Oracle Linux 6510 Published by

Oracle Linux 8 and 9 just received a coordinated batch of security advisories and bug fixes spanning the Unbreakable Enterprise Kernel, Ruby, Grafana, and sysstat. The kernel upgrade resolves dozens of memory corruption and virtualization flaws across KVM, networking, and ARM64 subsystems, including several CVEs tied to shadow paging and packet handling. Ruby 3.3 and 4.0 patches close critical IMAP vulnerabilities that previously allowed denial of service attacks, TLS stripping, and command injection through unvalidated symbol arguments.

ELSA-2026-50374 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-33515 Important: Oracle Linux 8 ruby:3.3 security update
ELSA-2026-35829 Important: Oracle Linux 9 grafana-pcp security update
ELSA-2026-35828 Important: Oracle Linux 9 grafana security update
ELSA-2026-33577 Important: Oracle Linux 9 ruby:4.0 security update
ELBA-2026-50376 Oracle Linux 9 sysstat bug fix update
ELSA-2026-35831 Important: Oracle Linux 8 grafana-pcp security update




ELSA-2026-50374 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50374

http://linux.oracle.com/errata/ELSA-2026-50374.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.357.3.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.357.3.1.el8uek.src.rpm

Related CVEs:

CVE-2022-50073
CVE-2025-10263
CVE-2026-31504
CVE-2026-31657
CVE-2026-43037
CVE-2026-46331
CVE-2026-52943
CVE-2026-53359

Description of changes:

[5.4.17-2136.357.3.1]
- KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673892]
- KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only parent (Ben Gardon) [Orabug: 39673892]
- KVM: x86/mmu: Move flush logic from mmu_page_zap_pte() to FNAME(invlpg) (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673892]
- KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (Like Xu) [Orabug: 39673892]
- KVM: MMU: load PDPTRs outside mmu_lock (Paolo Bonzini) [Orabug: 39673892]
- KVM: x86/mmu: Check PDPTRs before allocating PAE roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (David Matlack) [Orabug: 39673892]
- KVM: x86/mmu: Derive shadow MMU page role from parent (David Matlack) [Orabug: 39673892]
- KVM: X86: Remove useless code to set role.gpte_is_8_bytes when role.direct (Lai Jiangshan) [Orabug: 39673892]
- KVM: X86: Synchronize the shadow pagetable before link it (Lai Jiangshan) [Orabug: 39673892]
- KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (Lai Jiangshan) [Orabug: 39673892]
- KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce indentation (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673892]
- KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673892]
- kvm: mmu: Replace unsigned with unsigned int for PTE access (Ben Gardon) [Orabug: 39673892]
- KVM: x86/mmu: Ensure MMU pages are available when allocating roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Allocate pae_root and lm_root pages in dedicated helper (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Allocate the lm_root before allocating PAE roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Capture 'mmu' in a local variable when allocating roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Stash 'kvm' in a local variable in kvm_mmu_free_roots() (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Add a helper to consolidate root sp allocation (Sean Christopherson) [Orabug: 39673892]
- net/sched: act_pedit: fix action bind logic (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39680880]
- net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39680880] {CVE-2026-46331}
- net/sched: act_pedit: Parse L3 Header for L4 offset (Max Tottenham) [Orabug: 39680880]
- net/sched: act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: remove extra check for key type (Pedro Tammela) [Orabug: 39680880]
- net/sched: simplify tcf_pedit_act (Pedro Tammela) [Orabug: 39680880]
- net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys (Pedro Tammela) [Orabug: 39680880]

[5.4.17-2136.357.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39619389] {CVE-2026-52943}

[5.4.17-2136.357.2]
- net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39250953] {CVE-2026-31504}
- x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Dan Williams) [Orabug: 39429802]
- x86/kaslr: Reduce KASLR entropy on most x86 systems (Balbir Singh) [Orabug: 39429802]
- net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null (Cezar Bulinaru) [Orabug: 39526882] {CVE-2022-50073}
- arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548666] {CVE-2025-10263}
- arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548666]
- ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39548666]
- arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548666]
- arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548666]
- arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548666]
- ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (Eric Dumazet) [Orabug: 39300926] {CVE-2026-43037}

[5.4.17-2136.357.1]
- batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262375] {CVE-2026-31657}
- scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446045]
- scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446045]
- scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446045]
- rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39152239]

[5.4.17-2136.356.4.1]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] {CVE-2026-46243}

[5.4.17-2136.356.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]

[5.4.17-2136.356.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300}

[5.4.17-2136.356.2]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518}

[5.4.17-2136.356.1]
- arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096]
- i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662]

[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]



ELSA-2026-33515 Important: Oracle Linux 8 ruby:3.3 security update


Oracle Linux Security Advisory ELSA-2026-33515

http://linux.oracle.com/errata/ELSA-2026-33515.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm
rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm
rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm

aarch64:
ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm
rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm
rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.src.rpm

Related CVEs:

CVE-2026-42245
CVE-2026-42246
CVE-2026-42258

Description of changes:

ruby
[3.3.10-7]
- Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245)
Resolves: RHEL-181682
- Fix information disclosure via MITM attack bypassing TLS in net-imap.
(CVE-2026-42246)
Resolves: RHEL-181759
- Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258)
Resolves: RHEL-181791

rubygem-abrt
[0.4.0-1]
- Update to abrt 0.4.0.
Resolves: rhbz#1842476

rubygem-mysql2
[0.5.5-1]
- Upgrade to mysql2 0.5.5.
Related: RHEL-17090

rubygem-pg
[1.5.4-1]
- Upgrade to pg 1.5.4.
Related: RHEL-17090



ELSA-2026-35829 Important: Oracle Linux 9 grafana-pcp security update


Oracle Linux Security Advisory ELSA-2026-35829

http://linux.oracle.com/errata/ELSA-2026-35829.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-pcp-5.1.1-17.el9_8.x86_64.rpm

aarch64:
grafana-pcp-5.1.1-17.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/grafana-pcp-5.1.1-17.el9_8.src.rpm

Related CVEs:

CVE-2026-39821

Description of changes:

[5.1.1-17]
- Resolves RHEL-183820: CVE-2026-39821
- Resolves RHEL-188285

[5.1.1-16]
- Resolves RHEL-183820: CVE-2026-39821



ELSA-2026-35828 Important: Oracle Linux 9 grafana security update


Oracle Linux Security Advisory ELSA-2026-35828

http://linux.oracle.com/errata/ELSA-2026-35828.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-10.2.6-23.el9_8.x86_64.rpm
grafana-selinux-10.2.6-23.el9_8.x86_64.rpm

aarch64:
grafana-10.2.6-23.el9_8.aarch64.rpm
grafana-selinux-10.2.6-23.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/grafana-10.2.6-23.el9_8.src.rpm

Related CVEs:

CVE-2026-39821

Description of changes:

[10.2.6-23]
- Resolves RHEL-183803: CVE-2026-39821
- Resolves RHEL-188280



ELSA-2026-33577 Important: Oracle Linux 9 ruby:4.0 security update


Oracle Linux Security Advisory ELSA-2026-33577

http://linux.oracle.com/errata/ELSA-2026-33577.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
ruby-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm

aarch64:
ruby-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/ruby-4.0.3-33.module+el9.8.0+90938+383082f5.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.src.rpm

Related CVEs:

CVE-2026-42245
CVE-2026-42246
CVE-2026-42258

Description of changes:

ruby
[4.0.3-33]
- Fix Net::IMAP ResponseReader quadratic complexity vulnerability. (CVE-2026-42245)
Resolves: RHEL-181690
- Fix Net::IMAP STARTTLS stripping vulnerability. (CVE-2026-42246)
Resolves: RHEL-181771
- Fix Net::IMAP command injection vulnerability via unvalidated Symbol arguments. (CVE-2026-42258)
Resolves: RHEL-181803

[4.0.3-32]
- Upgrade to Ruby 4.0.3.
Resolves: RHEL-171933
- Fix ERB: Arbitrary code execution via deserialization bypass
(CVE-2026-41316)
Resolves: RHEL-171258
- Fix JSON: Denial of Service or Information Disclosure via format string injection
(CVE-2026-33210)
Resolves: RHEL-173458

rubygem-mysql2
[0.5.7-1]
- Upgrade to mysql2 0.5.7.
Related: RHEL-142278

rubygem-pg
[1.6.3-1]
- Upgrade to pg 1.6.3
Related: RHEL-142278



ELBA-2026-50376 Oracle Linux 9 sysstat bug fix update


Oracle Linux Bug Fix Advisory ELBA-2026-50376

http://linux.oracle.com/errata/ELBA-2026-50376.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
sysstat-12.5.4-11.0.2.el9.x86_64.rpm

aarch64:
sysstat-12.5.4-11.0.2.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/sysstat-12.5.4-11.0.2.el9.src.rpm

Description of changes:

[12.5.4-11.0.2]
- Fixed issue where sar reports all-zero CPU rows on per-CPU counter regression. [Orabug: 39571080]



ELSA-2026-35831 Important: Oracle Linux 8 grafana-pcp security update


Oracle Linux Security Advisory ELSA-2026-35831

http://linux.oracle.com/errata/ELSA-2026-35831.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-pcp-5.1.1-16.el8_10.x86_64.rpm

aarch64:
grafana-pcp-5.1.1-16.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/grafana-pcp-5.1.1-16.el8_10.src.rpm

Related CVEs:

CVE-2026-39821

Description of changes:

[5.1.1-16]
- Resolves RHEL-183733: CVE-2026-39821

[5.1.1-15]
- Resolves RHEL-183733: CVE-2026-39821