025:19399)
Prepared for future Redis deployments; applied to staging systems for compatibility verification.

Notes

All production nodes verified under SELinux enforcing mode post-update.
No service interruptions were detected during rolling reboots.
ColdFusion and WordPress application stacks remain fully operational under updated environments.

Posted in Changelog and tagged AlmaLinux, bind9, Hostbotica Changelog, kernel patch, libssh, MariaDB, red hat, redis, runc, security update, system maintenance