Dtrace, Libtiff, Grafana-PCP, and more updates for Oracle Linux

Oracle Linux 6477 Published by

Oracle Linux recently distributed multiple security advisories for versions 8 through 10 across several processor architectures. These errata address serious flaws in core utilities like dtrace, sudo, libtiff, and the automation manager by fixing out-of-bounds memory leaks, privilege escalation bugs, and integer overflow errors. You will also notice routine maintenance patches for edk2 and e2fsprogs paired with library updates that neutralize known vulnerabilities in Django, axios, and various cryptography modules.

ELSA-2026-50249 Moderate: dtrace security update
ELSA-2026-12265 Important: Oracle Linux 10 libtiff security update
ELSA-2026-11881 Important: Oracle Linux 10 grafana-pcp security update
ELBA-2026-12270 Oracle Linux 10 edk2 bug fix and enhancement update
OLAMSA-2026-0010 Important: Oracle Linux 9 ol-automation-manager security update
OLAMSA-2026-0009 Important: Oracle Linux 8 ol-automation-manager security update
ELSA-2026-50249 Moderate: Oracle Linux 9 dtrace security update
ELBA-2026-50247 Oracle Linux 9 e2fsprogs bug fix update
ELSA-2026-50250 Moderate: Oracle Linux 9 dtrace security update
ELSA-2026-12441 Important: Oracle Linux 9 libcap security update
ELSA-2026-12310 Important: Oracle Linux 9 sudo security update
ELSA-2026-12271 Important: Oracle Linux 9 libtiff security update
ELSA-2026-50250 Moderate: Oracle Linux 9 dtrace security update
ELSA-2026-50250 Moderate: Oracle Linux 8 dtrace security update
ELSA-2026-50251 Moderate: Oracle Linux 8 dtrace security update
ELSA-2026-12176 Important: Oracle Linux 8 fence-agents security update
ELSA-2026-11656 Important: Oracle Linux 8 xorg-x11-server-Xwayland security update
ELSA-2026-50251 Moderate: Oracle Linux 8 dtrace security update




ELSA-2026-50249 Moderate: dtrace security update


Oracle Linux Security Advisory ELSA-2026-50249

http://linux.oracle.com/errata/ELSA-2026-50249.html

The following updated rpms for have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-devel-2.0.7-4.el10.x86_64.rpm
dtrace-testsuite-2.0.7-4.el10.x86_64.rpm
dtrace-2.0.7-4.el10.x86_64.rpm

aarch64:
dtrace-devel-2.0.7-4.el10.aarch64.rpm
dtrace-testsuite-2.0.7-4.el10.aarch64.rpm
dtrace-2.0.7-4.el10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/dtrace-2.0.7-4.el10.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.



ELSA-2026-12265 Important: Oracle Linux 10 libtiff security update


Oracle Linux Security Advisory ELSA-2026-12265

http://linux.oracle.com/errata/ELSA-2026-12265.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
libtiff-4.6.0-6.el10_1.3.x86_64.rpm
libtiff-devel-4.6.0-6.el10_1.3.x86_64.rpm
libtiff-tools-4.6.0-6.el10_1.3.x86_64.rpm

aarch64:
libtiff-4.6.0-6.el10_1.3.aarch64.rpm
libtiff-devel-4.6.0-6.el10_1.3.aarch64.rpm
libtiff-tools-4.6.0-6.el10_1.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/libtiff-4.6.0-6.el10_1.3.src.rpm

Related CVEs:

CVE-2026-4775

Description of changes:

[4.6.0-6.3]
- fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile (RHEL-159309)



ELSA-2026-11881 Important: Oracle Linux 10 grafana-pcp security update


Oracle Linux Security Advisory ELSA-2026-11881

http://linux.oracle.com/errata/ELSA-2026-11881.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-pcp-5.3.0-4.el10_1.x86_64.rpm

aarch64:
grafana-pcp-5.3.0-4.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/grafana-pcp-5.3.0-4.el10_1.src.rpm

Related CVEs:

CVE-2026-32283

Description of changes:

[5.3.0-4]
- Resolves RHEL-166433: CVE-2026-32282
- Resolves RHEL-167474: CVE-2026-32283



ELBA-2026-12270 Oracle Linux 10 edk2 bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-12270

http://linux.oracle.com/errata/ELBA-2026-12270.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
edk2-aarch64-20250523-2.0.1.el10_1.2.noarch.rpm
edk2-ovmf-20250523-2.0.1.el10_1.2.noarch.rpm
edk2-tools-20250523-2.0.1.el10_1.2.x86_64.rpm
edk2-tools-doc-20250523-2.0.1.el10_1.2.noarch.rpm

aarch64:
edk2-aarch64-20250523-2.0.1.el10_1.2.noarch.rpm
edk2-ovmf-20250523-2.0.1.el10_1.2.noarch.rpm
edk2-tools-20250523-2.0.1.el10_1.2.aarch64.rpm
edk2-tools-doc-20250523-2.0.1.el10_1.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/edk2-20250523-2.0.1.el10_1.2.src.rpm

Description of changes:

[20250523-2.0.1.el10_1.2]
- Replace upstream references [Orabug:36569119]

[20250523-2.el10_1.2]
- edk2-Bumped-to-OpenSSL-3.5.1-6.patch [RHEL-115882]
- Resolves: RHEL-115882
(CVE-2025-9230 edk2: Out-of-bounds read & write in RFC 3211 KEK Unwrap [rhel-10.1.z])

[20250523-2.el10_1.1]
- edk2-OvmfPkg-IoMmuDxe-Fix-1M-and-2M-buffer-handling.patch [RHEL-121876]
- Resolves: RHEL-121876
(Fail to create AMD SEV SLES 15 SP4 guest via virt-install --cdrom [rhel-10.1.z])



OLAMSA-2026-0010 Important: Oracle Linux 9 ol-automation-manager security update


Oracle Linux Security Advisory OLAMSA-2026-0010

http://linux.oracle.com/errata/OLAMSA-2026-0010.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
ol-automation-manager-2.3.1-9.el9.x86_64.rpm
ol-automation-manager-cli-2.3.1-9.el9.noarch.rpm
python311-olamkit-2.3.1-9.el9.noarch.rpm
python3.11-aiohttp-3.9.5-1.0.5.el9.x86_64.rpm
python3.11-django-4.2.30-1.0.1.el9.noarch.rpm
python3.11-galaxy-ng-4.10.1-1.0.4.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/ol-automation-manager-2.3.1-9.el9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/python-aiohttp-3.9.5-1.0.5.el9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/python-django-4.2.30-1.0.1.el9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/python-galaxy-ng-4.10.1-1.0.4.el9.src.rpm

Related CVEs:

CVE-2026-34520
CVE-2026-4277
CVE-2026-40175

Description of changes:

ol-automation-manager
[2.3.1-9.el9]
- OLAM-917 Bump axios to mitigate CVE-2026-40175

[2.3.1-8.el9]
- OLAM-914 Bump Django to mitigate CVE-2026-4277

[2.3.1-7.el9]
- OLAM-913 Apply patch on aiohttp to fix CVE-2026-34520

python-aiohttp
[3.9.5-1.0.5]
- OLAM-919 Apply patch for CVE-2026-34520

python-django
[4.2.30-1.0.1]
- OLAM-915 Bump Django to mitigate CVE-2026-4277

python-galaxy-ng
[4.10.1-1.0.4]
- OLAM-916 Bump axios (ansible-hub-ui) to mitigate CVE-2026-40175



OLAMSA-2026-0009 Important: Oracle Linux 8 ol-automation-manager security update


Oracle Linux Security Advisory OLAMSA-2026-0009

http://linux.oracle.com/errata/OLAMSA-2026-0009.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ol-automation-manager-2.3.1-10.el8.x86_64.rpm
ol-automation-manager-cli-2.3.1-10.el8.noarch.rpm
python311-olamkit-2.3.1-10.el8.noarch.rpm
python3.11-aiohttp-3.9.5-1.0.5.el8.x86_64.rpm
python3.11-django-4.2.30-1.0.1.el8.noarch.rpm
python3.11-galaxy-ng-4.10.1-1.0.4.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/ol-automation-manager-2.3.1-10.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-aiohttp-3.9.5-1.0.5.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-django-4.2.30-1.0.1.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-galaxy-ng-4.10.1-1.0.4.el8.src.rpm

Related CVEs:

CVE-2026-34520
CVE-2026-4277
CVE-2026-40175

Description of changes:

ol-automation-manager
[2.3.1-10.el8]
- OLAM-917 Bump axios to mitigate CVE-2026-40175

[2.3.1-9.el8]
- OLAM-914 Bump Django to mitigate CVE-2026-4277

[2.3.1-8.el8]
- OLAM-913 Apply patch on aiohttp to fix CVE-2026-34520

python-aiohttp
[3.9.5-1.0.5]
- OLAM-919 Apply patch for CVE-2026-34520

python-django
[4.2.30-1.0.1]
- OLAM-915 Bump Django to mitigate CVE-2026-4277

python-galaxy-ng
[4.10.1-1.0.4]
- OLAM-916 Bump axios (ansible-hub-ui) to mitigate CVE-2026-40175



ELSA-2026-50249 Moderate: Oracle Linux 9 dtrace security update


Oracle Linux Security Advisory ELSA-2026-50249

http://linux.oracle.com/errata/ELSA-2026-50249.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.7-4.el9.x86_64.rpm
dtrace-devel-2.0.7-4.el9.x86_64.rpm
dtrace-testsuite-2.0.7-4.el9.x86_64.rpm

aarch64:
dtrace-2.0.7-4.el9.aarch64.rpm
dtrace-devel-2.0.7-4.el9.aarch64.rpm
dtrace-testsuite-2.0.7-4.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/dtrace-2.0.7-4.el9.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.



ELBA-2026-50247 Oracle Linux 9 e2fsprogs bug fix update


Oracle Linux Bug Fix Advisory ELBA-2026-50247

http://linux.oracle.com/errata/ELBA-2026-50247.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
e2fsprogs-1.47.1-4.0.2.el9.x86_64.rpm
e2fsprogs-devel-1.47.1-4.0.2.el9.x86_64.rpm
e2fsprogs-libs-1.47.1-4.0.2.el9.x86_64.rpm
libss-1.47.1-4.0.2.el9.x86_64.rpm
libss-devel-1.47.1-4.0.2.el9.x86_64.rpm
libcom_err-1.47.1-4.0.2.el9.x86_64.rpm
libcom_err-devel-1.47.1-4.0.2.el9.x86_64.rpm
e2fsprogs-1.47.1-4.0.2.el9.i686.rpm
e2fsprogs-devel-1.47.1-4.0.2.el9.i686.rpm
e2fsprogs-libs-1.47.1-4.0.2.el9.i686.rpm
libcom_err-1.47.1-4.0.2.el9.i686.rpm
libcom_err-devel-1.47.1-4.0.2.el9.i686.rpm
libss-1.47.1-4.0.2.el9.i686.rpm
libss-devel-1.47.1-4.0.2.el9.i686.rpm

aarch64:
e2fsprogs-1.47.1-4.0.2.el9.aarch64.rpm
e2fsprogs-devel-1.47.1-4.0.2.el9.aarch64.rpm
e2fsprogs-libs-1.47.1-4.0.2.el9.aarch64.rpm
libss-1.47.1-4.0.2.el9.aarch64.rpm
libss-devel-1.47.1-4.0.2.el9.aarch64.rpm
libcom_err-1.47.1-4.0.2.el9.aarch64.rpm
libcom_err-devel-1.47.1-4.0.2.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/e2fsprogs-1.47.1-4.0.2.el9.src.rpm

Description of changes:

[1.47.1-4.0.2]
- Rebuild for i686 [Orabug 39256591]



ELSA-2026-50250 Moderate: Oracle Linux 9 dtrace security update


Oracle Linux Security Advisory ELSA-2026-50250

http://linux.oracle.com/errata/ELSA-2026-50250.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.7-4.el9.x86_64.rpm
dtrace-devel-2.0.7-4.el9.x86_64.rpm
dtrace-testsuite-2.0.7-4.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/dtrace-2.0.7-4.el9.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.



ELSA-2026-12441 Important: Oracle Linux 9 libcap security update


Oracle Linux Security Advisory ELSA-2026-12441

http://linux.oracle.com/errata/ELSA-2026-12441.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libcap-2.48-10.el9_7.1.i686.rpm
libcap-2.48-10.el9_7.1.x86_64.rpm
libcap-devel-2.48-10.el9_7.1.i686.rpm
libcap-devel-2.48-10.el9_7.1.x86_64.rpm

aarch64:
libcap-2.48-10.el9_7.1.aarch64.rpm
libcap-devel-2.48-10.el9_7.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/libcap-2.48-10.el9_7.1.src.rpm

Related CVEs:

CVE-2026-4878

Description of changes:

[2.48-10.1]
- Fix TOCTOU race condition in cap_set_file() (CVE-2026-4878)
Resolves: RHEL-169311



ELSA-2026-12310 Important: Oracle Linux 9 sudo security update


Oracle Linux Security Advisory ELSA-2026-12310

http://linux.oracle.com/errata/ELSA-2026-12310.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
sudo-1.9.5p2-15.el9_7.x86_64.rpm
sudo-python-plugin-1.9.5p2-15.el9_7.x86_64.rpm

aarch64:
sudo-1.9.5p2-15.el9_7.aarch64.rpm
sudo-python-plugin-1.9.5p2-15.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/sudo-1.9.5p2-15.el9_7.src.rpm

Related CVEs:

CVE-2026-35535

Description of changes:

[1.9.5p2-15]
RHEL 9.7.0 ERRATUM
- CVE-2026-35535 - Privilege escalation due to failure in privilege drop calls
Resolves: RHEL-166065



ELSA-2026-12271 Important: Oracle Linux 9 libtiff security update


Oracle Linux Security Advisory ELSA-2026-12271

http://linux.oracle.com/errata/ELSA-2026-12271.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libtiff-4.4.0-15.el9_7.3.i686.rpm
libtiff-4.4.0-15.el9_7.3.x86_64.rpm
libtiff-devel-4.4.0-15.el9_7.3.i686.rpm
libtiff-devel-4.4.0-15.el9_7.3.x86_64.rpm
libtiff-tools-4.4.0-15.el9_7.3.x86_64.rpm

aarch64:
libtiff-4.4.0-15.el9_7.3.aarch64.rpm
libtiff-devel-4.4.0-15.el9_7.3.aarch64.rpm
libtiff-tools-4.4.0-15.el9_7.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/libtiff-4.4.0-15.el9_7.3.src.rpm

Related CVEs:

CVE-2026-4775

Description of changes:

[4.4.0-15.3]
- fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile (RHEL-159330)



ELSA-2026-50250 Moderate: Oracle Linux 9 dtrace security update


Oracle Linux Security Advisory ELSA-2026-50250

http://linux.oracle.com/errata/ELSA-2026-50250.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
dtrace-2.0.7-4.el9.aarch64.rpm
dtrace-devel-2.0.7-4.el9.aarch64.rpm
dtrace-testsuite-2.0.7-4.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/dtrace-2.0.7-4.el9.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.

[2.0.6-1]
- Fix dtprobed unsafe probe description handling (CVE-2026-21991).
[Orabug: 39054018]

[2.0.5-1]
- Implement PID-specific uprobes. (Kris Van Hees)
- Allocate the buffers BPF map to fit highest CPU id. (Kris Van Hees)
- Fix argument handling for multi-location user probes.
(Kris Van Hees) [Orabug: 38922360]
- Change the "stack skip" to 3 for fbt (fprobe) and rawtp providers.
[Orabug: 38776929]
- Fix prvname so that both rawfbt and fbt probes are seen.
[Orabug: 38842114]
- Do not convert "__" to "-" for stapsdt provider names.
- Fix printf formatting with non-monetary grouping chars.
[Orabug: 30430270]
- Discontinue -xversion=V as an option. (Kris Van Hees) [Orabug: 38615307]
- Add the DTrace Tutorial to the git repo and install package.
- Add missing documentation: trunc(), stapsdt, usdt.h include path.
- Update LLM context files to forbid "if" statements.
- Test suite weakly pulls in kernel-uek-tools to get perf. (Nick Alcock)
[Orabug: 38064413]

[2.0.4-1]
- TCP, UDP, and stapsdt providers implemented. (Alan Maguire)
- New learning materials: the User's Guide in Markdown format,
example scripts, and a context file for LLMs.
(Eugene Loh, Bruce McCulloch, Ruud van der Pas, Elena Zannoni).
- Allow [u]stack() to be used as a variable value. (Kris Van Hees)
[Orabug: 37950533]
- Comments using // are now supported. (Kris Van Hees)
- Scalability improvements. (Kris Van Hees)
- Error injection via return() action. (Kris Van Hees)
- Improved string handling. (Kris Van Hees)
- Various bug fixes. (Eugene Loh, Kris Van Hees)
- Fix dyn vars overwriting one another. [Orabug: 37994729]
- Fix regression: list fbt probes by default. [Orabug: 38249511]
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Alan Maguire, Kris Van Hees)
- Add test for preprocessor definitions. [Orabug: 28763074]
- Fix some stack tests. [Orabug: 37459289]

[2.0.3-1]
- This is only released on OL10.
- Redesigned USDT support to work for LTO compilations. [Orabug: 38011704]
- New builtin variable: execargs.
- Offset probes in pid provider. (Eugene Loh)
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Sam James, Eugene Loh, Kris Van Hees)

[2.0.2-1]
- Translators to support kernels 6.10 and later.
- FBT return probe argument support.
- The print() action is augmented with type information. (Alan Maguire)
- Support to discover and trace USDT probes after a tracing session has
started. (Eugene Loh, Nick Alcock)
- USDT probe argument support (translated types, mapping). (Nick Alcock)
- Installation locations are now configurable. (Nick Alcock)
- Valgrind is no longer a required build dependency. (Nick Alcock)
- Self-grabs have been improved. (Nick Alcock)
- New provider: rawfbt. (Kris Van Hees)
- Various bug fixes. (Nick Alcock, Eugene Loh, Alan Maguire, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Sam James, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 37274251]

[2.0.1-1]
- Implement FBT probes with fentry/fexit tracepoints
- Provide argument info for FBT probes.
- Provide pre-generated translator files sets. [Orabug: 36504847]



ELSA-2026-50250 Moderate: Oracle Linux 8 dtrace security update


Oracle Linux Security Advisory ELSA-2026-50250

http://linux.oracle.com/errata/ELSA-2026-50250.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.7-4.el8.x86_64.rpm
dtrace-devel-2.0.7-4.el8.x86_64.rpm
dtrace-testsuite-2.0.7-4.el8.x86_64.rpm

aarch64:
dtrace-2.0.7-4.el8.aarch64.rpm
dtrace-devel-2.0.7-4.el8.aarch64.rpm
dtrace-testsuite-2.0.7-4.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/dtrace-2.0.7-4.el8.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.



ELSA-2026-50251 Moderate: Oracle Linux 8 dtrace security update


Oracle Linux Security Advisory ELSA-2026-50251

http://linux.oracle.com/errata/ELSA-2026-50251.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.7-4.el8.x86_64.rpm
dtrace-devel-2.0.7-4.el8.x86_64.rpm
dtrace-testsuite-2.0.7-4.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/dtrace-2.0.7-4.el8.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.



ELSA-2026-12176 Important: Oracle Linux 8 fence-agents security update


Oracle Linux Security Advisory ELSA-2026-12176

http://linux.oracle.com/errata/ELSA-2026-12176.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
fence-agents-all-4.2.1-129.el8_10.25.x86_64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.25.x86_64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.25.x86_64.rpm
fence-agents-lpar-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-mpath-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-nutanix-ahv-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.25.x86_64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.25.noarch.rpm

aarch64:
fence-agents-all-4.2.1-129.el8_10.25.aarch64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.25.aarch64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.25.aarch64.rpm
fence-agents-mpath-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-nutanix-ahv-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.25.aarch64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.25.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.25.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/fence-agents-4.2.1-129.el8_10.25.src.rpm

Related CVEs:

CVE-2026-26007
CVE-2026-30922
CVE-2026-32597

Description of changes:

[4.2.1-129.25]
- bundled cryptography: replace with dependency to fix CVE-2026-26007
- bundled PyJWT: replace with dependency to fix CVE-2026-32597
- bundled pyasn1: fix CVE-2026-30922
Resolves: RHEL-148431, RHEL-155670, RHEL-157189



ELSA-2026-11656 Important: Oracle Linux 8 xorg-x11-server-Xwayland security update


Oracle Linux Security Advisory ELSA-2026-11656

http://linux.oracle.com/errata/ELSA-2026-11656.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
xorg-x11-server-Xwayland-21.1.3-20.el8_10.x86_64.rpm

aarch64:
xorg-x11-server-Xwayland-21.1.3-20.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/xorg-x11-server-Xwayland-21.1.3-20.el8_10.src.rpm

Related CVEs:

CVE-2026-33999
CVE-2026-34001
CVE-2026-34003

Description of changes:

[21.1.3-20]
- CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001
CVE-2026-34002, CVE-2026-34003
Resolves: https://redhat.atlassian.net/browse/RHEL-163191
Resolves: https://redhat.atlassian.net/browse/RHEL-163287
Resolves: https://redhat.atlassian.net/browse/RHEL-163245



ELSA-2026-50251 Moderate: Oracle Linux 8 dtrace security update


Oracle Linux Security Advisory ELSA-2026-50251

http://linux.oracle.com/errata/ELSA-2026-50251.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
dtrace-2.0.7-4.el8.aarch64.rpm
dtrace-devel-2.0.7-4.el8.aarch64.rpm
dtrace-testsuite-2.0.7-4.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/dtrace-2.0.7-4.el8.src.rpm

Related CVEs:

CVE-2026-21996
CVE-2026-35233

Description of changes:

[2.0.7-4]
- Prevent out-of-buonds memory access during object symbol table construction
(CVE-2026-35233). [Orabug: 39121881]
- Prevent divide-by-zero (FPE trap) if section header data is corrupted.
(CVE-2026-21996). [Orabug: 39121874]
- Ensure safety checks are performed on program header data from ELF objects.
- Ensure that the data of string table sections is proper terminated.
- Ensure that the symbol table references a valid string table.

[2.0.6-1]
- Fix dtprobed unsafe probe description handling (CVE-2026-21991).
[Orabug: 39054018]

[2.0.5-1]
- Implement PID-specific uprobes. (Kris Van Hees)
- Allocate the buffers BPF map to fit highest CPU id. (Kris Van Hees)
- Fix argument handling for multi-location user probes.
(Kris Van Hees) [Orabug: 38922360]
- Change the "stack skip" to 3 for fbt (fprobe) and rawtp providers.
[Orabug: 38776929]
- Fix prvname so that both rawfbt and fbt probes are seen.
[Orabug: 38842114]
- Do not convert "__" to "-" for stapsdt provider names.
- Fix printf formatting with non-monetary grouping chars.
[Orabug: 30430270]
- Discontinue -xversion=V as an option. (Kris Van Hees) [Orabug: 38615307]
- Add the DTrace Tutorial to the git repo and install package.
- Add missing documentation: trunc(), stapsdt, usdt.h include path.
- Update LLM context files to forbid "if" statements.
- Test suite weakly pulls in kernel-uek-tools to get perf. (Nick Alcock)
[Orabug: 38064413]

[2.0.4-1]
- TCP, UDP, and stapsdt providers implemented. (Alan Maguire)
- New learning materials: the User's Guide in Markdown format,
example scripts, and a context file for LLMs.
(Eugene Loh, Bruce McCulloch, Ruud van der Pas, Elena Zannoni).
- Allow [u]stack() to be used as a variable value. (Kris Van Hees)
[Orabug: 37950533]
- Comments using // are now supported. (Kris Van Hees)
- Scalability improvements. (Kris Van Hees)
- Error injection via return() action. (Kris Van Hees)
- Improved string handling. (Kris Van Hees)
- Various bug fixes. (Eugene Loh, Kris Van Hees)
- Fix dyn vars overwriting one another. [Orabug: 37994729]
- Fix regression: list fbt probes by default. [Orabug: 38249511]
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Alan Maguire, Kris Van Hees)
- Add test for preprocessor definitions. [Orabug: 28763074]
- Fix some stack tests. [Orabug: 37459289]

[2.0.3-1]
- This is only released on OL10.
- Redesigned USDT support to work for LTO compilations. [Orabug: 38011704]
- New builtin variable: execargs.
- Offset probes in pid provider. (Eugene Loh)
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Sam James, Eugene Loh, Kris Van Hees)

[2.0.2-1]
- Translators to support kernels 6.10 and later.
- FBT return probe argument support.
- The print() action is augmented with type information. (Alan Maguire)
- Support to discover and trace USDT probes after a tracing session has
started. (Eugene Loh, Nick Alcock)
- USDT probe argument support (translated types, mapping). (Nick Alcock)
- Installation locations are now configurable. (Nick Alcock)
- Valgrind is no longer a required build dependency. (Nick Alcock)
- Self-grabs have been improved. (Nick Alcock)
- New provider: rawfbt. (Kris Van Hees)
- Various bug fixes. (Nick Alcock, Eugene Loh, Alan Maguire, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Sam James, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 37274251]

[2.0.1-1]
- Implement FBT probes with fentry/fexit tracepoints
- Provide argument info for FBT probes.
- Provide pre-generated translator files sets. [Orabug: 36504847]

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.


Glibc, Kerberos, GitPython, and more updates for Fedora

Libtiff, Xorg-X11, Yggdrasil, Vim updates for Rocky Linux

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...