In response to the likes of the [1]Dirty Frag and [2]Fragnesia vulnerabilities, Rocky Linux is introducing an optional security repository for shipping important security updates sooner.

With the intent of Rocky Linux to stay in lock-step with upstream Red Hat Enterprise Linux, sometimes Rocky Linux and other RHEL-derived distros are stuck waiting on RHEL to land their fixes. When security embargoes are broken early or disclosures otherwise made before mitigations are ready, there can be an unfortunate wait for downstreams of RHEL. With the optional Rocky Linux security repository, they will proactively ship important fixes even if they haven't yet found their way into RHEL proper.

The Rocky Linux security repository is their new path for shipping important security fixes as soon as possible. Those wanting to opt-in to it can do so via sudo dnf --enablerepo=security update .

More details on the Rocky Linux security repository via [3]RockyLinux.org .



[1] https://www.phoronix.com/news/Dirty-Frag-Linux

[2] https://www.phoronix.com/news/Linux-Fragnesia

[3] https://rockylinux.org/news/2026-05-14-introducing-security-repository