ELSA-2026-50374 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-33515 Important: Oracle Linux 8 ruby:3.3 security update
ELSA-2026-35829 Important: Oracle Linux 9 grafana-pcp security update
ELSA-2026-35828 Important: Oracle Linux 9 grafana security update
ELSA-2026-33577 Important: Oracle Linux 9 ruby:4.0 security update
ELBA-2026-50376 Oracle Linux 9 sysstat bug fix update
ELSA-2026-35831 Important: Oracle Linux 8 grafana-pcp security update
ELSA-2026-50374 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2026-50374
http://linux.oracle.com/errata/ELSA-2026-50374.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
aarch64:
kernel-uek-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.357.3.1.el8uek.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.357.3.1.el8uek.src.rpm
Related CVEs:
CVE-2022-50073
CVE-2025-10263
CVE-2026-31504
CVE-2026-31657
CVE-2026-43037
CVE-2026-46331
CVE-2026-52943
CVE-2026-53359
Description of changes:
[5.4.17-2136.357.3.1]
- KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673892]
- KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only parent (Ben Gardon) [Orabug: 39673892]
- KVM: x86/mmu: Move flush logic from mmu_page_zap_pte() to FNAME(invlpg) (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673892]
- KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (Like Xu) [Orabug: 39673892]
- KVM: MMU: load PDPTRs outside mmu_lock (Paolo Bonzini) [Orabug: 39673892]
- KVM: x86/mmu: Check PDPTRs before allocating PAE roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (David Matlack) [Orabug: 39673892]
- KVM: x86/mmu: Derive shadow MMU page role from parent (David Matlack) [Orabug: 39673892]
- KVM: X86: Remove useless code to set role.gpte_is_8_bytes when role.direct (Lai Jiangshan) [Orabug: 39673892]
- KVM: X86: Synchronize the shadow pagetable before link it (Lai Jiangshan) [Orabug: 39673892]
- KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (Lai Jiangshan) [Orabug: 39673892]
- KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce indentation (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673892]
- KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673892]
- kvm: mmu: Replace unsigned with unsigned int for PTE access (Ben Gardon) [Orabug: 39673892]
- KVM: x86/mmu: Ensure MMU pages are available when allocating roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Allocate pae_root and lm_root pages in dedicated helper (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Allocate the lm_root before allocating PAE roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Capture 'mmu' in a local variable when allocating roots (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Stash 'kvm' in a local variable in kvm_mmu_free_roots() (Sean Christopherson) [Orabug: 39673892]
- KVM: x86/mmu: Add a helper to consolidate root sp allocation (Sean Christopherson) [Orabug: 39673892]
- net/sched: act_pedit: fix action bind logic (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39680880]
- net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39680880] {CVE-2026-46331}
- net/sched: act_pedit: Parse L3 Header for L4 offset (Max Tottenham) [Orabug: 39680880]
- net/sched: act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: remove extra check for key type (Pedro Tammela) [Orabug: 39680880]
- net/sched: simplify tcf_pedit_act (Pedro Tammela) [Orabug: 39680880]
- net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela) [Orabug: 39680880]
- net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys (Pedro Tammela) [Orabug: 39680880]
[5.4.17-2136.357.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39619389] {CVE-2026-52943}
[5.4.17-2136.357.2]
- net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39250953] {CVE-2026-31504}
- x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Dan Williams) [Orabug: 39429802]
- x86/kaslr: Reduce KASLR entropy on most x86 systems (Balbir Singh) [Orabug: 39429802]
- net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null (Cezar Bulinaru) [Orabug: 39526882] {CVE-2022-50073}
- arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548666] {CVE-2025-10263}
- arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548666]
- ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39548666]
- arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548666]
- arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548666]
- arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548666]
- ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (Eric Dumazet) [Orabug: 39300926] {CVE-2026-43037}
[5.4.17-2136.357.1]
- batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262375] {CVE-2026-31657}
- scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446045]
- scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446045]
- scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446045]
- rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39152239]
[5.4.17-2136.356.4.1]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] {CVE-2026-46243}
[5.4.17-2136.356.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
[5.4.17-2136.356.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300}
[5.4.17-2136.356.2]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518}
[5.4.17-2136.356.1]
- arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096]
- i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662]
[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]
ELSA-2026-33515 Important: Oracle Linux 8 ruby:3.3 security update
Oracle Linux Security Advisory ELSA-2026-33515
http://linux.oracle.com/errata/ELSA-2026-33515.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm
rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm
rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.i686.rpm
rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm
ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm
aarch64:
ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm
rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm
rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm
rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm
ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.src.rpm
Related CVEs:
CVE-2026-42245
CVE-2026-42246
CVE-2026-42258
Description of changes:
ruby
[3.3.10-7]
- Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245)
Resolves: RHEL-181682
- Fix information disclosure via MITM attack bypassing TLS in net-imap.
(CVE-2026-42246)
Resolves: RHEL-181759
- Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258)
Resolves: RHEL-181791
rubygem-abrt
[0.4.0-1]
- Update to abrt 0.4.0.
Resolves: rhbz#1842476
rubygem-mysql2
[0.5.5-1]
- Upgrade to mysql2 0.5.5.
Related: RHEL-17090
rubygem-pg
[1.5.4-1]
- Upgrade to pg 1.5.4.
Related: RHEL-17090
ELSA-2026-35829 Important: Oracle Linux 9 grafana-pcp security update
Oracle Linux Security Advisory ELSA-2026-35829
http://linux.oracle.com/errata/ELSA-2026-35829.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
grafana-pcp-5.1.1-17.el9_8.x86_64.rpm
aarch64:
grafana-pcp-5.1.1-17.el9_8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/grafana-pcp-5.1.1-17.el9_8.src.rpm
Related CVEs:
CVE-2026-39821
Description of changes:
[5.1.1-17]
- Resolves RHEL-183820: CVE-2026-39821
- Resolves RHEL-188285
[5.1.1-16]
- Resolves RHEL-183820: CVE-2026-39821
ELSA-2026-35828 Important: Oracle Linux 9 grafana security update
Oracle Linux Security Advisory ELSA-2026-35828
http://linux.oracle.com/errata/ELSA-2026-35828.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
grafana-10.2.6-23.el9_8.x86_64.rpm
grafana-selinux-10.2.6-23.el9_8.x86_64.rpm
aarch64:
grafana-10.2.6-23.el9_8.aarch64.rpm
grafana-selinux-10.2.6-23.el9_8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/grafana-10.2.6-23.el9_8.src.rpm
Related CVEs:
CVE-2026-39821
Description of changes:
[10.2.6-23]
- Resolves RHEL-183803: CVE-2026-39821
- Resolves RHEL-188280
ELSA-2026-33577 Important: Oracle Linux 9 ruby:4.0 security update
Oracle Linux Security Advisory ELSA-2026-33577
http://linux.oracle.com/errata/ELSA-2026-33577.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
ruby-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.i686.rpm
rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.x86_64.rpm
rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm
ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm
aarch64:
ruby-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm
rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm
rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm
ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/ruby-4.0.3-33.module+el9.8.0+90938+383082f5.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.src.rpm
Related CVEs:
CVE-2026-42245
CVE-2026-42246
CVE-2026-42258
Description of changes:
ruby
[4.0.3-33]
- Fix Net::IMAP ResponseReader quadratic complexity vulnerability. (CVE-2026-42245)
Resolves: RHEL-181690
- Fix Net::IMAP STARTTLS stripping vulnerability. (CVE-2026-42246)
Resolves: RHEL-181771
- Fix Net::IMAP command injection vulnerability via unvalidated Symbol arguments. (CVE-2026-42258)
Resolves: RHEL-181803
[4.0.3-32]
- Upgrade to Ruby 4.0.3.
Resolves: RHEL-171933
- Fix ERB: Arbitrary code execution via deserialization bypass
(CVE-2026-41316)
Resolves: RHEL-171258
- Fix JSON: Denial of Service or Information Disclosure via format string injection
(CVE-2026-33210)
Resolves: RHEL-173458
rubygem-mysql2
[0.5.7-1]
- Upgrade to mysql2 0.5.7.
Related: RHEL-142278
rubygem-pg
[1.6.3-1]
- Upgrade to pg 1.6.3
Related: RHEL-142278
ELBA-2026-50376 Oracle Linux 9 sysstat bug fix update
Oracle Linux Bug Fix Advisory ELBA-2026-50376
http://linux.oracle.com/errata/ELBA-2026-50376.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
sysstat-12.5.4-11.0.2.el9.x86_64.rpm
aarch64:
sysstat-12.5.4-11.0.2.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/sysstat-12.5.4-11.0.2.el9.src.rpm
Description of changes:
[12.5.4-11.0.2]
- Fixed issue where sar reports all-zero CPU rows on per-CPU counter regression. [Orabug: 39571080]
ELSA-2026-35831 Important: Oracle Linux 8 grafana-pcp security update
Oracle Linux Security Advisory ELSA-2026-35831
http://linux.oracle.com/errata/ELSA-2026-35831.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
grafana-pcp-5.1.1-16.el8_10.x86_64.rpm
aarch64:
grafana-pcp-5.1.1-16.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/grafana-pcp-5.1.1-16.el8_10.src.rpm
Related CVEs:
CVE-2026-39821
Description of changes:
[5.1.1-16]
- Resolves RHEL-183733: CVE-2026-39821
[5.1.1-15]
- Resolves RHEL-183733: CVE-2026-39821