diff --git a/changelog/entries/unreleased/bug/install_tzdatalegacy_in_allinone_image_for_timezones_removed.json b/changelog/entries/unreleased/bug/install_tzdatalegacy_in_allinone_image_for_timezones_removed.json
new file mode 100644
index 0000000000..7f89eeaa4d
--- /dev/null
+++ b/changelog/entries/unreleased/bug/install_tzdatalegacy_in_allinone_image_for_timezones_removed.json
@@ -0,0 +1,9 @@
+{
+    "type": "bug",
+    "message": "Install tzdata-legacy in all-in-one image for timezones removed after the upgrade to trixie.",
+    "issue_origin": "github",
+    "issue_number": null,
+    "domain": "core",
+    "bullet_points": [],
+    "created_at": "2026-02-27"
+}
\ No newline at end of file
diff --git a/changelog/entries/unreleased/refactor/upgrade_redisserver_in_allinone_image_to_resolve_cves.json b/changelog/entries/unreleased/refactor/upgrade_redisserver_in_allinone_image_to_resolve_cves.json
new file mode 100644
index 0000000000..8eb3d4d015
--- /dev/null
+++ b/changelog/entries/unreleased/refactor/upgrade_redisserver_in_allinone_image_to_resolve_cves.json
@@ -0,0 +1,9 @@
+{
+    "type": "refactor",
+    "message": "Upgrade redis-server in all-in-one image to resolve CVEs",
+    "issue_origin": "github",
+    "issue_number": null,
+    "domain": "core",
+    "bullet_points": [],
+    "created_at": "2026-02-27"
+}
\ No newline at end of file
diff --git a/deploy/all-in-one/Dockerfile b/deploy/all-in-one/Dockerfile
index 3f35a6580d..a9217e672f 100644
--- a/deploy/all-in-one/Dockerfile
+++ b/deploy/all-in-one/Dockerfile
@@ -43,6 +43,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     xmlsec1 \
     gettext \
     tini \
+    tzdata-legacy \
     && \
     # Setup user and group with fixed UID/GID for volume permission consistency
     getent group "$GID" || groupadd --system --gid "$GID" "${DOCKER_USER}" && \
@@ -118,11 +119,13 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # Install postgres + redis (PGDG repo already added in base stage)
 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    curl -fsSL https://packages.redis.io/gpg | gpg --batch --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg && \
+    echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb trixie main" > /etc/apt/sources.list.d/redis.list && \
     apt-get update && \
     apt-get install --no-install-recommends -y \
     "postgresql-${POSTGRES_VERSION}" \
     "postgresql-${POSTGRES_VERSION}-pgvector" \
-    redis-server && \
+    redis && \
     # Setup redis
     usermod -a -G tty redis && \
     sed -i 's/daemonize yes/daemonize no/g' /etc/redis/redis.conf && \