Libsoup3, Kernel, Python, and more updates for Oracle Linux

Oracle Linux 6446 Published by

Oracle has released several security updates for various packages in their Linux distributions, including Oracle Linux 10, 8, and 9. The updates address vulnerabilities in packages such as kernel, python3, nodejs, libsoup, and java-1.8.0-openjdk, among others. The updates also include bug fixes and enhancements for packages like cloud-init, gnome-shell-extensions, sssd, and gnome-settings-daemon.

ELSA-2026-2410 Important: Oracle Linux 10 libsoup3 security update
ELSA-2026-2282 Moderate: Oracle Linux 10 kernel security update
ELBA-2026-2473 Oracle Linux 10 .NET 8.0 bug fix and enhancement update
ELBA-2026-1839 Oracle Linux 10 cloud-init bug fix and enhancement update
ELSA-2026-2419 Moderate: Oracle Linux 8 python3.12 security update
ELSA-2026-2212 Moderate: Oracle Linux 9 kernel security update
ELBA-2026-2472 Oracle Linux 9 .NET 8.0 bug fix and enhancement update
ELSA-2026-2420 Important: Oracle Linux 8 nodejs:24 security update
ELSA-2026-2389 Important: Oracle Linux 8 brotli security update
ELSA-2026-2323 Important: Oracle Linux 8 git-lfs security update
ELSA-2026-2264 Moderate: Oracle Linux 8 kernel security update
ELSA-2026-2220 Important: Oracle Linux 8 thunderbird security update
ELSA-2026-2215 Important: Oracle Linux 8 libsoup security update
ELBA-2026-2423 Oracle Linux 8 gnome-shell-extensions bug fix and enhancement update
ELBA-2026-2416 Oracle Linux 8 sssd bug fix and enhancement update
ELBA-2026-2417 Oracle Linux 8 gnome-settings-daemon bug fix and enhancement update
ELBA-2026-2413 Oracle Linux 8 microcode_ctl bug fix and enhancement update
ELBA-2026-50111 Oracle Linux 8 cloud-init bug fix update
ELSA-2026-0931 Important: Oracle Linux 7 java-1.8.0-openjdk security update



ELSA-2026-2410 Important: Oracle Linux 10 libsoup3 security update


Oracle Linux Security Advisory ELSA-2026-2410

http://linux.oracle.com/errata/ELSA-2026-2410.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
libsoup3-3.6.5-3.el10_1.10.x86_64.rpm
libsoup3-devel-3.6.5-3.el10_1.10.x86_64.rpm
libsoup3-doc-3.6.5-3.el10_1.10.noarch.rpm

aarch64:
libsoup3-3.6.5-3.el10_1.10.aarch64.rpm
libsoup3-devel-3.6.5-3.el10_1.10.aarch64.rpm
libsoup3-doc-3.6.5-3.el10_1.10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/libsoup3-3.6.5-3.el10_1.10.src.rpm

Related CVEs:

CVE-2026-1761

Description of changes:

[3.6.5-10]
- Add patch for CVE-2026-1761

[3.6.5-9]
- Fix CVE-2026-0719

[3.6.5-8]
- Fix CVE-2025-14523

[3.6.5-7]
- Add patch for CVE-2025-12105

[3.6.5-6]
- Fix integer overflow in date/time parsing

[3.6.5-5]
- Bump revision number

[3.6.5-4]
- Fix several CVEs



ELSA-2026-2282 Moderate: Oracle Linux 10 kernel security update


Oracle Linux Security Advisory ELSA-2026-2282

http://linux.oracle.com/errata/ELSA-2026-2282.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-abi-stablelists-6.12.0-124.35.1.el10_1.noarch.rpm
kernel-core-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-cross-headers-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-core-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-devel-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-devel-matched-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-modules-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-modules-core-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-modules-extra-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-debug-uki-virt-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-devel-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-devel-matched-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-doc-6.12.0-124.35.1.el10_1.noarch.rpm
kernel-headers-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-modules-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-modules-core-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-modules-extra-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-modules-extra-matched-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-tools-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-tools-libs-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-tools-libs-devel-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-uki-virt-6.12.0-124.35.1.el10_1.x86_64.rpm
kernel-uki-virt-addons-6.12.0-124.35.1.el10_1.x86_64.rpm
libperf-6.12.0-124.35.1.el10_1.x86_64.rpm
perf-6.12.0-124.35.1.el10_1.x86_64.rpm
python3-perf-6.12.0-124.35.1.el10_1.x86_64.rpm
rtla-6.12.0-124.35.1.el10_1.x86_64.rpm
rv-6.12.0-124.35.1.el10_1.x86_64.rpm

aarch64:
kernel-cross-headers-6.12.0-124.35.1.el10_1.aarch64.rpm
kernel-headers-6.12.0-124.35.1.el10_1.aarch64.rpm
kernel-tools-6.12.0-124.35.1.el10_1.aarch64.rpm
kernel-tools-libs-6.12.0-124.35.1.el10_1.aarch64.rpm
kernel-tools-libs-devel-6.12.0-124.35.1.el10_1.aarch64.rpm
libperf-6.12.0-124.35.1.el10_1.aarch64.rpm
perf-6.12.0-124.35.1.el10_1.aarch64.rpm
python3-perf-6.12.0-124.35.1.el10_1.aarch64.rpm
rtla-6.12.0-124.35.1.el10_1.aarch64.rpm
rv-6.12.0-124.35.1.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-6.12.0-124.35.1.el10_1.src.rpm

Related CVEs:

CVE-2025-38403
CVE-2025-38415
CVE-2025-38730
CVE-2025-39933
CVE-2025-40133
CVE-2025-40304
CVE-2025-40322
CVE-2025-68811

Description of changes:

[6.12.0-124.35.1]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 comm is always NUL-terminated (Luiz Capitulino) [RHEL-141711]
- lib/buildid: use __kernel_read() for sleepable context (Waiman Long) [RHEL-141229]
- net: bonding: update the slave array for broadcast mode (Hangbin Liu) [RHEL-138325]
- net: bonding: add broadcast_neighbor netlink option (Hangbin Liu) [RHEL-138325]
- net: bonding: add broadcast_neighbor option for 802.3ad (Hangbin Liu) [RHEL-138325]

[6.12.0-124.33.1]
- io_uring/net: commit partial buffers on retry (Jeff Moyer) [RHEL-137333] {CVE-2025-38730}
- smb: client: let recv_done verify data_offset, data_length and remaining_data_length (Paulo Alcantara) [RHEL-131394] {CVE-2025-39933}

[6.12.0-124.32.1]
- squashfs: fix memory leak in squashfs_fill_super (Abhi Das) [RHEL-138024] {CVE-2025-38415}
- Squashfs: check return result of sb_min_blocksize (CKI Backport Bot) [RHEL-138024] {CVE-2025-38415}
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (CKI Backport Bot) [RHEL-137686] {CVE-2025-40304}
- fbdev: bitblit: bound-check glyph index in bit_putcs* (CKI Backport Bot) [RHEL-136945] {CVE-2025-40322}



ELBA-2026-2473 Oracle Linux 10 .NET 8.0 bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-2473

http://linux.oracle.com/errata/ELBA-2026-2473.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
dotnet-hostfxr-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
dotnet-runtime-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
dotnet-sdk-8.0-8.0.124-1.0.1.el10_1.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.124-1.0.1.el10_1.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.124-1.0.1.el10_1.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.24-1.0.1.el10_1.x86_64.rpm
dotnet-templates-8.0-8.0.124-1.0.1.el10_1.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
dotnet-hostfxr-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
dotnet-runtime-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
dotnet-sdk-8.0-8.0.124-1.0.1.el10_1.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.124-1.0.1.el10_1.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.124-1.0.1.el10_1.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.24-1.0.1.el10_1.aarch64.rpm
dotnet-templates-8.0-8.0.124-1.0.1.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/dotnet8.0-8.0.124-1.0.1.el10_1.src.rpm

Description of changes:

[8.0.124-1.0.1]
- Add support for Oracle Linux

[8.0.124-1]
- Update to .NET SDK 8.0.124 and Runtime 8.0.24
- Resolves: RHEL-144972



ELBA-2026-1839 Oracle Linux 10 cloud-init bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1839

http://linux.oracle.com/errata/ELBA-2026-1839.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
cloud-init-24.4-6.0.1.el10_1.1.noarch.rpm

aarch64:
cloud-init-24.4-6.0.1.el10_1.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/cloud-init-24.4-6.0.1.el10_1.1.src.rpm

Description of changes:

[24.4-6.0.1.el10_1.1]
- NetworkManagerActivator brings up interface failed when using sysconfig renderer [RHEL-18981]
- Include module cc_write_files_deferred in config template [Orabug: 36959464]
- Fix Oracle Datasource network, getdata methods and increase retries [Orabug: 37065979]
- Fix log file permission [Orabug: 35302969]
- Update detection logic for OL distros in config template [Orabug: 34845400]
- Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938]
- Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938]
- Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672]
- limit permissions [Orabug: 31352433]
- Changes to ignore all enslaved interfaces [Orabug: 30092148]
- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch:
1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata
2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader
Resolves: Oracle-Bug:41660 (Bugzilla)
- added OL to list of known distros

[24.4-6.el10_1.1]
- ci-downstream-Do-not-override-changes-in-disable-sshd-k.patch [RHEL-128905]
- Resolves: RHEL-128905
([rhel-10] cloud-init upgrade is overwriting modifications in disable-sshd-keygen-if-cloud-init-active.conf [rhel-10.1.z])



ELSA-2026-2419 Moderate: Oracle Linux 8 python3.12 security update


Oracle Linux Security Advisory ELSA-2026-2419

http://linux.oracle.com/errata/ELSA-2026-2419.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-3.12.12-2.el8_10.i686.rpm
python3.12-3.12.12-2.el8_10.x86_64.rpm
python3.12-debug-3.12.12-2.el8_10.i686.rpm
python3.12-debug-3.12.12-2.el8_10.x86_64.rpm
python3.12-devel-3.12.12-2.el8_10.i686.rpm
python3.12-devel-3.12.12-2.el8_10.x86_64.rpm
python3.12-idle-3.12.12-2.el8_10.i686.rpm
python3.12-idle-3.12.12-2.el8_10.x86_64.rpm
python3.12-libs-3.12.12-2.el8_10.i686.rpm
python3.12-libs-3.12.12-2.el8_10.x86_64.rpm
python3.12-rpm-macros-3.12.12-2.el8_10.noarch.rpm
python3.12-test-3.12.12-2.el8_10.i686.rpm
python3.12-test-3.12.12-2.el8_10.x86_64.rpm
python3.12-tkinter-3.12.12-2.el8_10.i686.rpm
python3.12-tkinter-3.12.12-2.el8_10.x86_64.rpm

aarch64:
python3.12-3.12.12-2.el8_10.aarch64.rpm
python3.12-debug-3.12.12-2.el8_10.aarch64.rpm
python3.12-devel-3.12.12-2.el8_10.aarch64.rpm
python3.12-idle-3.12.12-2.el8_10.aarch64.rpm
python3.12-libs-3.12.12-2.el8_10.aarch64.rpm
python3.12-rpm-macros-3.12.12-2.el8_10.noarch.rpm
python3.12-test-3.12.12-2.el8_10.aarch64.rpm
python3.12-tkinter-3.12.12-2.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.12-3.12.12-2.el8_10.src.rpm

Related CVEs:

CVE-2025-13836

Description of changes:

[3.12.12-2]
- Security fix for CVE-2025-13836
Resolves: RHEL-140993



ELSA-2026-2212 Moderate: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-2212

http://linux.oracle.com/errata/ELSA-2026-2212.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-abi-stablelists-5.14.0-611.30.1.el9_7.noarch.rpm
kernel-core-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-cross-headers-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-core-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-devel-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-devel-matched-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-modules-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-modules-core-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-modules-extra-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-debug-uki-virt-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-devel-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-devel-matched-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-doc-5.14.0-611.30.1.el9_7.noarch.rpm
kernel-headers-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-modules-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-modules-core-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-modules-extra-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-tools-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-tools-libs-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-tools-libs-devel-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-uki-virt-5.14.0-611.30.1.el9_7.x86_64.rpm
kernel-uki-virt-addons-5.14.0-611.30.1.el9_7.x86_64.rpm
libperf-5.14.0-611.30.1.el9_7.x86_64.rpm
perf-5.14.0-611.30.1.el9_7.x86_64.rpm
python3-perf-5.14.0-611.30.1.el9_7.x86_64.rpm
rtla-5.14.0-611.30.1.el9_7.x86_64.rpm
rv-5.14.0-611.30.1.el9_7.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-611.30.1.el9_7.aarch64.rpm
kernel-headers-5.14.0-611.30.1.el9_7.aarch64.rpm
kernel-tools-5.14.0-611.30.1.el9_7.aarch64.rpm
kernel-tools-libs-5.14.0-611.30.1.el9_7.aarch64.rpm
kernel-tools-libs-devel-5.14.0-611.30.1.el9_7.aarch64.rpm
libperf-5.14.0-611.30.1.el9_7.aarch64.rpm
perf-5.14.0-611.30.1.el9_7.aarch64.rpm
python3-perf-5.14.0-611.30.1.el9_7.aarch64.rpm
rtla-5.14.0-611.30.1.el9_7.aarch64.rpm
rv-5.14.0-611.30.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-611.30.1.el9_7.src.rpm

Related CVEs:

CVE-2025-37789
CVE-2025-37819
CVE-2025-38022
CVE-2025-38024
CVE-2025-38403
CVE-2025-38415
CVE-2025-38459
CVE-2025-38730
CVE-2025-39760
CVE-2025-40135
CVE-2025-40141
CVE-2025-40158
CVE-2025-40170
CVE-2025-40269
CVE-2025-40271
CVE-2025-40318

Description of changes:

[5.14.0-611.30.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 buf_list (Jeff Moyer) [RHEL-137329]
- ice: prevent NULL deref in ice_lag_move_new_vf_nodes() (Michal Schmidt) [RHEL-143296]
- net: openvswitch: Avoid needlessly taking the RTNL on vport destroy (Adrian Moreno) [RHEL-141404]
- atm: clip: Fix infinite recursive call of clip_push(). (Guillaume Nault) [RHEL-137601] {CVE-2025-38459}
- dpll: zl3073x: Remove unused dev wrappers (Ivan Vecera) [RHEL-139699]
- dpll: zl3073x: Cache all output properties in zl3073x_out (Ivan Vecera) [RHEL-139699]
- dpll: zl3073x: Cache all reference properties in zl3073x_ref (Ivan Vecera) [RHEL-139699]
- dpll: zl3073x: Cache reference monitor status (Ivan Vecera) [RHEL-139699]
- dpll: zl3073x: Split ref, out, and synth logic from core (Ivan Vecera) [RHEL-139699]
- dpll: zl3073x: Store raw register values instead of parsed state (Ivan Vecera) [RHEL-139699]
- dpll: fix device-id-get and pin-id-get to return errors properly (Ivan Vecera) [RHEL-139699]
- dpll: spec: add missing module-name and clock-id to pin-get reply (Ivan Vecera) [RHEL-139699]
- dpll: zl3073x: Allow to configure phase offset averaging factor (Ivan Vecera) [RHEL-139699]
- dpll: add phase_offset_avg_factor_get/set callback ops (Ivan Vecera) [RHEL-139699]
- dpll: add phase-offset-avg-factor device attribute to netlink spec (Ivan Vecera) [RHEL-139699]
- dpll: fix clock quality level reporting (Ivan Vecera) [RHEL-139699]
- dpll: add reference sync get/set (Ivan Vecera) [RHEL-139699]
- dpll: add reference-sync netlink attribute (Ivan Vecera) [RHEL-139699]
- dpll: remove documentation of rclk_dev_name (Ivan Vecera) [RHEL-139699]
- net: use dst_dev_rcu() in sk_setup_caps() (Hangbin Liu) [RHEL-129084] {CVE-2025-40170}
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (Hangbin Liu) [RHEL-129084]
- net: ipv4: Consolidate ipv4_mtu and ip_dst_mtu_maybe_forward (Hangbin Liu) [RHEL-129084]
- ipv6: use RCU in ip6_xmit() (Hangbin Liu) [RHEL-129018] {CVE-2025-40135}
- ipv6: use RCU in ip6_output() (Hangbin Liu) [RHEL-128982] {CVE-2025-40158}
- net: dst: introduce dst->dev_rcu (Hangbin Liu) [RHEL-128982]
- ipv4: use RCU protection in __ip_rt_update_pmtu() (Hangbin Liu) [RHEL-128982]
- net: Add locking to protect skb->dev access in ip_output (Hangbin Liu) [RHEL-128982]
- net: dst: add four helpers to annotate data-races around dst->dev (Hangbin Liu) [RHEL-128982]
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (Hangbin Liu) [RHEL-128982]
- vrf: Fix lockdep splat in output path (Hangbin Liu) [RHEL-128982]
- ipv6: remove nexthop_fib6_nh_bh() (Hangbin Liu) [RHEL-128982]
- net: remove rcu_dereference_bh_rtnl() (Hangbin Liu) [RHEL-128982]
- neighbour: switch to standard rcu, instead of rcu_bh (Hangbin Liu) [RHEL-128982]
- ipv6: flowlabel: do not disable BH where not needed (Hangbin Liu) [RHEL-128982]
- ipv6: remove one read_lock()/read_unlock() pair in rt6_check_neigh() (Hangbin Liu) [RHEL-128982]
- neigh: introduce neigh_confirm() helper function (Hangbin Liu) [RHEL-128982]
- net: bonding: update the slave array for broadcast mode (Hangbin Liu) [RHEL-132923]
- net: bonding: add broadcast_neighbor netlink option (Hangbin Liu) [RHEL-132923]
- net: bonding: add broadcast_neighbor option for 802.3ad (Hangbin Liu) [RHEL-132923]
- vsock/vmci: Clear the vmci transport packet properly when initializing it (CKI Backport Bot) [RHEL-137697] {CVE-2025-38403}
- ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (CKI Backport Bot) [RHEL-136909] {CVE-2025-40269}
- nvme: tcp: Fix compilation warning with W=1 (John Meneghini) [RHEL-129928]
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (John Meneghini) [RHEL-129928]

[5.14.0-611.29.1]
- squashfs: fix memory leak in squashfs_fill_super (Abhi Das) [RHEL-138015] {CVE-2025-38415}
- Squashfs: check return result of sb_min_blocksize (CKI Backport Bot) [RHEL-138015] {CVE-2025-38415}
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (CKI Backport Bot) [RHEL-137364] {CVE-2025-39760}
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (CKI Backport Bot) [RHEL-137069] {CVE-2025-38024}

[5.14.0-611.28.1]
- s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (Luiz Capitulino) [RHEL-133337]
- s390: mm: add stub for hugetlb_optimize_vmemmap_key (Luiz Capitulino) [RHEL-133337]
- fs/proc: fix uaf in proc_readdir_de() (CKI Backport Bot) [RHEL-137098] {CVE-2025-40271}
- Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (CKI Backport Bot) [RHEL-136256] {CVE-2025-40318}
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (CKI Backport Bot) [RHEL-134352] {CVE-2025-38022}
- cifs: Fix deadlock in cifs_writepages during reconnect (Paulo Alcantara) [RHEL-134234]
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (CKI Backport Bot) [RHEL-131974] {CVE-2025-37819}
- net: openvswitch: fix nested key length validation in the set() action (CKI Backport Bot) [RHEL-131801] {CVE-2025-37789}
- md: avoid repeated calls to del_gendisk (Nigel Croxon) [RHEL-126532]
- md: delete mddev kobj before deleting gendisk kobj (Nigel Croxon) [RHEL-126532]
- md: add legacy_async_del_gendisk mode (Nigel Croxon) [RHEL-126532]
- md: Don't clear MD_CLOSING until mddev is freed (Nigel Croxon) [RHEL-126532]
- md: fix create on open mddev lifetime regression (Nigel Croxon) [RHEL-126532]
- md: call del_gendisk in control path (Nigel Croxon) [RHEL-126532]
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (CKI Backport Bot) [RHEL-128891] {CVE-2025-40141}



ELBA-2026-2472 Oracle Linux 9 .NET 8.0 bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-2472

http://linux.oracle.com/errata/ELBA-2026-2472.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
dotnet-hostfxr-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
dotnet-runtime-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
dotnet-sdk-8.0-8.0.124-1.0.1.el9_7.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.124-1.0.1.el9_7.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.124-1.0.1.el9_7.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.24-1.0.1.el9_7.x86_64.rpm
dotnet-templates-8.0-8.0.124-1.0.1.el9_7.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
dotnet-hostfxr-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
dotnet-runtime-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
dotnet-sdk-8.0-8.0.124-1.0.1.el9_7.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.124-1.0.1.el9_7.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.124-1.0.1.el9_7.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.24-1.0.1.el9_7.aarch64.rpm
dotnet-templates-8.0-8.0.124-1.0.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/dotnet8.0-8.0.124-1.0.1.el9_7.src.rpm

Description of changes:

[8.0.124-1.0.1]
- Add support for Oracle Linux

[8.0.124-1]
- Update to .NET SDK 8.0.124 and Runtime 8.0.24
- Resolves: RHEL-144968



ELSA-2026-2420 Important: Oracle Linux 8 nodejs:24 security update


Oracle Linux Security Advisory ELSA-2026-2420

http://linux.oracle.com/errata/ELSA-2026-2420.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-24.13.0-0.module+el8.10.0+90779+0cc618fe.x86_64.rpm
nodejs-devel-24.13.0-0.module+el8.10.0+90779+0cc618fe.x86_64.rpm
nodejs-docs-24.13.0-0.module+el8.10.0+90779+0cc618fe.noarch.rpm
nodejs-full-i18n-24.13.0-0.module+el8.10.0+90779+0cc618fe.x86_64.rpm
nodejs-libs-24.13.0-0.module+el8.10.0+90779+0cc618fe.x86_64.rpm
nodejs-nodemon-3.0.3-1.module+el8.10.0+90779+0cc618fe.noarch.rpm
nodejs-packaging-2021.06-6.module+el8.10.0+90779+0cc618fe.noarch.rpm
nodejs-packaging-bundler-2021.06-6.module+el8.10.0+90779+0cc618fe.noarch.rpm
npm-11.6.2-1.24.13.0.0.module+el8.10.0+90779+0cc618fe.noarch.rpm
v8-13.6-devel-13.6.233.17-1.24.13.0.0.module+el8.10.0+90779+0cc618fe.x86_64.rpm

aarch64:
nodejs-24.13.0-0.module+el8.10.0+90779+0cc618fe.aarch64.rpm
nodejs-devel-24.13.0-0.module+el8.10.0+90779+0cc618fe.aarch64.rpm
nodejs-docs-24.13.0-0.module+el8.10.0+90779+0cc618fe.noarch.rpm
nodejs-full-i18n-24.13.0-0.module+el8.10.0+90779+0cc618fe.aarch64.rpm
nodejs-libs-24.13.0-0.module+el8.10.0+90779+0cc618fe.aarch64.rpm
nodejs-nodemon-3.0.3-1.module+el8.10.0+90779+0cc618fe.noarch.rpm
nodejs-packaging-2021.06-6.module+el8.10.0+90779+0cc618fe.noarch.rpm
nodejs-packaging-bundler-2021.06-6.module+el8.10.0+90779+0cc618fe.noarch.rpm
npm-11.6.2-1.24.13.0.0.module+el8.10.0+90779+0cc618fe.noarch.rpm
v8-13.6-devel-13.6.233.17-1.24.13.0.0.module+el8.10.0+90779+0cc618fe.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-24.13.0-0.module+el8.10.0+90779+0cc618fe.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-3.0.3-1.module+el8.10.0+90779+0cc618fe.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-2021.06-6.module+el8.10.0+90779+0cc618fe.src.rpm

Related CVEs:

CVE-2025-55130
CVE-2025-55131
CVE-2025-55132
CVE-2025-59465
CVE-2025-59466
CVE-2026-21637

Description of changes:

nodejs
[1:24.13.0-1]
- Update to 24.13.0
Resolves: RHEL-135257

[1:24.4.1-1]
- Initial import of nodejs:24

nodejs-nodemon
[3.0.3-1]
- Initial import into nodejs:24 module

nodejs-packaging
[2021.06-6]
- Properly handle @group/package deps in nodejs-symlink-deps
Resolves: RHEL-121576

[2021.06-5]
- nodejs.req to properly detect bundled deps

[2021.06-4]
- NPM bundler: also find namespaced bundled dependencies

[2021.06-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

[2021.06-2]
- Fix hard-coded output directory in the bundler

[2021.06-1]
- Update to 2021.06-1
- bundler: Handle archaic license metadata
- bundler: Warn about bundled dependencies with no license metadata

[2021.01-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[2021.01-2]
- nodejs-packaging-bundler improvements to handle uncommon characters

[2021.01]
- Add nodejs-packaging-bundler and update README.md

[2020.09-1]
- Move to dist-git as the upstream



ELSA-2026-2389 Important: Oracle Linux 8 brotli security update


Oracle Linux Security Advisory ELSA-2026-2389

http://linux.oracle.com/errata/ELSA-2026-2389.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
brotli-1.0.6-4.el8_10.i686.rpm
brotli-1.0.6-4.el8_10.x86_64.rpm
brotli-devel-1.0.6-4.el8_10.i686.rpm
brotli-devel-1.0.6-4.el8_10.x86_64.rpm
python3-brotli-1.0.6-4.el8_10.x86_64.rpm

aarch64:
brotli-1.0.6-4.el8_10.aarch64.rpm
brotli-devel-1.0.6-4.el8_10.aarch64.rpm
python3-brotli-1.0.6-4.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/brotli-1.0.6-4.el8_10.src.rpm

Related CVEs:

CVE-2025-6176

Description of changes:

[1.0.6-4]
- Resolves: RHEL-133986
CVE-2025-6176 Brotli decompression bomb DoS in scrapy



ELSA-2026-2323 Important: Oracle Linux 8 git-lfs security update


Oracle Linux Security Advisory ELSA-2026-2323

http://linux.oracle.com/errata/ELSA-2026-2323.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
git-lfs-3.4.1-7.el8_10.x86_64.rpm

aarch64:
git-lfs-3.4.1-7.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/git-lfs-3.4.1-7.el8_10.src.rpm

Related CVEs:

CVE-2025-61729

Description of changes:

[3.4.1-7]
- Rebuild with new Golang
- Resolves: RHEL-140536



ELSA-2026-2264 Moderate: Oracle Linux 8 kernel security update


Oracle Linux Security Advisory ELSA-2026-2264

http://linux.oracle.com/errata/ELSA-2026-2264.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.104.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.104.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.104.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.104.1.el8_10.x86_64.rpm
perf-4.18.0-553.104.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.104.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.104.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.104.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.104.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.104.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.104.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.104.1.el8_10.aarch64.rpm
perf-4.18.0-553.104.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.104.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.104.1.el8_10.src.rpm

Related CVEs:

CVE-2022-50673
CVE-2025-38403
CVE-2025-40135
CVE-2025-40158
CVE-2025-40170
CVE-2025-40269
CVE-2025-68349
CVE-2026-22998

Description of changes:

[4.18.0-553.104.1]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64

GIT-LFS and Broti updates for AlmaLinux

LibPNG and GnuTLS updates for Slackware

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...