Mutter, Thunderbird, Python, and more updates for Oracle Linux

Oracle Linux 6348 Published by

Oracle Linux has announced the release of multiple security updates, which include bug fixes for a range of packages. Notable updates encompass mutter, thunderbird, oraclelinux-release, qt6-qtbase, buildah, softhsm, skopeo, gvisor-tap-vsock, golang-github-openprinting-ipp-usb, python-awscrt, perl-FCGI, sudo, podman, grafana-pcp, freerdp, cmake, python-setuptools, grafana, mod_proxy_cluster, osbuild-composer, .NET 9.0, ignition, sos, xdp-tools, valgrind, corosync, firefox, tuned, ksh, debugedit, libselinux, osbuild, edk2, ethtool, ansible-freeipa, python3.9, pam, and additional updates for python3.11 and python3.12.

ELBA-2025-7456 Oracle Linux 10 mutter bug fix update
ELSA-2025-10196 Important: Oracle Linux 9 thunderbird security update
ELSA-2025-10189 Important: Oracle Linux 9 python3.12 security update
ELSA-2025-10148 Important: Oracle Linux 9 python3.11 security update
ELBA-2025-20391 Oracle Linux 10 oraclelinux-release bug fix update
ELSA-2025-9486 Moderate: Oracle Linux 10 qt6-qtbase security update
ELSA-2025-9148 Moderate: Oracle Linux 10 buildah security update
ELBA-2025-9485 Oracle Linux 10 softhsm bug fix update
ELSA-2025-9149 Moderate: Oracle Linux 10 skopeo security update
ELSA-2025-9151 Moderate: Oracle Linux 10 gvisor-tap-vsock security update
ELSA-2025-9156 Moderate: Oracle Linux 10 golang-github-openprinting-ipp-usb security update
ELBA-2025-9467 Oracle Linux 10 python-awscrt bug fix and enhancement update
ELSA-2025-8636 Important: Oracle Linux 10 perl-FCGI security update
ELSA-2025-9978 Important: Oracle Linux 9 sudo security update
ELSA-2025-9146 Moderate: Oracle Linux 10 podman security update
ELSA-2025-8915 Moderate: Oracle Linux 10 grafana-pcp security update
ELSA-2025-9307 Moderate: Oracle Linux 10 freerdp security update
ELBA-2025-9482 Oracle Linux 10 cmake bug fix update
ELSA-2025-9940 Moderate: Oracle Linux 10 python-setuptools security update
ELSA-2025-8666 Moderate: Oracle Linux 10 grafana security update
ELSA-2025-9466 Moderate: Oracle Linux 10 mod_proxy_cluster security update
ELSA-2025-10110 Important: Oracle Linux 8 sudo security update
ELSA-2025-10128 Important: Oracle Linux 8 python3 security update
ELSA-2025-10031 Important: Oracle Linux 8 python3.12 security update
ELSA-2025-9623 Moderate: Oracle Linux 10 osbuild-composer security update
ELSA-2025-8816 Important: Oracle Linux 10 .NET 9.0 security update
ELSA-2025-7601 Important: Oracle Linux 10 .NET 9.0 security update
ELBA-2025-9475 Oracle Linux 10 ignition bug fix update
ELSA-2025-7503 Important: Oracle Linux 10 osbuild-composer security update
ELSA-2025-7467 Moderate: Oracle Linux 10 skopeo security update
ELBA-2025-9552 Oracle Linux 10 sos bug fix and enhancement update
ELBA-2025-9474 Oracle Linux 10 xdp-tools bug fix update
ELBA-2025-9472 Oracle Linux 10 valgrind bug fix update
ELSA-2025-7478 Moderate: Oracle Linux 10 corosync security update
ELSA-2025-10073 Important: Oracle Linux 10 firefox security update
ELBA-2025-9511 Oracle Linux 10 tuned bug fix and enhancement update
ELBA-2025-9478 Oracle Linux 10 ksh bug fix update
ELBA-2025-9469 Oracle Linux 10 debugedit bug fix update
ELBA-2025-9417 Oracle Linux 10 libselinux bug fix update
ELBA-2025-7483 Oracle Linux 10 osbuild bug fix and enhancement update
ELBA-2025-7472 Oracle Linux 10 edk2 bug fix update
ELBA-2025-9412 Oracle Linux 10 python3.12 bug fix update
ELBA-2025-9414 Oracle Linux 10 ethtool bug fix update
ELBA-2025-9345 Oracle Linux 10 ansible-freeipa bug fix and enhancement update
ELBA-2025-7469 Oracle Linux 10 .NET 9.0 bug fix and enhancement update
ELBA-2025-7460 Oracle Linux 10 osbuild-composer bug fix and enhancement update
ELSA-2025-10136 Important: Oracle Linux 9 python3.9 security update
ELSA-2025-10072 Important: Oracle Linux 9 firefox security update
ELSA-2025-10074 Important: Oracle Linux 8 firefox security update
ELSA-2025-10027 Important: Oracle Linux 8 pam security update
ELSA-2025-10026 Important: Oracle Linux 8 python3.11 security update




ELBA-2025-7456 Oracle Linux 10 mutter bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-7456

http://linux.oracle.com/errata/ELBA-2025-7456.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
mutter-47.5-8.el10_0.x86_64.rpm
mutter-common-47.5-8.el10_0.noarch.rpm
mutter-devel-47.5-8.el10_0.x86_64.rpm

aarch64:
mutter-47.5-8.el10_0.aarch64.rpm
mutter-common-47.5-8.el10_0.noarch.rpm
mutter-devel-47.5-8.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/mutter-47.5-8.el10_0.src.rpm

Description of changes:

[47.5.8]
- Bump release

[47.5-6]
- Backport fix for software cursors artifacts

[47.5-5]
- Add fix from https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/4289

[47.5-4]
- Add fix from https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/4272



ELSA-2025-10196 Important: Oracle Linux 9 thunderbird security update


Oracle Linux Security Advisory ELSA-2025-10196

http://linux.oracle.com/errata/ELSA-2025-10196.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.12.0-1.0.1.el9_6.x86_64.rpm

aarch64:
thunderbird-128.12.0-1.0.1.el9_6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/thunderbird-128.12.0-1.0.1.el9_6.src.rpm

Related CVEs:

CVE-2025-5986

Description of changes:

[128.12.0-1.0.1]
- Fix prefs for new nss [Orabug: 37079813]
- Add Oracle prefs

[128.12.0]
- Add OpenELA debranding

[128.12.0-1]
- Update to 128.12.0 build1



ELSA-2025-10189 Important: Oracle Linux 9 python3.12 security update


Oracle Linux Security Advisory ELSA-2025-10189

http://linux.oracle.com/errata/ELSA-2025-10189.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-3.12.9-1.el9_6.1.i686.rpm
python3.12-3.12.9-1.el9_6.1.x86_64.rpm
python3.12-debug-3.12.9-1.el9_6.1.i686.rpm
python3.12-debug-3.12.9-1.el9_6.1.x86_64.rpm
python3.12-devel-3.12.9-1.el9_6.1.i686.rpm
python3.12-devel-3.12.9-1.el9_6.1.x86_64.rpm
python3.12-idle-3.12.9-1.el9_6.1.i686.rpm
python3.12-idle-3.12.9-1.el9_6.1.x86_64.rpm
python3.12-libs-3.12.9-1.el9_6.1.i686.rpm
python3.12-libs-3.12.9-1.el9_6.1.x86_64.rpm
python3.12-test-3.12.9-1.el9_6.1.i686.rpm
python3.12-test-3.12.9-1.el9_6.1.x86_64.rpm
python3.12-tkinter-3.12.9-1.el9_6.1.i686.rpm
python3.12-tkinter-3.12.9-1.el9_6.1.x86_64.rpm

aarch64:
python3.12-3.12.9-1.el9_6.1.aarch64.rpm
python3.12-debug-3.12.9-1.el9_6.1.aarch64.rpm
python3.12-devel-3.12.9-1.el9_6.1.aarch64.rpm
python3.12-idle-3.12.9-1.el9_6.1.aarch64.rpm
python3.12-libs-3.12.9-1.el9_6.1.aarch64.rpm
python3.12-test-3.12.9-1.el9_6.1.aarch64.rpm
python3.12-tkinter-3.12.9-1.el9_6.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.12-3.12.9-1.el9_6.1.src.rpm

Related CVEs:

CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517

Description of changes:

[3.12.9-1.1]
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
- Resolves: RHEL-98058, RHEL-98020, RHEL-97809, RHEL-98184, RHEL-98211



ELSA-2025-10148 Important: Oracle Linux 9 python3.11 security update


Oracle Linux Security Advisory ELSA-2025-10148

http://linux.oracle.com/errata/ELSA-2025-10148.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.11-2.el9_6.1.i686.rpm
python3.11-3.11.11-2.el9_6.1.x86_64.rpm
python3.11-debug-3.11.11-2.el9_6.1.i686.rpm
python3.11-debug-3.11.11-2.el9_6.1.x86_64.rpm
python3.11-devel-3.11.11-2.el9_6.1.i686.rpm
python3.11-devel-3.11.11-2.el9_6.1.x86_64.rpm
python3.11-idle-3.11.11-2.el9_6.1.i686.rpm
python3.11-idle-3.11.11-2.el9_6.1.x86_64.rpm
python3.11-libs-3.11.11-2.el9_6.1.i686.rpm
python3.11-libs-3.11.11-2.el9_6.1.x86_64.rpm
python3.11-test-3.11.11-2.el9_6.1.i686.rpm
python3.11-test-3.11.11-2.el9_6.1.x86_64.rpm
python3.11-tkinter-3.11.11-2.el9_6.1.i686.rpm
python3.11-tkinter-3.11.11-2.el9_6.1.x86_64.rpm

aarch64:
python3.11-3.11.11-2.el9_6.1.aarch64.rpm
python3.11-debug-3.11.11-2.el9_6.1.aarch64.rpm
python3.11-devel-3.11.11-2.el9_6.1.aarch64.rpm
python3.11-idle-3.11.11-2.el9_6.1.aarch64.rpm
python3.11-libs-3.11.11-2.el9_6.1.aarch64.rpm
python3.11-test-3.11.11-2.el9_6.1.aarch64.rpm
python3.11-tkinter-3.11.11-2.el9_6.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.11-3.11.11-2.el9_6.1.src.rpm

Related CVEs:

CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517

Description of changes:

[3.11.11-2.1]
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
- Resolves: RHEL-98045, RHEL-98015, RHEL-98238, RHEL-98177, RHEL-98206



ELBA-2025-20391 Oracle Linux 10 oraclelinux-release bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-20391

http://linux.oracle.com/errata/ELBA-2025-20391.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
oraclelinux-release-10.0-1.0.15.el10.x86_64.rpm
oraclelinux-sb-certs-10.0-1.0.15.el10.noarch.rpm

aarch64:
oraclelinux-release-10.0-1.0.15.el10.aarch64.rpm
oraclelinux-sb-certs-10.0-1.0.15.el10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/oraclelinux-release-10.0-1.0.15.el10.src.rpm

Description of changes:

[10.0-1.0.15]
- Add vendor UEFI certificates [Orabug: 38112566]



ELSA-2025-9486 Moderate: Oracle Linux 10 qt6-qtbase security update


Oracle Linux Security Advisory ELSA-2025-9486

http://linux.oracle.com/errata/ELSA-2025-9486.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
qt6-qtbase-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-common-6.8.1-9.el10_0.noarch.rpm
qt6-qtbase-devel-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-examples-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-gui-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-mysql-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-odbc-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-postgresql-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-private-devel-6.8.1-9.el10_0.x86_64.rpm
qt6-qtbase-static-6.8.1-9.el10_0.x86_64.rpm

aarch64:
qt6-qtbase-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-common-6.8.1-9.el10_0.noarch.rpm
qt6-qtbase-devel-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-examples-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-gui-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-mysql-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-odbc-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-postgresql-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-private-devel-6.8.1-9.el10_0.aarch64.rpm
qt6-qtbase-static-6.8.1-9.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/qt6-qtbase-6.8.1-9.el10_0.src.rpm

Related CVEs:

CVE-2025-5455

Description of changes:

[6.8.1-9]
- qt5: qt6: QtCore Assertion Failure Denial of Service (CVE-2025-5455)



ELSA-2025-9148 Moderate: Oracle Linux 10 buildah security update


Oracle Linux Security Advisory ELSA-2025-9148

http://linux.oracle.com/errata/ELSA-2025-9148.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
buildah-1.39.4-2.0.1.el10_0.x86_64.rpm
buildah-tests-1.39.4-2.0.1.el10_0.x86_64.rpm

aarch64:
buildah-1.39.4-2.0.1.el10_0.aarch64.rpm
buildah-tests-1.39.4-2.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/buildah-1.39.4-2.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[2:1.39.4-2.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]

[2:1.39.4-2]
- Rebuild on new golang to fix CVE-2025-22871

[2:1.39.4-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.4
- Related: RHEL-80817

[2:1.39.3-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.3
- Related: RHEL-80817

[2:1.39.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.2
- Related: RHEL-80817

[2:1.39.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.1
- Resolves: RHEL-81133



ELBA-2025-9485 Oracle Linux 10 softhsm bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9485

http://linux.oracle.com/errata/ELBA-2025-9485.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
softhsm-2.6.1-16.el10_0.x86_64.rpm

aarch64:
softhsm-2.6.1-16.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/softhsm-2.6.1-16.el10_0.src.rpm

Description of changes:

[2.6.1-16]
- Add BuildRequires on systemd-rpm-macros
Resolves: RHEL-88182

[2.6.1-15]
- Use systemd-sysusers
Resolves: RHEL-4901



ELSA-2025-9149 Moderate: Oracle Linux 10 skopeo security update


Oracle Linux Security Advisory ELSA-2025-9149

http://linux.oracle.com/errata/ELSA-2025-9149.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
skopeo-1.18.1-2.el10_0.x86_64.rpm
skopeo-tests-1.18.1-2.el10_0.x86_64.rpm

aarch64:
skopeo-1.18.1-2.el10_0.aarch64.rpm
skopeo-tests-1.18.1-2.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/skopeo-1.18.1-2.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[1:1.18.1-2]
- Fix bats dep on tests subpackage
- Resolves: RHEL-58990
- Rebuild on new golang to fix CVE-2025-22871

[1:1.18.1-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.18
( https://github.com/containers/skopeo/commit/bfd0850)
- fixes "CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-10.1]"
- Resolves: RHEL-80611



ELSA-2025-9151 Moderate: Oracle Linux 10 gvisor-tap-vsock security update


Oracle Linux Security Advisory ELSA-2025-9151

http://linux.oracle.com/errata/ELSA-2025-9151.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
gvisor-tap-vsock-0.8.5-2.el10_0.x86_64.rpm
gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.x86_64.rpm

aarch64:
gvisor-tap-vsock-0.8.5-2.el10_0.aarch64.rpm
gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/gvisor-tap-vsock-0.8.5-2.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[6:0.8.5-2]
- Rebuild on new golang to fix CVE-2025-22871

[6:0.8.5-1]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.5
- Related: RHEL-80817

[6:0.8.4-1]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.4
- Resolves: RHEL-83030



ELSA-2025-9156 Moderate: Oracle Linux 10 golang-github-openprinting-ipp-usb security update


Oracle Linux Security Advisory ELSA-2025-9156

http://linux.oracle.com/errata/ELSA-2025-9156.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ipp-usb-0.9.27-3.el10_0.x86_64.rpm

aarch64:
ipp-usb-0.9.27-3.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/golang-github-openprinting-ipp-usb-0.9.27-3.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[0.9.27-3]
- rebuild to fix CVE-2025-22871



ELBA-2025-9467 Oracle Linux 10 python-awscrt bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-9467

http://linux.oracle.com/errata/ELBA-2025-9467.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-awscrt-0.23.8-1.el10_0.x86_64.rpm

aarch64:
python3-awscrt-0.23.8-1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/python-awscrt-0.23.8-1.el10_0.src.rpm

Description of changes:

[0.23.8-1]
- Update to 0.23.8 and add skip-testing-sha1.patch

[0.20.2-6]
- add gating.yaml



ELSA-2025-8636 Important: Oracle Linux 10 perl-FCGI security update


Oracle Linux Security Advisory ELSA-2025-8636

http://linux.oracle.com/errata/ELSA-2025-8636.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-FCGI-0.82-13.1.el10_0.x86_64.rpm

aarch64:
perl-FCGI-0.82-13.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/perl-FCGI-0.82-13.1.el10_0.src.rpm

Related CVEs:

CVE-2025-40907

Description of changes:

[1:0.82-13.1]
- Fix CVE-2025-40907 (integer overflow when parsing FastCGI parameters)



ELSA-2025-9978 Important: Oracle Linux 9 sudo security update


Oracle Linux Security Advisory ELSA-2025-9978

http://linux.oracle.com/errata/ELSA-2025-9978.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
sudo-1.9.5p2-10.el9_6.1.x86_64.rpm
sudo-python-plugin-1.9.5p2-10.el9_6.1.x86_64.rpm

aarch64:
sudo-1.9.5p2-10.el9_6.1.aarch64.rpm
sudo-python-plugin-1.9.5p2-10.el9_6.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/sudo-1.9.5p2-10.el9_6.1.src.rpm

Related CVEs:

CVE-2025-32462

Description of changes:

[1.9.5p2-10.1]
RHEL 9.6.0.Z ERRATUM
- CVE-2025-32462 sudo: LPE via host option
Resolves: RHEL-100016



ELSA-2025-9146 Moderate: Oracle Linux 10 podman security update


Oracle Linux Security Advisory ELSA-2025-9146

http://linux.oracle.com/errata/ELSA-2025-9146.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
podman-5.4.0-10.0.1.el10_0.x86_64.rpm
podman-docker-5.4.0-10.0.1.el10_0.noarch.rpm
podman-remote-5.4.0-10.0.1.el10_0.x86_64.rpm
podman-tests-5.4.0-10.0.1.el10_0.x86_64.rpm

aarch64:
podman-5.4.0-10.0.1.el10_0.aarch64.rpm
podman-docker-5.4.0-10.0.1.el10_0.noarch.rpm
podman-remote-5.4.0-10.0.1.el10_0.aarch64.rpm
podman-tests-5.4.0-10.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/podman-5.4.0-10.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[6:5.4.0-10.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[6:5.4.0-10]
- rebuild to resolve CVE-2025-22871
- Pick latest f rom https://github.com/containers/podman/tree/v5.4-rhel
https://github.com/containers/podman/commit/0ee1d49



ELSA-2025-8915 Moderate: Oracle Linux 10 grafana-pcp security update


Oracle Linux Security Advisory ELSA-2025-8915

http://linux.oracle.com/errata/ELSA-2025-8915.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-pcp-5.2.2-3.el10_0.x86_64.rpm

aarch64:
grafana-pcp-5.2.2-3.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/grafana-pcp-5.2.2-3.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[5.2.2-3]
- Resolves RHEL-89218: CVE-2025-22871



ELSA-2025-9307 Moderate: Oracle Linux 10 freerdp security update


Oracle Linux Security Advisory ELSA-2025-9307

http://linux.oracle.com/errata/ELSA-2025-9307.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
freerdp-3.10.3-3.el10_0.x86_64.rpm
freerdp-devel-3.10.3-3.el10_0.x86_64.rpm
freerdp-libs-3.10.3-3.el10_0.x86_64.rpm
freerdp-server-3.10.3-3.el10_0.x86_64.rpm
libwinpr-3.10.3-3.el10_0.x86_64.rpm
libwinpr-devel-3.10.3-3.el10_0.x86_64.rpm

aarch64:
freerdp-3.10.3-3.el10_0.aarch64.rpm
freerdp-devel-3.10.3-3.el10_0.aarch64.rpm
freerdp-libs-3.10.3-3.el10_0.aarch64.rpm
freerdp-server-3.10.3-3.el10_0.aarch64.rpm
libwinpr-3.10.3-3.el10_0.aarch64.rpm
libwinpr-devel-3.10.3-3.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/freerdp-3.10.3-3.el10_0.src.rpm

Related CVEs:

CVE-2025-4478

Description of changes:

[2:3.10.3-3]
- Initialize function pointers after resource allocation
- Fixes CVE-2025-4478
- Resolves: RHEL-91583



ELBA-2025-9482 Oracle Linux 10 cmake bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9482

http://linux.oracle.com/errata/ELBA-2025-9482.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
cmake-3.30.5-3.el10_0.x86_64.rpm
cmake-data-3.30.5-3.el10_0.noarch.rpm
cmake-doc-3.30.5-3.el10_0.noarch.rpm
cmake-filesystem-3.30.5-3.el10_0.x86_64.rpm
cmake-gui-3.30.5-3.el10_0.x86_64.rpm
cmake-rpm-macros-3.30.5-3.el10_0.noarch.rpm

aarch64:
cmake-3.30.5-3.el10_0.aarch64.rpm
cmake-data-3.30.5-3.el10_0.noarch.rpm
cmake-doc-3.30.5-3.el10_0.noarch.rpm
cmake-filesystem-3.30.5-3.el10_0.aarch64.rpm
cmake-gui-3.30.5-3.el10_0.aarch64.rpm
cmake-rpm-macros-3.30.5-3.el10_0.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/cmake-3.30.5-3.el10_0.src.rpm

Description of changes:

[3.30.5-3]
- macros: Fix missing asterisk in ctest macro



ELSA-2025-9940 Moderate: Oracle Linux 10 python-setuptools security update


Oracle Linux Security Advisory ELSA-2025-9940

http://linux.oracle.com/errata/ELSA-2025-9940.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-setuptools-69.0.3-12.el10_0.noarch.rpm
python3-setuptools-wheel-69.0.3-12.el10_0.noarch.rpm

aarch64:
python3-setuptools-69.0.3-12.el10_0.noarch.rpm
python3-setuptools-wheel-69.0.3-12.el10_0.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/python-setuptools-69.0.3-12.el10_0.src.rpm

Related CVEs:

CVE-2025-47273

Description of changes:

[69.0.3-12]
- Security fix for CVE-2025-47273

[69.0.3-11]
- Change the test source location



ELSA-2025-8666 Moderate: Oracle Linux 10 grafana security update


Oracle Linux Security Advisory ELSA-2025-8666

http://linux.oracle.com/errata/ELSA-2025-8666.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-10.2.6-18.el10_0.x86_64.rpm
grafana-selinux-10.2.6-18.el10_0.x86_64.rpm

aarch64:
grafana-10.2.6-18.el10_0.aarch64.rpm
grafana-selinux-10.2.6-18.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/grafana-10.2.6-18.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[10.2.6-18]
- Resolves RHEL-89943: CVE-2025-4123

[10.2.6-16]
- Resolves RHEL-85420: Move home directory of grafana to /var/lib/grafana

[10.2.6-15]
- Resolves RHEL-84627: CVE-2025-30204



ELSA-2025-9466 Moderate: Oracle Linux 10 mod_proxy_cluster security update


Oracle Linux Security Advisory ELSA-2025-9466

http://linux.oracle.com/errata/ELSA-2025-9466.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
mod_proxy_cluster-1.3.22-1.el10_0.2.x86_64.rpm

aarch64:
mod_proxy_cluster-1.3.22-1.el10_0.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/mod_proxy_cluster-1.3.22-1.el10_0.2.src.rpm

Related CVEs:

CVE-2024-10306

Description of changes:

[1.3.22-1.el10_0.2]
- Resolves: RHEL-82256 - Update deprecated misspeled EnableMCPMReceive directive

[1.3.22-1.el10_0.1]
- Resolves: RHEL-80796 - Rebase mod_proxy_cluster to upstream 1.3.22.Final release

[1.3.22-1]
- Resolves: RHEL-80480 Rebase mod_proxy_cluster to upstream 1.3.22.Final release



ELSA-2025-10110 Important: Oracle Linux 8 sudo security update


Oracle Linux Security Advisory ELSA-2025-10110

http://linux.oracle.com/errata/ELSA-2025-10110.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
sudo-1.9.5p2-1.0.1.el8_10.1.x86_64.rpm

aarch64:
sudo-1.9.5p2-1.0.1.el8_10.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/sudo-1.9.5p2-1.0.1.el8_10.1.src.rpm

Related CVEs:

CVE-2025-32462

Description of changes:

[1.9.5p2-1.0.1]
- Fixes sudo -s unclosed sessions when use_pty option used [Orabug: 36952911]

[1.9.5p2-10.1]
RHEL 8.10.0.Z ERRATUM
- CVE-2025-32462 sudo: LPE via host option
Resolves: RHEL-100014



ELSA-2025-10128 Important: Oracle Linux 8 python3 security update


Oracle Linux Security Advisory ELSA-2025-10128

http://linux.oracle.com/errata/ELSA-2025-10128.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
platform-python-3.6.8-70.0.1.el8_10.i686.rpm
platform-python-3.6.8-70.0.1.el8_10.x86_64.rpm
platform-python-debug-3.6.8-70.0.1.el8_10.i686.rpm
platform-python-debug-3.6.8-70.0.1.el8_10.x86_64.rpm
platform-python-devel-3.6.8-70.0.1.el8_10.i686.rpm
platform-python-devel-3.6.8-70.0.1.el8_10.x86_64.rpm
python3-idle-3.6.8-70.0.1.el8_10.i686.rpm
python3-idle-3.6.8-70.0.1.el8_10.x86_64.rpm
python3-libs-3.6.8-70.0.1.el8_10.i686.rpm
python3-libs-3.6.8-70.0.1.el8_10.x86_64.rpm
python3-test-3.6.8-70.0.1.el8_10.i686.rpm
python3-test-3.6.8-70.0.1.el8_10.x86_64.rpm
python3-tkinter-3.6.8-70.0.1.el8_10.i686.rpm
python3-tkinter-3.6.8-70.0.1.el8_10.x86_64.rpm

aarch64:
platform-python-3.6.8-70.0.1.el8_10.aarch64.rpm
platform-python-debug-3.6.8-70.0.1.el8_10.aarch64.rpm
platform-python-devel-3.6.8-70.0.1.el8_10.aarch64.rpm
python3-idle-3.6.8-70.0.1.el8_10.aarch64.rpm
python3-libs-3.6.8-70.0.1.el8_10.aarch64.rpm
python3-test-3.6.8-70.0.1.el8_10.aarch64.rpm
python3-tkinter-3.6.8-70.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3-3.6.8-70.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517

Description of changes:

[3.6.8-70.0.1]
- Add Oracle Linux distribution in platform.py [Orabug: 20812544]

[3.6.8.openela.0]
- Add openela to supported dists

[3.6.8-70]
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
Resolves: RHEL-98030, RHEL-97987, RHEL-98232, RHEL-98065, RHEL-98189



ELSA-2025-10031 Important: Oracle Linux 8 python3.12 security update


Oracle Linux Security Advisory ELSA-2025-10031

http://linux.oracle.com/errata/ELSA-2025-10031.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-3.12.11-1.el8_10.i686.rpm
python3.12-3.12.11-1.el8_10.x86_64.rpm
python3.12-debug-3.12.11-1.el8_10.i686.rpm
python3.12-debug-3.12.11-1.el8_10.x86_64.rpm
python3.12-devel-3.12.11-1.el8_10.i686.rpm
python3.12-devel-3.12.11-1.el8_10.x86_64.rpm
python3.12-idle-3.12.11-1.el8_10.i686.rpm
python3.12-idle-3.12.11-1.el8_10.x86_64.rpm
python3.12-libs-3.12.11-1.el8_10.i686.rpm
python3.12-libs-3.12.11-1.el8_10.x86_64.rpm
python3.12-rpm-macros-3.12.11-1.el8_10.noarch.rpm
python3.12-test-3.12.11-1.el8_10.i686.rpm
python3.12-test-3.12.11-1.el8_10.x86_64.rpm
python3.12-tkinter-3.12.11-1.el8_10.i686.rpm
python3.12-tkinter-3.12.11-1.el8_10.x86_64.rpm

aarch64:
python3.12-3.12.11-1.el8_10.aarch64.rpm
python3.12-debug-3.12.11-1.el8_10.aarch64.rpm
python3.12-devel-3.12.11-1.el8_10.aarch64.rpm
python3.12-idle-3.12.11-1.el8_10.aarch64.rpm
python3.12-libs-3.12.11-1.el8_10.aarch64.rpm
python3.12-rpm-macros-3.12.11-1.el8_10.noarch.rpm
python3.12-test-3.12.11-1.el8_10.aarch64.rpm
python3.12-tkinter-3.12.11-1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.12-3.12.11-1.el8_10.src.rpm

Related CVEs:

CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517

Description of changes:

[3.12.11-1]
- Update to 3.12.11
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
Resolves: RHEL-98040, RHEL-98010, RHEL-97808, RHEL-98070, RHEL-98213



ELSA-2025-9623 Moderate: Oracle Linux 10 osbuild-composer security update


Oracle Linux Security Advisory ELSA-2025-9623

http://linux.oracle.com/errata/ELSA-2025-9623.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-134.1-2.0.1.el10_0.x86_64.rpm
osbuild-composer-core-134.1-2.0.1.el10_0.x86_64.rpm
osbuild-composer-worker-134.1-2.0.1.el10_0.x86_64.rpm

aarch64:
osbuild-composer-134.1-2.0.1.el10_0.aarch64.rpm
osbuild-composer-core-134.1-2.0.1.el10_0.aarch64.rpm
osbuild-composer-worker-134.1-2.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/osbuild-composer-134.1-2.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-22871

Description of changes:

[134.1-2.0.1]
- Add OL10 support
- Update repository URLs for baseos, appstream and UERK
- Fix the label for UEKR repository
- Simplify repository names [JIRA: OLDIS-35893]
- Ensure build on latest golang: CVE-2024-34156
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]

[134.1-2]
- Rebuild for CVE-2025-22871

[134.1-1]
- Import upstream 134.1



ELSA-2025-8816 Important: Oracle Linux 10 .NET 9.0 security update


Oracle Linux Security Advisory ELSA-2025-8816

http://linux.oracle.com/errata/ELSA-2025-8816.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
aspnetcore-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
aspnetcore-targeting-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-apphost-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-host-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-hostfxr-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-runtime-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-aot-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-dbg-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-targeting-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-templates-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
netstandard-targeting-pack-2.1-9.0.107-1.0.1.el10_0.x86_64.rpm

aarch64:
aspnetcore-runtime-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
aspnetcore-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
aspnetcore-targeting-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-apphost-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-host-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-hostfxr-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-runtime-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-aot-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-dbg-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-targeting-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-templates-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
netstandard-targeting-pack-2.1-9.0.107-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/dotnet9.0-9.0.107-1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-30399

Description of changes:

[9.0.107-1.0.1]
- Add support for Oracle Linux

[9.0.107-1]
- Update to .NET SDK 9.0.107 and Runtime 9.0.6
- Resolves: RHEL-94423

[9.0.106-2]
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
- Resolves: RHEL-89452

[9.0.105-2]
- Update to .NET SDK 9.0.105 and Runtime 9.0.4
- Resolves: RHEL-85281

[9.0.104-2]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81647



ELSA-2025-7601 Important: Oracle Linux 10 .NET 9.0 security update


Oracle Linux Security Advisory ELSA-2025-7601

http://linux.oracle.com/errata/ELSA-2025-7601.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
aspnetcore-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
aspnetcore-targeting-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-apphost-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-host-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-hostfxr-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-runtime-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-aot-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-dbg-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-targeting-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-templates-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
netstandard-targeting-pack-2.1-9.0.107-1.0.1.el10_0.x86_64.rpm

aarch64:
aspnetcore-runtime-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
aspnetcore-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
aspnetcore-targeting-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-apphost-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-host-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-hostfxr-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-runtime-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-aot-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-dbg-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-targeting-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-templates-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
netstandard-targeting-pack-2.1-9.0.107-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/dotnet9.0-9.0.107-1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-26646

Description of changes:

[9.0.107-1.0.1]
- Add support for Oracle Linux

[9.0.107-1]
- Update to .NET SDK 9.0.107 and Runtime 9.0.6
- Resolves: RHEL-94423

[9.0.106-2]
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
- Resolves: RHEL-89452

[9.0.105-2]
- Update to .NET SDK 9.0.105 and Runtime 9.0.4
- Resolves: RHEL-85281

[9.0.104-2]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81647



ELBA-2025-9475 Oracle Linux 10 ignition bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9475

http://linux.oracle.com/errata/ELBA-2025-9475.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ignition-2.21.0-2.0.1.el10_0.x86_64.rpm
ignition-edge-2.21.0-2.0.1.el10_0.x86_64.rpm
ignition-validate-2.21.0-2.0.1.el10_0.x86_64.rpm

aarch64:
ignition-2.21.0-2.0.1.el10_0.aarch64.rpm
ignition-edge-2.21.0-2.0.1.el10_0.aarch64.rpm
ignition-validate-2.21.0-2.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/ignition-2.21.0-2.0.1.el10_0.src.rpm

Description of changes:

[2.21.0-2.0.1]
- Remove sgdisk requirement and create symbolic link to sgdisk [Orabug: 37470782]

[2.21.0-2]
- Ignition.cfg -> 05_ignition.cfg rename

[2.21.0-1]
- spec: new upstream version 2.21.0



ELSA-2025-7503 Important: Oracle Linux 10 osbuild-composer security update


Oracle Linux Security Advisory ELSA-2025-7503

http://linux.oracle.com/errata/ELSA-2025-7503.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-134.1-2.0.1.el10_0.x86_64.rpm
osbuild-composer-core-134.1-2.0.1.el10_0.x86_64.rpm
osbuild-composer-worker-134.1-2.0.1.el10_0.x86_64.rpm

aarch64:
osbuild-composer-134.1-2.0.1.el10_0.aarch64.rpm
osbuild-composer-core-134.1-2.0.1.el10_0.aarch64.rpm
osbuild-composer-worker-134.1-2.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/osbuild-composer-134.1-2.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-30204

Description of changes:

[134.1-2.0.1]
- Add OL10 support
- Update repository URLs for baseos, appstream and UERK
- Fix the label for UEKR repository
- Simplify repository names [JIRA: OLDIS-35893]
- Ensure build on latest golang: CVE-2024-34156
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]



ELSA-2025-7467 Moderate: Oracle Linux 10 skopeo security update


Oracle Linux Security Advisory ELSA-2025-7467

http://linux.oracle.com/errata/ELSA-2025-7467.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
skopeo-1.18.1-2.el10_0.x86_64.rpm
skopeo-tests-1.18.1-2.el10_0.x86_64.rpm

aarch64:
skopeo-1.18.1-2.el10_0.aarch64.rpm
skopeo-tests-1.18.1-2.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/skopeo-1.18.1-2.el10_0.src.rpm

Related CVEs:

CVE-2025-27144

Description of changes:

[1:1.18.1-2]
- Fix bats dep on tests subpackage
- Resolves: RHEL-58990
- Rebuild on new golang to fix CVE-2025-22871

[1:1.18.1-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.18
( https://github.com/containers/skopeo/commit/bfd0850)
- fixes "CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-10.1]"
- Resolves: RHEL-80611



ELBA-2025-9552 Oracle Linux 10 sos bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-9552

http://linux.oracle.com/errata/ELBA-2025-9552.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
sos-4.9.1-2.0.1.el10_0.noarch.rpm

aarch64:
sos-4.9.1-2.0.1.el10_0.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/sos-4.9.1-2.0.1.el10_0.src.rpm

Description of changes:

[4.9.1-2.0.1]
- Disable all upload options [Orabug: 37854589]
- Update the enabled and skipped plugins lists to match ExaDatas requirements. [Orabug: 37440321]
- Add Keyboard exception handler to collector [Orabug: 37854316]
- Print stack of all un-interrupted process [Orabug: 37713383]
- Remove file type check and append string to file name [Orabug: 37241057]
- Remove rpc_clnt directory from sunrpc debugfs [Orabug: 37129232]
- Disable ethtool EEPROM dump for link down interfaces [Orabug: 37129428]
- Modify sos.spec to make python3-file-magic as dependency for sos package [Orabug: 36834417]
- Append .txt extension to files rejected by MOS policy [Orabug: 36727763]
- Collecting last 50k lines of ftrace file trace [Orabug: 36590767]
- Adding socket statistics command output [Orabug: 36594481]
- Add IO queue depth of all the devices on node [Orabug: 36594679]
- Disable upload option to sos report collector [Orabug: 36068606]
- Add irq debugfs to sosreport [Orabug: 36511145]
- Collect all rsyslogs files for all-logs option [Orabug: 36402382]
- Set SIGPIPE to default action for Broken Pipe Error [Orabug: 35969973]
- Modifying dnf history info transaction index [Orabug: 35497720]
- Adding virsh guest cgroup configuration [Orabug: 35145501]
- Adding virsh qemu-monitor info tree command [Orabug: 35148435]
- Adding Plugin option support for ksplice and btrfs [Orabug: 35115193]
- append .txt to .com domain named files [Orabug: 34527958]
- Adding dmesg -T to show timestamp for syslog comparison [Orabug: 34250313]
- Adding uptrack-uname to show effective ksplice kernel version [Orabug: 33553351]
- Added sos-oraclelinux-vendor-vendorurl.patch
- Fix patch for Orabug 31969352 [Orabug: 32822570]
- [ovn_central] call podman exec without a timeout
Resolves: bz1767359
- Adjusted ksplice plugin patches for path change [Orabug: 32881277]
- Fix os detect string for Oracle Linux [Orabug: 28674897]
- Add ksplice plugin [Orabug: 30273666] (Philippe Vanhaesendonck)
- Disable upload options for OracleLinux [Orabug: 31969352]
- Replace RH_FTP_HOST and RH_API_HOST with "_none_" [Orabug: 31975601]
- Allow a journal log size to be smaller than 100M [Orabug: 32454362]
- Do not exit on unknown plugin [Orabug: 32556170]
- Add in some btrfs commands [Orabug: 32727607]
- Add /var/run/ksplice/debug to sos ksplice plugin [Orabug: 32618933]
- Fix ksplice plugin does not show description [Orabug: 32886513]

[= 4.9.1-2]
- Update to 4.9.1-2 in RHEL 10
Resolves: RHEL-86667
Resolves: RHEL-86651

[= 4.9.1-1]
- Update to 4.9.1 in RHEL 10
Resolves: RHEL-86667
Resolves: RHEL-86651



ELBA-2025-9474 Oracle Linux 10 xdp-tools bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9474

http://linux.oracle.com/errata/ELBA-2025-9474.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
libxdp-1.5.3-1.el10_0.x86_64.rpm
libxdp-devel-1.5.3-1.el10_0.x86_64.rpm
libxdp-static-1.5.3-1.el10_0.x86_64.rpm
xdp-tools-1.5.3-1.el10_0.x86_64.rpm

aarch64:
libxdp-1.5.3-1.el10_0.aarch64.rpm
libxdp-devel-1.5.3-1.el10_0.aarch64.rpm
libxdp-static-1.5.3-1.el10_0.aarch64.rpm
xdp-tools-1.5.3-1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/xdp-tools-1.5.3-1.el10_0.src.rpm

Description of changes:

[1.5.3-1]
- Upstream version bump



ELBA-2025-9472 Oracle Linux 10 valgrind bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9472

http://linux.oracle.com/errata/ELBA-2025-9472.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
valgrind-3.24.0-5.el10_0.x86_64.rpm
valgrind-devel-3.24.0-5.el10_0.x86_64.rpm

aarch64:
valgrind-3.24.0-5.el10_0.aarch64.rpm
valgrind-devel-3.24.0-5.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/valgrind-3.24.0-5.el10_0.src.rpm

Description of changes:

[3.24.0-5]
- More VALGRIND_3_24_BRANCH patches
0015-ppc-test_dfp2-build-fix-for-GCC-15.patch
0016-syswrap-generic-Emit-pp_ExeContext-after-the-file-de.patch
0017-add_hardwired_spec-for-ld-linux-x86-64.so.2-memcmp.patch
0018-gdbserver_tests-filter-out-new-Missing-rpms-message.patch



ELSA-2025-7478 Moderate: Oracle Linux 10 corosync security update


Oracle Linux Security Advisory ELSA-2025-7478

http://linux.oracle.com/errata/ELSA-2025-7478.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
corosync-vqsim-3.1.9-1.el10_0.1.x86_64.rpm
corosynclib-3.1.9-1.el10_0.1.x86_64.rpm

aarch64:
corosync-vqsim-3.1.9-1.el10_0.1.aarch64.rpm
corosynclib-3.1.9-1.el10_0.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/corosync-3.1.9-1.el10_0.1.src.rpm

Related CVEs:

CVE-2025-30472

Description of changes:

[3.1.9-1.1]
- Resolves: RHEL-84612

- totemsrp: Check size of orf_token msg (fixes CVE-2025-30472)



ELSA-2025-10073 Important: Oracle Linux 10 firefox security update


Oracle Linux Security Advisory ELSA-2025-10073

http://linux.oracle.com/errata/ELSA-2025-10073.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-128.12.0-1.0.1.el10_0.x86_64.rpm

aarch64:
firefox-128.12.0-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/firefox-128.12.0-1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-6424
CVE-2025-6425
CVE-2025-6429
CVE-2025-6430

Description of changes:

[128.12.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]

[128.12.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[128.12.0-1]
- Update to 128.12.0 build1



ELBA-2025-9511 Oracle Linux 10 tuned bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-9511

http://linux.oracle.com/errata/ELBA-2025-9511.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
tuned-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-gtk-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-ppd-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-atomic-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-cpu-partitioning-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-mssql-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-oci-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-oci-recommend-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-oracle-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-postgresql-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-spectrumscale-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-utils-2.25.1-2.0.1.el10_0.noarch.rpm

aarch64:
tuned-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-gtk-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-ppd-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-atomic-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-cpu-partitioning-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-mssql-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-oci-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-oci-recommend-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-oracle-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-postgresql-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-profiles-spectrumscale-2.25.1-2.0.1.el10_0.noarch.rpm
tuned-utils-2.25.1-2.0.1.el10_0.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/tuned-2.25.1-2.0.1.el10_0.src.rpm

Description of changes:

[2.25.1-2.0.1]
- Fix RPS/XPS and busy polling optimization not getting applied [Orabug: 32153315]
- Fix error in uninstalling tuned [Orabug: 351528377]
- Updated patch with the more recent version [Orabug: 30730976]
- Set AMD CPU freq governor to ondemand when unapplying cpu tunings [Orabug: 30033199]
- Restored the system rules in recommend.conf [Orabug: 29962987]
- Added oci-nic profile and updated profiles-oci-recommend [Orabug: 29869969]
for increasing combined channels to 16 on NICs with bnxt_en driver on BM
- Do not access xps_cpus on single queue devices [Orabug: 29894296]
- OL8 does not support System Purpose [Orabug: 29443881]
Remove syspurpose_role option in recommend.conf.
- Added profiles-oci-recommend package [Orabug: 29632202]
- Modified the patch for ol8 [Orabug: 29560068] (james.cheng@oracle.com)
- Added iscsi plugin, and
- added oci-rps-xps profile [Orabug: 28397039]
- added oci-busy-polling profile [Orabug: 28748149]
- added oci-cpu-power profile



ELBA-2025-9478 Oracle Linux 10 ksh bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9478

http://linux.oracle.com/errata/ELBA-2025-9478.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ksh-1.0.10-5.0.1.el10_0.1.x86_64.rpm

aarch64:
ksh-1.0.10-5.0.1.el10_0.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/ksh-1.0.10-5.0.1.el10_0.1.src.rpm

Description of changes:

[3:1.0.10-5.0.1.1]
- Disable _AST_no_spawnveg for taskset workaround [Orabug: 26754277]

[3:1.0.10-5]
- Fix long multibyte characters paste issue via ssh
Resolves: RHEL-87564



ELBA-2025-9469 Oracle Linux 10 debugedit bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9469

http://linux.oracle.com/errata/ELBA-2025-9469.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
debugedit-5.1-5.el10_0.x86_64.rpm

aarch64:
debugedit-5.1-5.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/debugedit-5.1-5.el10_0.src.rpm

Description of changes:

[5.1-5]
- Add debugedit-5.1-binutils-tools-override.patch



ELBA-2025-9417 Oracle Linux 10 libselinux bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9417

http://linux.oracle.com/errata/ELBA-2025-9417.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
libselinux-3.8-2.el10_0.x86_64.rpm
libselinux-devel-3.8-2.el10_0.x86_64.rpm
libselinux-ruby-3.8-2.el10_0.x86_64.rpm
libselinux-static-3.8-2.el10_0.x86_64.rpm
libselinux-utils-3.8-2.el10_0.x86_64.rpm
python3-libselinux-3.8-2.el10_0.x86_64.rpm

aarch64:
libselinux-3.8-2.el10_0.aarch64.rpm
libselinux-devel-3.8-2.el10_0.aarch64.rpm
libselinux-ruby-3.8-2.el10_0.aarch64.rpm
libselinux-static-3.8-2.el10_0.aarch64.rpm
libselinux-utils-3.8-2.el10_0.aarch64.rpm
python3-libselinux-3.8-2.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/libselinux-3.8-2.el10_0.src.rpm

Description of changes:

[3.8-2]
- Prioritize local literal fcontext definitions (rhbz#2360183)



ELBA-2025-7483 Oracle Linux 10 osbuild bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-7483

http://linux.oracle.com/errata/ELBA-2025-7483.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-141.2-1.0.1.el10_0.noarch.rpm
osbuild-depsolve-dnf-141.2-1.0.1.el10_0.noarch.rpm
osbuild-luks2-141.2-1.0.1.el10_0.noarch.rpm
osbuild-lvm2-141.2-1.0.1.el10_0.noarch.rpm
osbuild-ostree-141.2-1.0.1.el10_0.noarch.rpm
osbuild-selinux-141.2-1.0.1.el10_0.noarch.rpm
python3-osbuild-141.2-1.0.1.el10_0.noarch.rpm

aarch64:
osbuild-141.2-1.0.1.el10_0.noarch.rpm
osbuild-depsolve-dnf-141.2-1.0.1.el10_0.noarch.rpm
osbuild-luks2-141.2-1.0.1.el10_0.noarch.rpm
osbuild-lvm2-141.2-1.0.1.el10_0.noarch.rpm
osbuild-ostree-141.2-1.0.1.el10_0.noarch.rpm
osbuild-selinux-141.2-1.0.1.el10_0.noarch.rpm
python3-osbuild-141.2-1.0.1.el10_0.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/osbuild-141.2-1.0.1.el10_0.src.rpm

Description of changes:

[141.2-1.0.1]
- Add runner for ol8 and ol9 [Orabug: 36400619]

[141.2-1]
- New upstream release



ELBA-2025-7472 Oracle Linux 10 edk2 bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-7472

http://linux.oracle.com/errata/ELBA-2025-7472.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
edk2-aarch64-20241117-2.0.1.el10_0.1.noarch.rpm
edk2-ovmf-20241117-2.0.1.el10_0.1.noarch.rpm
edk2-tools-20241117-2.0.1.el10_0.1.x86_64.rpm
edk2-tools-doc-20241117-2.0.1.el10_0.1.noarch.rpm

aarch64:
edk2-aarch64-20241117-2.0.1.el10_0.1.noarch.rpm
edk2-ovmf-20241117-2.0.1.el10_0.1.noarch.rpm
edk2-tools-20241117-2.0.1.el10_0.1.aarch64.rpm
edk2-tools-doc-20241117-2.0.1.el10_0.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/edk2-20241117-2.0.1.el10_0.1.src.rpm

Description of changes:

[20241117-2.0.1.el10_0.1]
- Replace upstream references [Orabug:36569119]



ELBA-2025-9412 Oracle Linux 10 python3.12 bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9412

http://linux.oracle.com/errata/ELBA-2025-9412.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
python-unversioned-command-3.12.9-2.0.1.el10_0.1.noarch.rpm
python3-3.12.9-2.0.1.el10_0.1.x86_64.rpm
python3-debug-3.12.9-2.0.1.el10_0.1.x86_64.rpm
python3-devel-3.12.9-2.0.1.el10_0.1.x86_64.rpm
python3-idle-3.12.9-2.0.1.el10_0.1.x86_64.rpm
python3-libs-3.12.9-2.0.1.el10_0.1.x86_64.rpm
python3-test-3.12.9-2.0.1.el10_0.1.x86_64.rpm
python3-tkinter-3.12.9-2.0.1.el10_0.1.x86_64.rpm

aarch64:
python-unversioned-command-3.12.9-2.0.1.el10_0.1.noarch.rpm
python3-3.12.9-2.0.1.el10_0.1.aarch64.rpm
python3-debug-3.12.9-2.0.1.el10_0.1.aarch64.rpm
python3-devel-3.12.9-2.0.1.el10_0.1.aarch64.rpm
python3-idle-3.12.9-2.0.1.el10_0.1.aarch64.rpm
python3-libs-3.12.9-2.0.1.el10_0.1.aarch64.rpm
python3-test-3.12.9-2.0.1.el10_0.1.aarch64.rpm
python3-tkinter-3.12.9-2.0.1.el10_0.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/python3.12-3.12.9-2.0.1.el10_0.1.src.rpm

Description of changes:

[3.12.9-2.0.1.1]
- Remove upstream URL reference

[3.12.9-2.1]
- Apply Intel's CET for mitigation against control-flow hijacking attacks



ELBA-2025-9414 Oracle Linux 10 ethtool bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9414

http://linux.oracle.com/errata/ELBA-2025-9414.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ethtool-6.11-5.el10_0.x86_64.rpm

aarch64:
ethtool-6.11-5.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/ethtool-6.11-5.el10_0.src.rpm

Description of changes:

[2:6.11-5]
- Fix MDI-X showing as Unknown (RHEL-75979)

[2:6.11-4]
- Fixed gating



ELBA-2025-9345 Oracle Linux 10 ansible-freeipa bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-9345

http://linux.oracle.com/errata/ELBA-2025-9345.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ansible-freeipa-1.14.5-3.el10_0.noarch.rpm

aarch64:
ansible-freeipa-1.14.5-3.el10_0.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/ansible-freeipa-1.14.5-3.el10_0.src.rpm

Description of changes:

[1.14.5-3]
- Fix AttributeError by defaulting dns_over_tls to False
Resolves: RHEL-92892

[1.14.5-2]
- Fix CA certificates iteration
Resolves: RHEL-88214



ELBA-2025-7469 Oracle Linux 10 .NET 9.0 bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-7469

http://linux.oracle.com/errata/ELBA-2025-7469.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
aspnetcore-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
aspnetcore-targeting-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-apphost-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-host-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-hostfxr-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-runtime-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-aot-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-sdk-dbg-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
dotnet-targeting-pack-9.0-9.0.6-1.0.1.el10_0.x86_64.rpm
dotnet-templates-9.0-9.0.107-1.0.1.el10_0.x86_64.rpm
netstandard-targeting-pack-2.1-9.0.107-1.0.1.el10_0.x86_64.rpm

aarch64:
aspnetcore-runtime-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
aspnetcore-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
aspnetcore-targeting-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-apphost-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-host-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-hostfxr-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-runtime-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-runtime-dbg-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-aot-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-sdk-dbg-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
dotnet-targeting-pack-9.0-9.0.6-1.0.1.el10_0.aarch64.rpm
dotnet-templates-9.0-9.0.107-1.0.1.el10_0.aarch64.rpm
netstandard-targeting-pack-2.1-9.0.107-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/dotnet9.0-9.0.107-1.0.1.el10_0.src.rpm

Description of changes:

[9.0.107-1.0.1]
- Add support for Oracle Linux

[9.0.107-1]
- Update to .NET SDK 9.0.107 and Runtime 9.0.6
- Resolves: RHEL-94423

[9.0.106-2]
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
- Resolves: RHEL-89452

[9.0.105-2]
- Update to .NET SDK 9.0.105 and Runtime 9.0.4
- Resolves: RHEL-85281

[9.0.104-2]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81647



ELBA-2025-7460 Oracle Linux 10 osbuild-composer bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-7460

http://linux.oracle.com/errata/ELBA-2025-7460.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-134.1-2.0.1.el10_0.x86_64.rpm
osbuild-composer-core-134.1-2.0.1.el10_0.x86_64.rpm
osbuild-composer-worker-134.1-2.0.1.el10_0.x86_64.rpm

aarch64:
osbuild-composer-134.1-2.0.1.el10_0.aarch64.rpm
osbuild-composer-core-134.1-2.0.1.el10_0.aarch64.rpm
osbuild-composer-worker-134.1-2.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/osbuild-composer-134.1-2.0.1.el10_0.src.rpm

Description of changes:

[134.1-2.0.1]
- Add OL10 support
- Update repository URLs for baseos, appstream and UERK
- Fix the label for UEKR repository
- Simplify repository names [JIRA: OLDIS-35893]
- Ensure build on latest golang: CVE-2024-34156
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]

[134.1-2]
- Rebuild for CVE-2025-22871

[134.1-1]
- Import upstream 134.1



ELSA-2025-10136 Important: Oracle Linux 9 python3.9 security update


Oracle Linux Security Advisory ELSA-2025-10136

http://linux.oracle.com/errata/ELSA-2025-10136.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python-unversioned-command-3.9.21-2.el9_6.1.noarch.rpm
python3-3.9.21-2.el9_6.1.i686.rpm
python3-3.9.21-2.el9_6.1.x86_64.rpm
python3-debug-3.9.21-2.el9_6.1.i686.rpm
python3-debug-3.9.21-2.el9_6.1.x86_64.rpm
python3-devel-3.9.21-2.el9_6.1.i686.rpm
python3-devel-3.9.21-2.el9_6.1.x86_64.rpm
python3-idle-3.9.21-2.el9_6.1.i686.rpm
python3-idle-3.9.21-2.el9_6.1.x86_64.rpm
python3-libs-3.9.21-2.el9_6.1.i686.rpm
python3-libs-3.9.21-2.el9_6.1.x86_64.rpm
python3-test-3.9.21-2.el9_6.1.i686.rpm
python3-test-3.9.21-2.el9_6.1.x86_64.rpm
python3-tkinter-3.9.21-2.el9_6.1.i686.rpm
python3-tkinter-3.9.21-2.el9_6.1.x86_64.rpm

aarch64:
python-unversioned-command-3.9.21-2.el9_6.1.noarch.rpm
python3-3.9.21-2.el9_6.1.aarch64.rpm
python3-debug-3.9.21-2.el9_6.1.aarch64.rpm
python3-devel-3.9.21-2.el9_6.1.aarch64.rpm
python3-idle-3.9.21-2.el9_6.1.aarch64.rpm
python3-libs-3.9.21-2.el9_6.1.aarch64.rpm
python3-test-3.9.21-2.el9_6.1.aarch64.rpm
python3-tkinter-3.9.21-2.el9_6.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.9-3.9.21-2.el9_6.1.src.rpm

Related CVEs:

CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517

Description of changes:

[3.9.21-2.1]
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
Resolves: RHEL-98053, RHEL-98025, RHEL-98243, RHEL-98195, RHEL-98219



ELSA-2025-10072 Important: Oracle Linux 9 firefox security update


Oracle Linux Security Advisory ELSA-2025-10072

http://linux.oracle.com/errata/ELSA-2025-10072.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-128.12.0-1.0.1.el9_6.x86_64.rpm
firefox-x11-128.12.0-1.0.1.el9_6.x86_64.rpm

aarch64:
firefox-128.12.0-1.0.1.el9_6.aarch64.rpm
firefox-x11-128.12.0-1.0.1.el9_6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/firefox-128.12.0-1.0.1.el9_6.src.rpm

Related CVEs:

CVE-2025-6424
CVE-2025-6425
CVE-2025-6429
CVE-2025-6430

Description of changes:

[128.12.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[128.12.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[128.12.0-1]
- Update to 128.12.0 build1



ELSA-2025-10074 Important: Oracle Linux 8 firefox security update


Oracle Linux Security Advisory ELSA-2025-10074

http://linux.oracle.com/errata/ELSA-2025-10074.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-128.12.0-1.0.1.el8_10.x86_64.rpm

aarch64:
firefox-128.12.0-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/firefox-128.12.0-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-6424
CVE-2025-6425
CVE-2025-6429
CVE-2025-6430

Description of changes:

[128.12.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]

[128.12.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[128.12.0-1]
- Update to 128.12.0 build1



ELSA-2025-10027 Important: Oracle Linux 8 pam security update


Oracle Linux Security Advisory ELSA-2025-10027

http://linux.oracle.com/errata/ELSA-2025-10027.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pam-1.3.1-37.0.1.el8_10.i686.rpm
pam-1.3.1-37.0.1.el8_10.x86_64.rpm
pam-devel-1.3.1-37.0.1.el8_10.i686.rpm
pam-devel-1.3.1-37.0.1.el8_10.x86_64.rpm

aarch64:
pam-1.3.1-37.0.1.el8_10.aarch64.rpm
pam-devel-1.3.1-37.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/pam-1.3.1-37.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-6020

Description of changes:

[1.3.1-37.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695]

[1.3.1-37]
- pam_namespace: fix potential privilege escalation.
Resolves: CVE-2025-6020 and RHEL-96724



ELSA-2025-10026 Important: Oracle Linux 8 python3.11 security update


Oracle Linux Security Advisory ELSA-2025-10026

http://linux.oracle.com/errata/ELSA-2025-10026.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-3.11.13-1.0.1.el8_10.x86_64.rpm
python3.11-debug-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-debug-3.11.13-1.0.1.el8_10.x86_64.rpm
python3.11-devel-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-devel-3.11.13-1.0.1.el8_10.x86_64.rpm
python3.11-idle-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-idle-3.11.13-1.0.1.el8_10.x86_64.rpm
python3.11-libs-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-libs-3.11.13-1.0.1.el8_10.x86_64.rpm
python3.11-rpm-macros-3.11.13-1.0.1.el8_10.noarch.rpm
python3.11-test-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-test-3.11.13-1.0.1.el8_10.x86_64.rpm
python3.11-tkinter-3.11.13-1.0.1.el8_10.i686.rpm
python3.11-tkinter-3.11.13-1.0.1.el8_10.x86_64.rpm

aarch64:
python3.11-3.11.13-1.0.1.el8_10.aarch64.rpm
python3.11-debug-3.11.13-1.0.1.el8_10.aarch64.rpm
python3.11-devel-3.11.13-1.0.1.el8_10.aarch64.rpm
python3.11-idle-3.11.13-1.0.1.el8_10.aarch64.rpm
python3.11-libs-3.11.13-1.0.1.el8_10.aarch64.rpm
python3.11-rpm-macros-3.11.13-1.0.1.el8_10.noarch.rpm
python3.11-test-3.11.13-1.0.1.el8_10.aarch64.rpm
python3.11-tkinter-3.11.13-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.11-3.11.13-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517

Description of changes:

[3.11.13-1.0.1]
- Update rpm-macros description [Orabug: 36024572]

[3.11.13-1]
- Update to 3.11.13
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
Resolves: RHEL-98037, RHEL-98006, RHEL-98223, RHEL-98114, RHEL-98200


Key, Pythom Sudo, and more updates for AlmaLinux

Runc, ClamAV, Xorg-X11-Server, Python-Requests updates for SUSE

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...