Oracle has released three critical security advisories to patch known vulnerabilities across its Linux distributions. System administrators managing Oracle Linux 10 or 9 need to install the updated go-rpm-macros packages promptly since they resolve CVE-2026-25679 through a full rebuild with the latest Go compiler. A separate update for Oracle Linux 9 also closes an openexr security hole tied to CVE-2026-27622. All of these revised software components are now ready for immediate download via the Unbreakable Linux Network.

ELSA-2026-8840 Important: Oracle Linux 10 go-rpm-macros security update
ELSA-2026-8888 Important: Oracle Linux 9 openexr security update
ELSA-2026-8841 Important: Oracle Linux 9 go-rpm-macros security update

ELSA-2026-8840 Important: Oracle Linux 10 go-rpm-macros security update

Oracle Linux Security Advisory ELSA-2026-8840

http://linux.oracle.com/errata/ELSA-2026-8840.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
go-filesystem-3.6.0-8.el10_1.x86_64.rpm
go-rpm-macros-3.6.0-8.el10_1.x86_64.rpm
go-rpm-templates-3.6.0-8.el10_1.x86_64.rpm
go-srpm-macros-3.6.0-8.el10_1.noarch.rpm

aarch64:
go-filesystem-3.6.0-8.el10_1.aarch64.rpm
go-rpm-macros-3.6.0-8.el10_1.aarch64.rpm
go-rpm-templates-3.6.0-8.el10_1.aarch64.rpm
go-srpm-macros-3.6.0-8.el10_1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/go-rpm-macros-3.6.0-8.el10_1.src.rpm

Related CVEs:

CVE-2026-25679

Description of changes:

[3.6.0-8]
- Rebuild with latest Go

ELSA-2026-8888 Important: Oracle Linux 9 openexr security update

Oracle Linux Security Advisory ELSA-2026-8888

http://linux.oracle.com/errata/ELSA-2026-8888.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
openexr-3.1.1-3.el9_7.1.x86_64.rpm
openexr-devel-3.1.1-3.el9_7.1.i686.rpm
openexr-devel-3.1.1-3.el9_7.1.x86_64.rpm
openexr-libs-3.1.1-3.el9_7.1.i686.rpm
openexr-libs-3.1.1-3.el9_7.1.x86_64.rpm

aarch64:
openexr-3.1.1-3.el9_7.1.aarch64.rpm
openexr-devel-3.1.1-3.el9_7.1.aarch64.rpm
openexr-libs-3.1.1-3.el9_7.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/openexr-3.1.1-3.el9_7.1.src.rpm

Related CVEs:

CVE-2026-27622

Description of changes:

[3.1.1-3.1]
- fix CVE-2026-27622

ELSA-2026-8841 Important: Oracle Linux 9 go-rpm-macros security update

Oracle Linux Security Advisory ELSA-2026-8841

http://linux.oracle.com/errata/ELSA-2026-8841.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
go-filesystem-3.6.0-14.el9_7.x86_64.rpm
go-rpm-macros-3.6.0-14.el9_7.x86_64.rpm
go-rpm-templates-3.6.0-14.el9_7.noarch.rpm
go-srpm-macros-3.6.0-14.el9_7.noarch.rpm

aarch64:
go-filesystem-3.6.0-14.el9_7.aarch64.rpm
go-rpm-macros-3.6.0-14.el9_7.aarch64.rpm
go-rpm-templates-3.6.0-14.el9_7.noarch.rpm
go-srpm-macros-3.6.0-14.el9_7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/go-rpm-macros-3.6.0-14.el9_7.src.rpm

Related CVEs:

CVE-2026-25679

Description of changes:

[3.6.0-14]
- Rebuild with latest Go
- Resolves: RHEL-158726