Oracle Linux 6508 Published by

Oracle has published a new batch of security and maintenance advisories for Oracle Linux 7, 8, and 9, targeting widely deployed system libraries and server applications. The errata resolve numerous CVEs in packages including the Linux kernel, glibc, PostgreSQL, Thunderbird, and MariaDB, with code changes fixing buffer overflows, use-after-free conditions, and memory corruption bugs. Beyond security hardening, the updates deliver routine infrastructure improvements such as refreshed kernel signing certificates, corrected dracut initramfs boot routines, and expanded CPU feature enumeration in libvirt. Administrators should deploy these packages through the Unbreakable Linux Network to close known attack surfaces and keep their Oracle Linux environments stable.

ELSA-2026-20546 Moderate: Oracle Linux 7 freerdp security update
ELSA-2026-19566 Moderate: Oracle Linux 7 glib2 security update
ELSA-2026-33503 Important: Oracle Linux 8 giflib security update
ELSA-2026-33464 Important: Oracle Linux 8 mariadb:10.11 security, bug fix, and enhancement update
ELSA-2026-33445 Important: Oracle Linux 8 thunderbird security update
ELSA-2026-34156 Moderate: Oracle Linux 9 rrdtool security update
ELSA-2026-33501 Important: Oracle Linux 9 giflib security update
ELSA-2026-33226 Moderate: Oracle Linux 9 glibc security, bug fix, and enhancement update
ELSA-2026-28290 Moderate: Oracle Linux 9 libreoffice security update
ELSA-2026-21556 Important: Oracle Linux 9 kernel security update
ELSA-2026-27741 Important: Oracle Linux 9 postgresql security update
ELSA-2026-19568 Important: Oracle Linux 9 kernel security update
ELSA-2026-18958 Moderate: Oracle Linux 9 python3.12 security update
ELSA-2026-18957 Moderate: Oracle Linux 9 python3.11 security update
ELSA-2026-18587 Moderate: Oracle Linux 9 kernel security update
ELSA-2026-18748 Moderate: Oracle Linux 9 libvirt security update
ELBA-2026-33434 Oracle Linux 9 dracut bug fix and enhancement update



ELSA-2026-20546 Moderate: Oracle Linux 7 freerdp security update


Oracle Linux Security Advisory ELSA-2026-20546

http://linux.oracle.com/errata/ELSA-2026-20546.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
freerdp-2.1.1-5.0.9.el7_9.x86_64.rpm
freerdp-devel-2.1.1-5.0.9.el7_9.i686.rpm
freerdp-devel-2.1.1-5.0.9.el7_9.x86_64.rpm
freerdp-libs-2.1.1-5.0.9.el7_9.i686.rpm
freerdp-libs-2.1.1-5.0.9.el7_9.x86_64.rpm
libwinpr-2.1.1-5.0.9.el7_9.i686.rpm
libwinpr-2.1.1-5.0.9.el7_9.x86_64.rpm
libwinpr-devel-2.1.1-5.0.9.el7_9.i686.rpm
libwinpr-devel-2.1.1-5.0.9.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/freerdp-2.1.1-5.0.9.el7_9.src.rpm

Related CVEs:

CVE-2026-25952
CVE-2026-26986
CVE-2026-27951
CVE-2026-29775
CVE-2026-31883
CVE-2026-31884
CVE-2026-31885
CVE-2026-33985

Description of changes:

[2.1.1-5.0.9]
- Fixed CVE-2026-25952 CVE-2026-26986 CVE-2026-27951 CVE-2026-29775
CVE-2026-31883 CVE-2026-31884 CVE-2026-31885 CVE-2026-33985
[Orabug: 39440279]

[2.1.1-5.0.7]
- Fixed CVE-2026-22852 CVE-2026-22854 CVE-2026-22856 CVE-2026-23732
CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24679
CVE-2026-24684 CVE-2026-31806 [Orabug: 39272429]

[2.1.1-5.0.5]
- Fixed CVE-2026-26955 CVE-2026-26956 [Orabug: 39189643]

[2:2.2.0-5.0.3]
- Fixed CVE-2026-22855 CVE-2026-22858 CVE-2026-22859 [Orabug: 39075086]

[2:2.2.0-5.0.1]
- fixed CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533
CVE-2026-23884 [Orabug: 38971897]

[2:2.2.0-5]
- Update: Refactored RPC gateway parser (rhbz#2017944)
+ fix issues discovered by Covscan

[2:2.2.0-4]
- Refactored RPC gateway parser (rhbz#2017944)

[2.1.1-3]
- Add checks for bitmap and glyph width/heigth values (rhbz#2017951)

[2.1.1-2]
- Update to 2.1.1 (#1834286)

[2.0.0-4.rc4]
- CVE-2020-11521: Fix out-of-bounds write in planar.c (#1837621)
- CVE-2020-11523: Fix integer overflow in region.c (#1837622)
- CVE-2020-11524: Fix out-of-bounds write in interleaved.c (#1837623)



ELSA-2026-19566 Moderate: Oracle Linux 7 glib2 security update


Oracle Linux Security Advisory ELSA-2026-19566

http://linux.oracle.com/errata/ELSA-2026-19566.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
glib2-2.56.1-9.0.5.el7_9.i686.rpm
glib2-2.56.1-9.0.5.el7_9.x86_64.rpm
glib2-devel-2.56.1-9.0.5.el7_9.i686.rpm
glib2-devel-2.56.1-9.0.5.el7_9.x86_64.rpm
glib2-doc-2.56.1-9.0.5.el7_9.noarch.rpm
glib2-fam-2.56.1-9.0.5.el7_9.x86_64.rpm
glib2-static-2.56.1-9.0.5.el7_9.i686.rpm
glib2-static-2.56.1-9.0.5.el7_9.x86_64.rpm
glib2-tests-2.56.1-9.0.5.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/glib2-2.56.1-9.0.5.el7_9.src.rpm

Related CVEs:

CVE-2025-14087

Description of changes:

[2.56.1-9.0.5]
- Fixes CVE-2025-14078 gvariant parser buffer underflow [Orabug: 39418716]

[2.56.1-9.0.3]
- Fixes CVE-2025-13601 g_escape_uri_string() overflow [Orabug: 38909821]

[2.56.1-9.0.1]
- Fix overflow of GDBusConnection serial [Orabug: 38666376]



ELSA-2026-33503 Important: Oracle Linux 8 giflib security update


Oracle Linux Security Advisory ELSA-2026-33503

http://linux.oracle.com/errata/ELSA-2026-33503.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
giflib-5.1.4-5.el8_10.i686.rpm
giflib-5.1.4-5.el8_10.x86_64.rpm
giflib-devel-5.1.4-5.el8_10.i686.rpm
giflib-devel-5.1.4-5.el8_10.x86_64.rpm

aarch64:
giflib-5.1.4-5.el8_10.aarch64.rpm
giflib-devel-5.1.4-5.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/giflib-5.1.4-5.el8_10.src.rpm

Related CVEs:

CVE-2026-26740

Description of changes:

[5.1.4-5]
- fix CVE-2026-26740: buffer overflow in EGifGCBToExtension (RHEL-157097)



ELSA-2026-33464 Important: Oracle Linux 8 mariadb:10.11 security, bug fix, and enhancement update


Oracle Linux Security Advisory ELSA-2026-33464

http://linux.oracle.com/errata/ELSA-2026-33464.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
galera-26.4.27-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
Judy-1.0.5-18.module+el8.10.0+90753+7c7ea859.x86_64.rpm
mariadb-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-backup-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-common-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-devel-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-embedded-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-embedded-devel-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-errmsg-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-gssapi-server-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-oqgraph-engine-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-pam-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-server-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-server-galera-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-server-utils-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm
mariadb-test-10.11.18-1.module+el8.10.0+90935+8cfac62f.x86_64.rpm

aarch64:
galera-26.4.27-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
Judy-1.0.5-18.module+el8.10.0+90753+7c7ea859.aarch64.rpm
mariadb-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-backup-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-common-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-devel-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-embedded-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-embedded-devel-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-errmsg-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-gssapi-server-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-oqgraph-engine-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-pam-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-server-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-server-galera-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-server-utils-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm
mariadb-test-10.11.18-1.module+el8.10.0+90935+8cfac62f.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/galera-26.4.27-1.module+el8.10.0+90935+8cfac62f.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/Judy-1.0.5-18.module+el8.10.0+90753+7c7ea859.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/mariadb-10.11.18-1.module+el8.10.0+90935+8cfac62f.src.rpm

Related CVEs:

CVE-2026-49261

Description of changes:

galera
[26.4.27-1]
- Rebased to 26.4.27

[26.4.26-1]
- Rebased to 26.4.26

[26.4.25-1]
- Rebased to 26.4.25

[26.4.24-1]
- Rebase to 26.4.24

Judy
[1.0.5-18]
- Remove README.Fedora; no longer needed since 1.0.5 version
- Resolves: #1638717

[1.0.5-17]
- ldconfig scriptlets replaced by RPM File Triggers from Fedora 28
- Drop legacy BuildRoot: and Group: tags
- Drop redundant explicit buildroot cleaning
- Specify all explicitly-used build requirements
- Use %license where possible
- Drop %defattr, redundant since rpm 4.4

[1.0.5-16]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.0.5-15]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

[1.0.5-14]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1.0.5-13]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

[1.0.5-12]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[1.0.5-11]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[1.0.5-10]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

[1.0.5-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

mariadb
[3:10.11.18-1]
- Rebase to 10.11.18

[3:10.11.17-1]
- Rebase to 10.11.17

[3:10.11.16-1]
- Rebase to 10.11.16



ELSA-2026-33445 Important: Oracle Linux 8 thunderbird security update


Oracle Linux Security Advisory ELSA-2026-33445

http://linux.oracle.com/errata/ELSA-2026-33445.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-140.12.0-1.0.1.el8_10.x86_64.rpm

aarch64:
thunderbird-140.12.0-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/thunderbird-140.12.0-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2026-12289
CVE-2026-12290
CVE-2026-12291
CVE-2026-12292
CVE-2026-12294
CVE-2026-12295
CVE-2026-12296
CVE-2026-12297
CVE-2026-12298
CVE-2026-12299
CVE-2026-12302
CVE-2026-12304
CVE-2026-12305
CVE-2026-12306
CVE-2026-12307
CVE-2026-12308
CVE-2026-12309
CVE-2026-12310
CVE-2026-12311
CVE-2026-12312
CVE-2026-12313
CVE-2026-12314
CVE-2026-12315
CVE-2026-12324
CVE-2026-12325
CVE-2026-12327
CVE-2026-12328
CVE-2026-12329
CVE-2026-12330

Description of changes:

[140.12.0-1.0.1]
- Fix prefs for new nss [Orabug: 37079820]
- Add Oracle prefs file

[140.12.0]
- Add OpenELA debranding

[140.12.0-1]
- Update to 140.12.0 ESR



ELSA-2026-34156 Moderate: Oracle Linux 9 rrdtool security update


Oracle Linux Security Advisory ELSA-2026-34156

http://linux.oracle.com/errata/ELSA-2026-34156.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-rrdtool-1.7.2-22.el9_8.x86_64.rpm
rrdtool-1.7.2-22.el9_8.i686.rpm
rrdtool-1.7.2-22.el9_8.x86_64.rpm
rrdtool-devel-1.7.2-22.el9_8.i686.rpm
rrdtool-devel-1.7.2-22.el9_8.x86_64.rpm
rrdtool-doc-1.7.2-22.el9_8.x86_64.rpm
rrdtool-lua-1.7.2-22.el9_8.x86_64.rpm
rrdtool-perl-1.7.2-22.el9_8.x86_64.rpm
rrdtool-ruby-1.7.2-22.el9_8.x86_64.rpm
rrdtool-tcl-1.7.2-22.el9_8.x86_64.rpm

aarch64:
python3-rrdtool-1.7.2-22.el9_8.aarch64.rpm
rrdtool-1.7.2-22.el9_8.aarch64.rpm
rrdtool-devel-1.7.2-22.el9_8.aarch64.rpm
rrdtool-doc-1.7.2-22.el9_8.aarch64.rpm
rrdtool-lua-1.7.2-22.el9_8.aarch64.rpm
rrdtool-perl-1.7.2-22.el9_8.aarch64.rpm
rrdtool-ruby-1.7.2-22.el9_8.aarch64.rpm
rrdtool-tcl-1.7.2-22.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/rrdtool-1.7.2-22.el9_8.src.rpm

Related CVEs:

CVE-2026-43958

Description of changes:

[1.7.2-22]
- Fixed stack buffer overflow in rrdcached and added more security checks
Resolves: RHEL-173257



ELSA-2026-33501 Important: Oracle Linux 9 giflib security update


Oracle Linux Security Advisory ELSA-2026-33501

http://linux.oracle.com/errata/ELSA-2026-33501.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
giflib-5.2.1-10.el9_8.2.i686.rpm
giflib-5.2.1-10.el9_8.2.x86_64.rpm
giflib-devel-5.2.1-10.el9_8.2.i686.rpm
giflib-devel-5.2.1-10.el9_8.2.x86_64.rpm

aarch64:
giflib-5.2.1-10.el9_8.2.aarch64.rpm
giflib-devel-5.2.1-10.el9_8.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/giflib-5.2.1-10.el9_8.2.src.rpm

Related CVEs:

CVE-2026-26740

Description of changes:

[5.2.1-10.2]
- fix CVE-2026-26740: buffer overflow in EGifGCBToExtension (RHEL-157133)



ELSA-2026-33226 Moderate: Oracle Linux 9 glibc security, bug fix, and enhancement update


Oracle Linux Security Advisory ELSA-2026-33226

http://linux.oracle.com/errata/ELSA-2026-33226.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
glibc-2.34-272.0.1.el9_8.i686.rpm
glibc-2.34-272.0.1.el9_8.x86_64.rpm
glibc-all-langpacks-2.34-272.0.1.el9_8.x86_64.rpm
glibc-benchtests-2.34-272.0.1.el9_8.x86_64.rpm
glibc-common-2.34-272.0.1.el9_8.x86_64.rpm
glibc-devel-2.34-272.0.1.el9_8.i686.rpm
glibc-devel-2.34-272.0.1.el9_8.x86_64.rpm
glibc-doc-2.34-272.0.1.el9_8.noarch.rpm
glibc-gconv-extra-2.34-272.0.1.el9_8.i686.rpm
glibc-gconv-extra-2.34-272.0.1.el9_8.x86_64.rpm
glibc-headers-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-aa-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-af-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-agr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ak-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-am-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-an-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-anp-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ar-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-as-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ast-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ayc-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-az-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-be-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bem-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ber-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bg-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bhb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bho-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bo-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-br-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-brx-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-bs-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-byn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ca-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ce-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-chr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ckb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-cmn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-crh-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-cs-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-csb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-cv-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-cy-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-da-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-de-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-doi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-dsb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-dv-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-dz-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-el-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-en-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-eo-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-es-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-et-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-eu-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fa-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ff-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fil-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fo-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fur-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-fy-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ga-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-gd-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-gez-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-gl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-gu-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-gv-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ha-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hak-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-he-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hif-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hne-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hsb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ht-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hu-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-hy-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ia-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-id-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ig-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ik-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-is-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-it-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-iu-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ja-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ka-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-kab-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-kk-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-kl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-km-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-kn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ko-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-kok-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ks-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ku-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-kw-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ky-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lg-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-li-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lij-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ln-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lo-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lt-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lv-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-lzh-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mag-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mai-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mfe-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mg-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mhr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-miq-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mjw-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mk-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ml-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mni-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mnw-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ms-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-mt-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-my-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nan-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nb-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nds-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ne-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nhn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-niu-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-nso-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-oc-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-om-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-or-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-os-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-pa-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-pap-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-pl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ps-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-pt-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-quz-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-raj-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ro-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ru-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-rw-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sa-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sah-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sat-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sc-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sd-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-se-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sgs-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-shn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-shs-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-si-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sid-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sk-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sm-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-so-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sq-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ss-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-st-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sv-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-sw-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-szl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ta-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tcy-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-te-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tg-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-th-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-the-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ti-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tig-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tk-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tl-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tn-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-to-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tpi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tr-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ts-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-tt-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ug-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-uk-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-unm-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ur-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-uz-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-ve-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-vi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-wa-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-wae-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-wal-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-wo-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-xh-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-yi-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-yo-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-yue-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-yuw-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-zh-2.34-272.0.1.el9_8.x86_64.rpm
glibc-langpack-zu-2.34-272.0.1.el9_8.x86_64.rpm
glibc-locale-source-2.34-272.0.1.el9_8.x86_64.rpm
glibc-minimal-langpack-2.34-272.0.1.el9_8.x86_64.rpm
glibc-nss-devel-2.34-272.0.1.el9_8.i686.rpm
glibc-nss-devel-2.34-272.0.1.el9_8.x86_64.rpm
glibc-static-2.34-272.0.1.el9_8.i686.rpm
glibc-static-2.34-272.0.1.el9_8.x86_64.rpm
glibc-utils-2.34-272.0.1.el9_8.x86_64.rpm
libnsl-2.34-272.0.1.el9_8.i686.rpm
libnsl-2.34-272.0.1.el9_8.x86_64.rpm
nscd-2.34-272.0.1.el9_8.x86_64.rpm
nss_db-2.34-272.0.1.el9_8.i686.rpm
nss_db-2.34-272.0.1.el9_8.x86_64.rpm
nss_hesiod-2.34-272.0.1.el9_8.i686.rpm
nss_hesiod-2.34-272.0.1.el9_8.x86_64.rpm

aarch64:
glibc-2.34-272.0.1.el9_8.aarch64.rpm
glibc-all-langpacks-2.34-272.0.1.el9_8.aarch64.rpm
glibc-benchtests-2.34-272.0.1.el9_8.aarch64.rpm
glibc-common-2.34-272.0.1.el9_8.aarch64.rpm
glibc-devel-2.34-272.0.1.el9_8.aarch64.rpm
glibc-doc-2.34-272.0.1.el9_8.noarch.rpm
glibc-gconv-extra-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-aa-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-af-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-agr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ak-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-am-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-an-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-anp-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ar-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-as-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ast-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ayc-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-az-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-be-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bem-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ber-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bg-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bhb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bho-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bo-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-br-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-brx-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-bs-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-byn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ca-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ce-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-chr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ckb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-cmn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-crh-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-cs-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-csb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-cv-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-cy-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-da-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-de-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-doi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-dsb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-dv-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-dz-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-el-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-en-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-eo-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-es-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-et-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-eu-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fa-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ff-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fil-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fo-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fur-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-fy-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ga-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-gd-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-gez-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-gl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-gu-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-gv-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ha-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hak-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-he-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hif-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hne-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hsb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ht-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hu-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-hy-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ia-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-id-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ig-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ik-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-is-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-it-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-iu-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ja-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ka-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-kab-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-kk-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-kl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-km-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-kn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ko-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-kok-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ks-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ku-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-kw-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ky-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lg-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-li-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lij-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ln-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lo-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lt-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lv-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-lzh-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mag-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mai-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mfe-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mg-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mhr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-miq-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mjw-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mk-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ml-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mni-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mnw-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ms-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-mt-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-my-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nan-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nb-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nds-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ne-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nhn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-niu-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-nso-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-oc-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-om-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-or-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-os-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-pa-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-pap-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-pl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ps-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-pt-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-quz-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-raj-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ro-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ru-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-rw-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sa-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sah-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sat-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sc-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sd-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-se-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sgs-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-shn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-shs-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-si-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sid-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sk-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sm-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-so-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sq-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ss-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-st-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sv-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-sw-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-szl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ta-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tcy-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-te-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tg-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-th-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-the-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ti-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tig-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tk-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tl-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tn-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-to-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tpi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tr-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ts-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-tt-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ug-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-uk-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-unm-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ur-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-uz-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-ve-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-vi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-wa-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-wae-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-wal-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-wo-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-xh-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-yi-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-yo-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-yue-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-yuw-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-zh-2.34-272.0.1.el9_8.aarch64.rpm
glibc-langpack-zu-2.34-272.0.1.el9_8.aarch64.rpm
glibc-locale-source-2.34-272.0.1.el9_8.aarch64.rpm
glibc-minimal-langpack-2.34-272.0.1.el9_8.aarch64.rpm
glibc-nss-devel-2.34-272.0.1.el9_8.aarch64.rpm
glibc-static-2.34-272.0.1.el9_8.aarch64.rpm
glibc-utils-2.34-272.0.1.el9_8.aarch64.rpm
libnsl-2.34-272.0.1.el9_8.aarch64.rpm
nscd-2.34-272.0.1.el9_8.aarch64.rpm
nss_db-2.34-272.0.1.el9_8.aarch64.rpm
nss_hesiod-2.34-272.0.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/glibc-2.34-272.0.1.el9_8.src.rpm

Related CVEs:

CVE-2026-5450

Description of changes:

[2.34-272.0.1]
- Forward-port Oracle patches for ol9-u8
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
Reviewed-by: David Faust [david.faust@oracle.com]
Oracle history:
June-5-2026 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-270.0.1
- Forward-port Oracle patches for ol9-u8
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
May-20-2026 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-266.0.1
- Forward-port Oracle patches for ol9-u8
Reviewed-by: David Faust [david.faust@oracle.com]
March-25-2026 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-262.0.1
- Forward-port Oracle patches for ol9-u8
Reviewed-by: David Faust [david.faust@oracle.com]
March-6-2026 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-256.0.1
- Forward-port Oracle patches for ol9-u8
Reviewed-by: David Faust [david.faust@oracle.com]
February-3-2026 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-245.0.1
- Forward-port Oracle patches for ol9-u8
Reviewed-by: David Faust [david.faust@oracle.com]
November-14-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-231.0.1.1
- Forward-port Oracle patches for ol9-u7
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
September-24-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-231.0.1
- Forward-port Oracle patches for ol9-u7
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
September-8-2025 Jose E. Marchesi [jose.marchesi@oracle.com] - 2.34-228.0.1
- Forward-port Oracle patches for ol9-u7
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
August-5-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-217.0.1
- Forward-port Oralce patches for ol9-u7
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
August-5-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-168.0.1.23
- Forward-port Oracle patches for ol9-u6
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
June-30-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-168.0.1.20
- Forward-port Oracle patches for ol9-u6
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
June-9-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-168.0.1.19
- Forward-port Oracle patches for ol9-u6
Reviewed-by: David Faust [david.faust@oracle.com]
May-17-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-168.0.1.14
- Forward-port Oracle patches for ol9-u6
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
March-6-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-168.0.1
- Forward-port Oracle patches for ol9-u6
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
February-18-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-160.0.1
- Forward-port Oracle patches for ol9-u6 DP
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
November-12-2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-125.0.1.1
- Forward-port Oracle patches for ol9-u5
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
October-1-2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-100.0.1.4
- Forward-port Oracle patches for ol9-u4
Reviewed by: David Faust [david.faust@oracle.com]
August-26-2024 Jose E. Marchesi [jose.marchesi@oracle.com] - 2.34-100.0.1.3
- Forward-port Oracle patches for ol9-u4
Reviewed by: David Faust [david.faust@oracle.com]
May-24-2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-100.0.1.2
- Forward-port Oracle patches for ol9-u4
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
April-30-2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-100.0.1
- Forward-port Oracle patches for ol9-u4
Reviewed by: Indu Bhagat [indu.bhagat@oracle.com]
March-28-2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-100.0.1
- Forward-port Oracle patches for ol9-u4-beta
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
March 15 2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-83.0.2.12
- Forward-port Oracle patches for ol9
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
February-26-2024 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-83.0.2.7
- OraBug 36322437 getaddrinfo does not return correct ipv6 address and family
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
October-24-2023 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-83.0.1.7
- Forward-port Oracle patches for ol9
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
October-4-2023 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-82.0.1
- Forward-port Oracle patches for ol9
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
April-18-2023 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-60.0.2
- OraBug 35305078 Glibc tunable to disable huge pages on pthread_create stacks
- Created tunable glibc.pthread.stack_hugetlb to control when hugepages
can be used for stack allocation.
- In case THP are enabled and glibc.pthread.stack_hugetlb is set to
0, glibc will madvise the kernel not to use allow hugepages for stack
allocations.
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
March-28-2023 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.34-60.0.1
- Merge Oracle patches for ol9-u2 beta
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
September-28-2022 Patrick McGehearty [patrick.mcgehearty@oracle.com] - 2.34-40.0.1
- Merge Oracle patches for ol9-u1 beta
Reviewed by: Jose E. Marchesi [jose.marchesi@oracle.com]
April-25-2022 Patrick McGehearty [patrick.mcgehearty@oracle.com] - 2.34-28.0.1
- Merge Oracle patches with ol9 beta
- Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]

[2.34-272]
- CVE-2026-5450: Fix buffer overflow in scanf (RHEL-172710)

[2.34-271]
- Fix gconv module reference counter overflow in swscanf and swprintf
families (RHEL-145156)



ELSA-2026-28290 Moderate: Oracle Linux 9 libreoffice security update


Oracle Linux Security Advisory ELSA-2026-28290

http://linux.oracle.com/errata/ELSA-2026-28290.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
autocorr-af-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-bg-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ca-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-cs-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-da-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-de-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-dsb-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-el-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-en-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-es-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-fa-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-fi-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-fr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ga-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-hr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-hsb-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-hu-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-is-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-it-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ja-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ko-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-lb-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-lt-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-mn-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-nl-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-pl-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-pt-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ro-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ru-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sk-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sl-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sv-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-tr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-vi-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-vro-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-zh-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-base-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-calc-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-core-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-data-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-draw-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-emailmerge-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-filters-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-gdb-debug-support-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-graphicfilter-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-gtk3-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ar-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-bg-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-bn-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ca-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-cs-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-da-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-de-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-dz-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-el-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-en-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-eo-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-es-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-et-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-eu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-fi-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-fr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-gl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-gu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-he-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-hi-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-hr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-hu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-id-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-it-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ja-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ko-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-lt-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-lv-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-nb-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-nl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-nn-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-pl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-pt-BR-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-pt-PT-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ro-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ru-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-si-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-sk-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-sl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-sv-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-ta-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-tr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-uk-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-zh-Hans-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-help-zh-Hant-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-impress-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-af-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ar-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-as-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-bg-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-bn-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-br-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ca-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-cs-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-cy-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-da-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-de-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-dz-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-el-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-en-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-eo-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-es-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-et-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-eu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-fa-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-fi-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-fr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-fy-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ga-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-gl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-gu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-he-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-hi-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-hr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-hu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-id-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-it-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ja-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-kk-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-kn-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ko-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-lt-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-lv-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-mai-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ml-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-mr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-nb-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-nl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-nn-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-nr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-nso-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-or-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-pa-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-pl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-pt-BR-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-pt-PT-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ro-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ru-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-si-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-sk-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-sl-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-sr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ss-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-st-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-sv-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ta-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-te-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-th-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-tn-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-tr-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ts-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-uk-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-ve-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-xh-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-zh-Hans-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-zh-Hant-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-langpack-zu-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-math-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-ogltrans-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-opensymbol-fonts-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-pdfimport-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-pyuno-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-sdk-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-sdk-doc-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-ure-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-ure-common-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-wiki-publisher-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-writer-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-x11-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreoffice-xsltfilter-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm
libreofficekit-7.1.8.1-15.0.1.el9_8.1.x86_64.rpm

aarch64:
autocorr-af-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-bg-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ca-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-cs-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-da-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-de-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-dsb-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-el-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-en-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-es-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-fa-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-fi-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-fr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ga-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-hr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-hsb-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-hu-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-is-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-it-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ja-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ko-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-lb-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-lt-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-mn-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-nl-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-pl-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-pt-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ro-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-ru-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sk-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sl-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-sv-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-tr-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-vi-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-vro-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
autocorr-zh-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-calc-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-core-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-data-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-graphicfilter-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-help-en-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-impress-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-langpack-en-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-ogltrans-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-opensymbol-fonts-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-pdfimport-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-pyuno-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-ure-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm
libreoffice-ure-common-7.1.8.1-15.0.1.el9_8.1.noarch.rpm
libreoffice-writer-7.1.8.1-15.0.1.el9_8.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/libreoffice-7.1.8.1-15.0.1.el9_8.1.src.rpm

Related CVEs:

CVE-2026-4430

Description of changes:

[1:7.1.8.1-15.0.1.el9_8.1]
- Added the --with-hamcrest option to configure.
- Replace colors with Oracle colors [Orabug: 32120093]

[1:7.1.8.1-15.el9_8.1]
- Fix CVE-2026-4430 Conform AlignEngine parsing to what section 2.3.4.10 of
the spec has
- Resolves: RHEL-176576



ELSA-2026-21556 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-21556

http://linux.oracle.com/errata/ELSA-2026-21556.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm
libperf-5.14.0-687.17.1.el9_8.x86_64.rpm
perf-5.14.0-687.17.1.el9_8.x86_64.rpm
python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm
rtla-5.14.0-687.17.1.el9_8.x86_64.rpm
rv-5.14.0-687.17.1.el9_8.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm
libperf-5.14.0-687.17.1.el9_8.aarch64.rpm
perf-5.14.0-687.17.1.el9_8.aarch64.rpm
python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm
rtla-5.14.0-687.17.1.el9_8.aarch64.rpm
rv-5.14.0-687.17.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm

Related CVEs:

CVE-2025-38653
CVE-2025-68183
CVE-2025-68366
CVE-2025-68724
CVE-2025-71089
CVE-2026-23392
CVE-2026-23455
CVE-2026-31408
CVE-2026-31684
CVE-2026-31685
CVE-2026-31709
CVE-2026-43020
CVE-2026-43023
CVE-2026-43027
CVE-2026-43051
CVE-2026-43110
CVE-2026-43158
CVE-2026-43190
CVE-2026-43303
CVE-2026-46195

Description of changes:

[5.14.0-687.17.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037}
- net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508}

[5.14.0-687.14.1]
- RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181}
- redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822]
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501}
- RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852}
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116}
- ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526]
- ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336]
- ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336]
- ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336]
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833]
- dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938]
- ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581}
- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216}
- net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419}
- x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916]

[5.14.0-687.13.1]
- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243}
- s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472]
- nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167]
- smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613}
- mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778]
- mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778]
- mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778]
- mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778]
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778]
- mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778]
- mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778]
- mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778]

[5.14.0-687.12.1]
- dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626]
- netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190}
- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020}
- crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653}
- pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470]

[5.14.0-687.11.1]
- mm/page_alloc: clear page->private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303}
- ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441]
- smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821]
- smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821]
- smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821]
- smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821]
- smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927]
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051}
- netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859]
- ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829]
- ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829]
- dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829]
- ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179]
- ice: fix missing SMA pin initialization in DPLL subsystem (Petr Oros) [RHEL-171832]
- ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257]
- dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442]
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378]
- netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960]
- ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701]
- ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701]
- ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701]
- ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701]
- drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179]
- nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166927] {CVE-2025-68724}
- ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183}
- i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312]
- ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182]
- ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185]
- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464]
- netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392}

[5.14.0-687.10.1]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333}
- md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163}
- RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128}
- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607}
- can: raw: fix ro->uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532}

[5.14.0-687.9.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284}



ELSA-2026-27741 Important: Oracle Linux 9 postgresql security update


Oracle Linux Security Advisory ELSA-2026-27741

http://linux.oracle.com/errata/ELSA-2026-27741.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
postgresql-13.23-3.el9_8.x86_64.rpm
postgresql-contrib-13.23-3.el9_8.x86_64.rpm
postgresql-docs-13.23-3.el9_8.x86_64.rpm
postgresql-plperl-13.23-3.el9_8.x86_64.rpm
postgresql-plpython3-13.23-3.el9_8.x86_64.rpm
postgresql-pltcl-13.23-3.el9_8.x86_64.rpm
postgresql-private-devel-13.23-3.el9_8.x86_64.rpm
postgresql-private-libs-13.23-3.el9_8.x86_64.rpm
postgresql-server-13.23-3.el9_8.x86_64.rpm
postgresql-server-devel-13.23-3.el9_8.x86_64.rpm
postgresql-static-13.23-3.el9_8.x86_64.rpm
postgresql-test-13.23-3.el9_8.x86_64.rpm
postgresql-test-rpm-macros-13.23-3.el9_8.noarch.rpm
postgresql-upgrade-13.23-3.el9_8.x86_64.rpm
postgresql-upgrade-devel-13.23-3.el9_8.x86_64.rpm

aarch64:
postgresql-13.23-3.el9_8.aarch64.rpm
postgresql-contrib-13.23-3.el9_8.aarch64.rpm
postgresql-docs-13.23-3.el9_8.aarch64.rpm
postgresql-plperl-13.23-3.el9_8.aarch64.rpm
postgresql-plpython3-13.23-3.el9_8.aarch64.rpm
postgresql-pltcl-13.23-3.el9_8.aarch64.rpm
postgresql-private-devel-13.23-3.el9_8.aarch64.rpm
postgresql-private-libs-13.23-3.el9_8.aarch64.rpm
postgresql-server-13.23-3.el9_8.aarch64.rpm
postgresql-server-devel-13.23-3.el9_8.aarch64.rpm
postgresql-static-13.23-3.el9_8.aarch64.rpm
postgresql-test-13.23-3.el9_8.aarch64.rpm
postgresql-test-rpm-macros-13.23-3.el9_8.noarch.rpm
postgresql-upgrade-13.23-3.el9_8.aarch64.rpm
postgresql-upgrade-devel-13.23-3.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/postgresql-13.23-3.el9_8.src.rpm

Related CVEs:

CVE-2026-6473
CVE-2026-6475
CVE-2026-6477
CVE-2026-6478

Description of changes:

[13.23-3]
- Backport fix for CVE-2026-6478 from PostgreSQL 14.23
- Backport fixes for CVE-2026-6637, CVE-2026-6477, CVE-2026-6475, CVE-2026-6473
- Resolves: RHEL-179799
- Resolves: RHEL-181866
- Resolves: RHEL-181950
- Resolves: RHEL-181964



ELSA-2026-19568 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-19568

http://linux.oracle.com/errata/ELSA-2026-19568.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm
libperf-5.14.0-687.17.1.el9_8.x86_64.rpm
perf-5.14.0-687.17.1.el9_8.x86_64.rpm
python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm
rtla-5.14.0-687.17.1.el9_8.x86_64.rpm
rv-5.14.0-687.17.1.el9_8.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm
libperf-5.14.0-687.17.1.el9_8.aarch64.rpm
perf-5.14.0-687.17.1.el9_8.aarch64.rpm
python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm
rtla-5.14.0-687.17.1.el9_8.aarch64.rpm
rv-5.14.0-687.17.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm

Related CVEs:

CVE-2025-39766
CVE-2025-68741
CVE-2025-71116
CVE-2026-22984
CVE-2026-22990
CVE-2026-23136
CVE-2026-23204
CVE-2026-23270
CVE-2026-23401
CVE-2026-31402
CVE-2026-31532
CVE-2026-31607
CVE-2026-43128
CVE-2026-43163
CVE-2026-43284
CVE-2026-46300
CVE-2026-46333

Description of changes:

[5.14.0-687.17.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037}
- net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508}

[5.14.0-687.14.1]
- RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181}
- redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822]
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501}
- RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852}
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116}
- ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526]
- ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336]
- ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336]
- ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336]
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833]
- dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938]
- ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581}
- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216}
- net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419}
- x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916]

[5.14.0-687.13.1]
- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243}
- s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472]
- nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167]
- smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613}
- mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778]
- mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778]
- mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778]
- mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778]
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778]
- mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778]
- mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778]
- mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778]

[5.14.0-687.12.1]
- dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626]
- netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190}
- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020}
- crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653}
- pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470]

[5.14.0-687.11.1]
- mm/page_alloc: clear page->private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303}
- ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441]
- smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821]
- smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821]
- smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821]
- smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821]
- smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927]
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051}
- netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859]
- ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829]
- ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829]
- dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829]
- ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179]
- ice: fix missing SMA pin initialization in DPLL subsystem (Petr Oros) [RHEL-171832]
- ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257]
- dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442]
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378]
- netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960]
- ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701]
- ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701]
- ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701]
- ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701]
- drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179]
- nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166927] {CVE-2025-68724}
- ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183}
- i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312]
- ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182]
- ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185]
- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464]
- netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392}

[5.14.0-687.10.1]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333}
- md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163}
- RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128}
- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607}
- can: raw: fix ro->uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532}

[5.14.0-687.9.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284}



ELSA-2026-18958 Moderate: Oracle Linux 9 python3.12 security update


Oracle Linux Security Advisory ELSA-2026-18958

http://linux.oracle.com/errata/ELSA-2026-18958.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-3.12.13-3.0.1.el9_8.x86_64.rpm
python3.12-debug-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-debug-3.12.13-3.0.1.el9_8.x86_64.rpm
python3.12-devel-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-devel-3.12.13-3.0.1.el9_8.x86_64.rpm
python3.12-idle-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-idle-3.12.13-3.0.1.el9_8.x86_64.rpm
python3.12-libs-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-libs-3.12.13-3.0.1.el9_8.x86_64.rpm
python3.12-test-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-test-3.12.13-3.0.1.el9_8.x86_64.rpm
python3.12-tkinter-3.12.13-3.0.1.el9_8.i686.rpm
python3.12-tkinter-3.12.13-3.0.1.el9_8.x86_64.rpm

aarch64:
python3.12-3.12.13-3.0.1.el9_8.aarch64.rpm
python3.12-debug-3.12.13-3.0.1.el9_8.aarch64.rpm
python3.12-devel-3.12.13-3.0.1.el9_8.aarch64.rpm
python3.12-idle-3.12.13-3.0.1.el9_8.aarch64.rpm
python3.12-libs-3.12.13-3.0.1.el9_8.aarch64.rpm
python3.12-test-3.12.13-3.0.1.el9_8.aarch64.rpm
python3.12-tkinter-3.12.13-3.0.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.12-3.12.13-3.0.1.el9_8.src.rpm

Related CVEs:

CVE-2026-0865

Description of changes:

[3.12.13-3.0.1]
- Remove upstream URL reference

[3.12.13-3]
- Depend on sqlite-libs with (de)serialize API
Resolves: RHEL-180474



ELSA-2026-18957 Moderate: Oracle Linux 9 python3.11 security update


Oracle Linux Security Advisory ELSA-2026-18957

http://linux.oracle.com/errata/ELSA-2026-18957.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-3.11.13-10.0.1.el9_8.x86_64.rpm
python3.11-debug-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-debug-3.11.13-10.0.1.el9_8.x86_64.rpm
python3.11-devel-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-devel-3.11.13-10.0.1.el9_8.x86_64.rpm
python3.11-idle-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-idle-3.11.13-10.0.1.el9_8.x86_64.rpm
python3.11-libs-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-libs-3.11.13-10.0.1.el9_8.x86_64.rpm
python3.11-test-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-test-3.11.13-10.0.1.el9_8.x86_64.rpm
python3.11-tkinter-3.11.13-10.0.1.el9_8.i686.rpm
python3.11-tkinter-3.11.13-10.0.1.el9_8.x86_64.rpm

aarch64:
python3.11-3.11.13-10.0.1.el9_8.aarch64.rpm
python3.11-debug-3.11.13-10.0.1.el9_8.aarch64.rpm
python3.11-devel-3.11.13-10.0.1.el9_8.aarch64.rpm
python3.11-idle-3.11.13-10.0.1.el9_8.aarch64.rpm
python3.11-libs-3.11.13-10.0.1.el9_8.aarch64.rpm
python3.11-test-3.11.13-10.0.1.el9_8.aarch64.rpm
python3.11-tkinter-3.11.13-10.0.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.11-3.11.13-10.0.1.el9_8.src.rpm

Related CVEs:

CVE-2026-0865

Description of changes:

[3.11.13-10.0.1]
- Remove upstream URL reference [Orabug: 36073032]

[3.11.13-10]
- Depend on sqlite-libs with (de)serialize API
Resolves: RHEL-178519



ELSA-2026-18587 Moderate: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-18587

http://linux.oracle.com/errata/ELSA-2026-18587.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm
libperf-5.14.0-687.17.1.el9_8.x86_64.rpm
perf-5.14.0-687.17.1.el9_8.x86_64.rpm
python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm
rtla-5.14.0-687.17.1.el9_8.x86_64.rpm
rv-5.14.0-687.17.1.el9_8.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm
libperf-5.14.0-687.17.1.el9_8.aarch64.rpm
perf-5.14.0-687.17.1.el9_8.aarch64.rpm
python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm
rtla-5.14.0-687.17.1.el9_8.aarch64.rpm
rv-5.14.0-687.17.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm

Related CVEs:

CVE-2025-22105
CVE-2025-37980
CVE-2025-38015
CVE-2025-38097
CVE-2025-38166
CVE-2025-38279
CVE-2025-38400
CVE-2025-38405
CVE-2025-38441
CVE-2025-38470
CVE-2025-39866
CVE-2025-40134
CVE-2026-23040
CVE-2026-23243

Description of changes:

[5.14.0-687.17.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037}
- net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508}

[5.14.0-687.14.1]
- RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181}
- redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822]
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501}
- RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852}
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116}
- ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526]
- ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336]
- ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336]
- ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336]
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833]
- dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938]
- ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581}
- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216}
- net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419}
- x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916]

[5.14.0-687.13.1]
- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243}
- s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472]
- nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167]
- smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613}
- mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778]
- mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778]
- mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778]
- mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778]
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778]
- mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778]
- mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778]
- mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778]

[5.14.0-687.12.1]
- dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626]
- netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190}
- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020}
- crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653}
- pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470]

[5.14.0-687.11.1]
- mm/page_alloc: clear page->private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303}
- ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441]
- smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821]
- smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821]
- smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821]
- smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821]
- smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927]
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051}
- netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859]
- ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829]
- ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829]
- dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829]
- ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179]
- ice: fix missing SMA pin initialization in DPLL subsystem (Petr Oros) [RHEL-171832]
- ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257]
- dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442]
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378]
- netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960]
- ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701]
- ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701]
- ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701]
- ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701]
- drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179]
- nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166927] {CVE-2025-68724}
- ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183}
- i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312]
- ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182]
- ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185]
- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464]
- netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392}

[5.14.0-687.10.1]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333}
- md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163}
- RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128}
- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607}
- can: raw: fix ro->uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532}

[5.14.0-687.9.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284}



ELSA-2026-18748 Moderate: Oracle Linux 9 libvirt security update


Oracle Linux Security Advisory ELSA-2026-18748

http://linux.oracle.com/errata/ELSA-2026-18748.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libvirt-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-client-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-client-qemu-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-common-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-config-network-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-config-nwfilter-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-interface-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-network-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-nodedev-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-nwfilter-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-qemu-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-secret-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-core-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-disk-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-logical-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-mpath-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-rbd-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-driver-storage-scsi-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-kvm-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-lock-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-log-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-plugin-lockd-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-plugin-sanlock-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-daemon-proxy-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-devel-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-docs-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-libs-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-nss-11.10.0-12.3.0.1.el9_8.x86_64.rpm
libvirt-ssh-proxy-11.10.0-12.3.0.1.el9_8.x86_64.rpm

aarch64:
libvirt-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-client-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-client-qemu-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-common-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-config-network-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-config-nwfilter-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-interface-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-network-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-nodedev-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-nwfilter-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-qemu-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-secret-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-core-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-disk-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-logical-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-mpath-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-rbd-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-driver-storage-scsi-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-kvm-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-lock-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-log-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-plugin-lockd-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-plugin-sanlock-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-daemon-proxy-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-devel-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-docs-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-libs-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-nss-11.10.0-12.3.0.1.el9_8.aarch64.rpm
libvirt-ssh-proxy-11.10.0-12.3.0.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/libvirt-11.10.0-12.3.0.1.el9_8.src.rpm

Related CVEs:

CVE-2025-12748

Description of changes:

[11.10.0-12.3.0.1]
- Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554]

[11.10.0-12.3.el9_8]
- cpu_conf: Introduce virCPUDefSortFeatures (RHEL-178822)
- qemu_capabilities: Split virQEMUCapsFillDomainCPUCaps (RHEL-178822)
- qemu: Move domain caps flags handling to virQEMUCapsFillDomainCPUHostModel (RHEL-178822)
- qemu_capabilities: Always sort features in host-model CPU (RHEL-178822)
- qemu_capabilities: Use g_autoptr in virQEMUCapsInitHostCPUModel (RHEL-178822)
- qemu_capabilities: Split conditions in virQEMUCapsInitHostCPUModel (RHEL-178822)
- qemu_capabilities: Cache expanded CPU (RHEL-178822)
- domaincapstest: Test EXPAND_CPU_FEATURES flag (RHEL-178822)
- util: Publish and mock virHostCPUGetMSRFromKVM (RHEL-178822)
- cpu_x86: Introduce virCPUx86DataAddMSR (RHEL-178822)
- cpu: Introduce virCPUUpdateFeatures (RHEL-178822)
- Fix documentation of VIR_CONNECT_GET_DOMAIN_CAPABILITIES_EXPAND_CPU_FEATURES (RHEL-178822)
- Introduce VIR_CONNECT_GET_DOMAIN_CAPABILITIES_SUPPORTED_CPU_FEATURES flag (RHEL-178822)
- virsh: Add --supported-cpu-features option for domcapabilities (RHEL-178822)
- domaincapstest: Test SUPPORTED_CPU_FEATURES flag (RHEL-178822)
- qemu_capabilities: Fix domain capabilities on AMD CPUs (RHEL-178822)
- distro: Replace old gating with tmt

[11.10.0-12.2.el9_8]
- Introduce EXPAND_CPU_FEATURES flag for domain capabilities (RHEL-154552)
- qemu: Implement VIR_CONNECT_GET_DOMAIN_CAPABILITIES_EXPAND_CPU_FEATURES (RHEL-154552)
- virsh: Add --expand-cpu-features option for domcapabilities (RHEL-154552)
- docs: Clarify host-model description in domain capabilities (RHEL-154552)
- security_apparmor: Use g_auto* in AppArmorSetSecurityHostdevLabel (RHEL-159913)
- security: Cleanup hostdev label error logic (RHEL-159913)
- qemu: Fix IOMMUFD and VFIO security labels (RHEL-159913)
- viriommufd: Set IOMMU_OPTION_RLIMIT_MODE only when running privileged (RHEL-159174)
- conf: Move and rename virStorageSourceFDTuple object (RHEL-159174)
- conf: Refactor virHostdevIsPCIDevice (RHEL-159174)
- hypervisor: Fix virHostdevNeedsVFIO detection (RHEL-159174)
- qemu: Expand call to qemuDomainNeedsVFIO (RHEL-159174)
- qemu: Update qemuDomainNeedsVFIO to ignore PCI hostdev with IOMMUFD (RHEL-159174)
- src: Use virHostdevIsPCIDeviceWith* to check for IOMMUFD (RHEL-159174)
- conf: Introduce domain iommufd element (RHEL-159174)
- qemu: Implement iommufd (RHEL-159174)
- conf: Add iommufd fdgroup support (RHEL-159174)
- qemu: Implement iommufd fdgroup (RHEL-159174)
- tests: Add iommufd fdgroup test (RHEL-159174)
- hypervisor: Call virWaitForDevices() after detaching host devices (RHEL-159174)



ELBA-2026-33434 Oracle Linux 9 dracut bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-33434

http://linux.oracle.com/errata/ELBA-2026-33434.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dracut-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-caps-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-config-generic-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-config-rescue-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-live-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-network-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-squash-057-117.git20260625.0.1.el9_8.x86_64.rpm
dracut-tools-057-117.git20260625.0.1.el9_8.x86_64.rpm

aarch64:
dracut-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-caps-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-config-generic-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-config-rescue-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-live-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-network-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-squash-057-117.git20260625.0.1.el9_8.aarch64.rpm
dracut-tools-057-117.git20260625.0.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/dracut-057-117.git20260625.0.1.el9_8.src.rpm

Description of changes:

[057-117.git20260625.0.1]
- Skip the default FIPS logic on special UEK kernels where the FIPS module is linked directly into the kernel. [Orabug: 38705580]
- Ship Oracle IMA certificate [Orabug: 35992862]
- Ship 98-integrity.conf, populating initramfs with Oracle IMA certificate [Orabug: 35992862]
- Include sys-fs-fuse-connections.mount if needed [Orabug: 35267570]
- network-legacy: Revert some shellcheck that breaks parse_option_121 in dhclient [Orabug: 33778173]
- Change installation dir in network legacy module-setup so that file is never missing [Orabug: 33516170]
- Fix paths in squash module, so that correct modprobe is installed [Orabug: 33514517]
- Install missing 68-del-part-node.rules [Orabug: 32827579]
- Fix permission denied error while upgrading from OL8u2 to OL8u3 [Orabug 32160196]
- dracut-shutdown.service should run before shutdown.target is invoked [Orabug: 29629738]
- Update list of necessary files after squashfs execution [Orabug: 29864620]
- Supress iscsidm error output during non-debug PV boot [Orabug: 29846195]
- Stop block device service in case system is dropped to emergency shell [Orabug: 29851988]
- Enable booting from block device if netroot=iscsi has failed [Orabug: 29478156]
- Calculate relative path for kernel and initrd in 51-dracut-rescue.instal [Orabug: 29503293]
- 40network scripts ifup and netlib updates for iSCSI [Orabug: 28502725]
- Increase timeout when waiting for carrier detection on a network interface [Orabug: 24657828] (kevin.x.lyons@oracle.com)
- add hyperv-keyboard for Hyper-V Gen2 VM [Orabug: 19191303] (Vaughan Cao)

[057-117.git20260625]
- revert: "feat(i18n): pull 'drm' or 'simpledrm' module unless