ImageMagick, FreeRDP, OpenEXR, and more updates for Oracle Linux

Oracle Linux 6472 Published by

Oracle has pushed out a major wave of security patches and maintenance updates for its enterprise Linux distributions spanning versions seven through ten. Administrators should prioritize installing these fixes because they close serious flaws in widely used software like ImageMagick, giflib, freerdp, .NET 8.0, webkit2gtk3, bind, wireshark, thunderbird, and the base kernel itself. Beyond the critical security holes, the release also bundles routine improvements for system firmware, container isolation rules, build automation tools, and directory services. You can grab all of these updated packages right now from the Unbreakable Linux Network to keep your servers running safely.

ELSA-2026-6713 Important: Oracle Linux 7 ImageMagick security update
ELSA-2026-8861 Important: Oracle Linux 8 giflib security update
ELSA-2026-8945 Important: Oracle Linux 8 freerdp security update
ELSA-2026-8863 Important: Oracle Linux 8 OpenEXR security update
ELBA-2026-50237 Oracle Linux 7 linux-firmware bug fix update
ELSA-2026-9044 Important: Oracle Linux 9 osbuild-composer security update
ELSA-2026-8921 Important: Oracle Linux 9 kernel security update
ELSA-2026-8468 Important: Oracle Linux 8 .NET 8.0 security update
ELBA-2026-9325 Oracle Linux 9 container-selinux bug fix and enhancement update
ELBA-2026-8099 Oracle Linux 8 linux-firmware bug fix and enhancement update
ELBA-2026-50238 Oracle Linux 8 systemd bug fix update
ELBA-2026-5604 Oracle Linux 9 linux-firmware bug fix and enhancement update
ELBA-2026-50235 Oracle Linux 8 kexec-tools bug fix update
ELSA-2026-8859 Important: Oracle Linux 9 giflib security update
ELSA-2026-8469 Important: Oracle Linux 9 .NET 8.0 security update
ELBA-2026-9324 Oracle Linux 9 rust-coreos-installer bug fix and enhancement update
ELSA-2026-8858 Important: Oracle Linux 10 giflib security update
ELSA-2026-8842 Important: Oracle Linux 10 delve security update
ELBA-2026-9316 Oracle Linux 10 unbound bug fix and enhancement update
ELBA-2026-50236 Oracle Linux 10 linux-firmware bug fix update
ELSA-2026-8456 Important: Oracle Linux 8 osbuild-composer security update
ELSA-2026-9692 Important: Oracle Linux 9 webkit2gtk3 security update
ELSA-2026-9264 Important: Oracle Linux 10 kernel security update
ELSA-2026-8312 Important: Oracle Linux 10 bind security update
ELSA-2026-9666 Moderate: Oracle Linux 10 wireshark security update
ELSA-2026-9638 Important: Oracle Linux 10 thunderbird security update
ELBA-2026-9317 Oracle Linux 10 ipa bug fix and enhancement update
ELBA-2026-9321 Oracle Linux 10 krb5 bug fix and enhancement update
ELBA-2026-9326 Oracle Linux 9 ipa bug fix and enhancement update
ELBA-2026-9131-1 Oracle Linux 8 kernel bug fix update
ELSA-2026-9345 Important: Oracle Linux 8 thunderbird security update
ELSA-2026-9131 Important: Oracle Linux 8 kernel security update




ELSA-2026-6713 Important: Oracle Linux 7 ImageMagick security update


Oracle Linux Security Advisory ELSA-2026-6713

http://linux.oracle.com/errata/ELSA-2026-6713.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
ImageMagick-6.9.10.68-7.0.9.el7_9.i686.rpm
ImageMagick-6.9.10.68-7.0.9.el7_9.x86_64.rpm
ImageMagick-c++-6.9.10.68-7.0.9.el7_9.i686.rpm
ImageMagick-c++-6.9.10.68-7.0.9.el7_9.x86_64.rpm
ImageMagick-c++-devel-6.9.10.68-7.0.9.el7_9.i686.rpm
ImageMagick-c++-devel-6.9.10.68-7.0.9.el7_9.x86_64.rpm
ImageMagick-devel-6.9.10.68-7.0.9.el7_9.i686.rpm
ImageMagick-devel-6.9.10.68-7.0.9.el7_9.x86_64.rpm
ImageMagick-doc-6.9.10.68-7.0.9.el7_9.x86_64.rpm
ImageMagick-perl-6.9.10.68-7.0.9.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ImageMagick-6.9.10.68-7.0.9.el7_9.src.rpm

Related CVEs:

CVE-2026-28691
CVE-2026-28693

Description of changes:

[6.9.10.68-7.0.9]
- Fix CVE-2026-28691 and CVE-2026-28693 [Orabug: 39174244]

[6.9.10.68-7.0.7]
- Fixes Local File Disclosure via Path Traversal (CVE-2026-25965) [Orabug: 39118995]
- Fixes Memory allocation with excessive without limits in the internal SVG decoder (CVE-2026-25985)

[6.9.10.68-7.0.5]
- Fix CVE-2025-62171 and CVE-2026-23876 [Orabug: 38997140]

[6.9.10.68-7.0.3]
- Security update CVE-2025-57803 [Orabug: 38455460]

[6.9.10.68-7.0.1]
- Fix for CVE-2025-55154 [Orabug: 38417011]



ELSA-2026-8861 Important: Oracle Linux 8 giflib security update


Oracle Linux Security Advisory ELSA-2026-8861

http://linux.oracle.com/errata/ELSA-2026-8861.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
giflib-5.1.4-4.el8_10.i686.rpm
giflib-5.1.4-4.el8_10.x86_64.rpm
giflib-devel-5.1.4-4.el8_10.i686.rpm
giflib-devel-5.1.4-4.el8_10.x86_64.rpm

aarch64:
giflib-5.1.4-4.el8_10.aarch64.rpm
giflib-devel-5.1.4-4.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/giflib-5.1.4-4.el8_10.src.rpm

Related CVEs:

CVE-2026-23868

Description of changes:

[5.1.4-4]
- fix CVE-2026-23868: double free in GifMakeSavedImage (RHEL-154853)



ELSA-2026-8945 Important: Oracle Linux 8 freerdp security update


Oracle Linux Security Advisory ELSA-2026-8945

http://linux.oracle.com/errata/ELSA-2026-8945.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
freerdp-2.11.7-7.el8_10.x86_64.rpm
freerdp-devel-2.11.7-7.el8_10.i686.rpm
freerdp-devel-2.11.7-7.el8_10.x86_64.rpm
freerdp-libs-2.11.7-7.el8_10.i686.rpm
freerdp-libs-2.11.7-7.el8_10.x86_64.rpm
libwinpr-2.11.7-7.el8_10.i686.rpm
libwinpr-2.11.7-7.el8_10.x86_64.rpm
libwinpr-devel-2.11.7-7.el8_10.i686.rpm
libwinpr-devel-2.11.7-7.el8_10.x86_64.rpm

aarch64:
freerdp-2.11.7-7.el8_10.aarch64.rpm
freerdp-devel-2.11.7-7.el8_10.aarch64.rpm
freerdp-libs-2.11.7-7.el8_10.aarch64.rpm
libwinpr-2.11.7-7.el8_10.aarch64.rpm
libwinpr-devel-2.11.7-7.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/freerdp-2.11.7-7.el8_10.src.rpm

Related CVEs:

CVE-2026-33983
CVE-2026-33984

Description of changes:

[2:2.11.7-7]
- Update CLEAR_VBAR_ENTRY size after alloc (CVE-2026-33984)
- Fail progressive_rfx_quant_sub on invalid values (CVE-2026-33983)
Resolves: RHEL-162949, RHEL-162965



ELSA-2026-8863 Important: Oracle Linux 8 OpenEXR security update


Oracle Linux Security Advisory ELSA-2026-8863

http://linux.oracle.com/errata/ELSA-2026-8863.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
OpenEXR-devel-2.2.0-12.el8_10.1.i686.rpm
OpenEXR-devel-2.2.0-12.el8_10.1.x86_64.rpm
OpenEXR-libs-2.2.0-12.el8_10.1.i686.rpm
OpenEXR-libs-2.2.0-12.el8_10.1.x86_64.rpm

aarch64:
OpenEXR-devel-2.2.0-12.el8_10.1.aarch64.rpm
OpenEXR-libs-2.2.0-12.el8_10.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/OpenEXR-2.2.0-12.el8_10.1.src.rpm

Related CVEs:

CVE-2026-27622

Description of changes:

[2.2.0-12.1]
- fix CVE-2026-27622



ELBA-2026-50237 Oracle Linux 7 linux-firmware bug fix update


Oracle Linux Bug Fix Advisory ELBA-2026-50237

http://linux.oracle.com/errata/ELBA-2026-50237.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.47.el7.noarch.rpm
iwl100-firmware-39.31.5.1-999.47.el7.noarch.rpm
iwl105-firmware-18.168.6.1-999.47.el7.noarch.rpm
iwl135-firmware-18.168.6.1-999.47.el7.noarch.rpm
iwl2000-firmware-18.168.6.1-999.47.el7.noarch.rpm
iwl2030-firmware-18.168.6.1-999.47.el7.noarch.rpm
iwl3160-firmware-22.0.7.0-999.47.el7.noarch.rpm
iwl3945-firmware-15.32.2.9-999.47.el7.noarch.rpm
iwl4965-firmware-228.61.2.24-999.47.el7.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.47.el7.noarch.rpm
iwl5150-firmware-8.24.2.2-999.47.el7.noarch.rpm
iwl6000-firmware-9.221.4.1-999.47.el7.noarch.rpm
iwl6000g2a-firmware-17.168.5.3-999.47.el7.noarch.rpm
iwl6000g2b-firmware-17.168.5.2-999.47.el7.noarch.rpm
iwl6050-firmware-41.28.5.1-999.47.el7.noarch.rpm
iwl7260-firmware-22.0.7.0-999.47.el7.noarch.rpm
iwlax2xx-firmware-20260327-999.47.el7.noarch.rpm
linux-firmware-20260327-999.47.git85786b44.el7.noarch.rpm
linux-nano-firmware-20260327-999.47.git85786b44.el7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/linux-firmware-20260327-999.47.git85786b44.el7.src.rpm

Description of changes:

[20260327-999.47.git85786b44.el7]
- Rebase to latest upstream [Orabug: 39138901]



ELSA-2026-9044 Important: Oracle Linux 9 osbuild-composer security update


Oracle Linux Security Advisory ELSA-2026-9044

http://linux.oracle.com/errata/ELSA-2026-9044.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-149-5.0.1.el9_7.x86_64.rpm
osbuild-composer-core-149-5.0.1.el9_7.x86_64.rpm
osbuild-composer-worker-149-5.0.1.el9_7.x86_64.rpm

aarch64:
osbuild-composer-149-5.0.1.el9_7.aarch64.rpm
osbuild-composer-core-149-5.0.1.el9_7.aarch64.rpm
osbuild-composer-worker-149-5.0.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/osbuild-composer-149-5.0.1.el9_7.src.rpm

Related CVEs:

CVE-2026-25679

Description of changes:

[149-5.0.1]
- Add missing dependency over dracut-config-rescue for image-installer [ORABUG: 38587453]
- Switch to UEKR8 repositories for OL9.6 [Orabug: 37962207]
- Add support to create OpenScap images [JIRA: OLDIS-35301]
- Simplify repository names [JIRA: OLDIS-35893]
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]

[149-5]
- Rebuilt to fix:
- CVE-2026-25679
- CVE-2026-27137
- RHEL-158741
- RHEL-158860



ELSA-2026-8921 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-8921

http://linux.oracle.com/errata/ELSA-2026-8921.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-abi-stablelists-5.14.0-611.49.1.el9_7.noarch.rpm
kernel-core-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-cross-headers-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-core-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-devel-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-devel-matched-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-modules-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-modules-core-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-modules-extra-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-debug-uki-virt-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-devel-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-devel-matched-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-doc-5.14.0-611.49.1.el9_7.noarch.rpm
kernel-headers-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-modules-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-modules-core-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-modules-extra-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-tools-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-tools-libs-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-tools-libs-devel-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-uki-virt-5.14.0-611.49.1.el9_7.x86_64.rpm
kernel-uki-virt-addons-5.14.0-611.49.1.el9_7.x86_64.rpm
libperf-5.14.0-611.49.1.el9_7.x86_64.rpm
perf-5.14.0-611.49.1.el9_7.x86_64.rpm
python3-perf-5.14.0-611.49.1.el9_7.x86_64.rpm
rtla-5.14.0-611.49.1.el9_7.x86_64.rpm
rv-5.14.0-611.49.1.el9_7.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-611.49.1.el9_7.aarch64.rpm
kernel-headers-5.14.0-611.49.1.el9_7.aarch64.rpm
kernel-tools-5.14.0-611.49.1.el9_7.aarch64.rpm
kernel-tools-libs-5.14.0-611.49.1.el9_7.aarch64.rpm
kernel-tools-libs-devel-5.14.0-611.49.1.el9_7.aarch64.rpm
libperf-5.14.0-611.49.1.el9_7.aarch64.rpm
perf-5.14.0-611.49.1.el9_7.aarch64.rpm
python3-perf-5.14.0-611.49.1.el9_7.aarch64.rpm
rtla-5.14.0-611.49.1.el9_7.aarch64.rpm
rv-5.14.0-611.49.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-611.49.1.el9_7.src.rpm

Related CVEs:

CVE-2025-39766
CVE-2025-68741

Description of changes:

[5.14.0-611.49.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64

Rpki-Client, Xorg-X11-Server, Flatpak-Builder, Rpki-Client, Mimetest updates for Fedora

FreeRDP, .NET, OpenJDK, and more updates for RHEL

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...