Oracle Linux has released several security updates, including one for Oracle Linux 8's ol-automation-manager (OLAMSA-2025-0016 and OLAMSA-2025-0017), which are considered important. Another set of updates includes moderate fixes for Oracle Linux 9's python-aiohttp (OLAMSA-2025-0018) and perl-JSON-XS (ELSA-2025-17162). In addition, there are security and bug fix updates available for various components in Oracle Linux 10, including the kernel (ELSA-2025-16904), 389-ds-base (ELBA-2025-15533), and idm:DL1 (ELSA-2025-17129). Moderate and important fixes have also been released for older versions of Oracle Linux, such as Python3 in version 7 (ELSA-2025-16117) and IPA in version 9 (ELSA-2025-17084).

OLAMSA-2025-0016 Important: Oracle Linux 8 ol-automation-manager security update
OLAMSA-2025-0018 Moderate: Oracle Linux 9 python-aiohttp security update
ELSA-2025-16904 Moderate: Oracle Linux 10 kernel security update
ELBA-2025-15533 Oracle Linux 10 389-ds-base bug fix and enhancement update
OLAMSA-2025-0017 Important: Oracle Linux 8 ol-automation-manager security update
ELSA-2025-17084 Important: Oracle Linux 9 ipa security update
ELSA-2025-17162 Moderate: Oracle Linux 9 perl-JSON-XS security update
ELSA-2025-17129 Important: Oracle Linux 8 idm:DL1 security update
ELSA-2025-17163 Moderate: Oracle Linux 8 perl-JSON-XS security update
ELSA-2025-16117 Moderate: Oracle Linux 7 python3 security update

OLAMSA-2025-0016 Important: Oracle Linux 8 ol-automation-manager security update

Oracle Linux Security Advisory OLAMSA-2025-0016

http://linux.oracle.com/errata/OLAMSA-2025-0016.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ol-automation-manager-2.3.1-3.el8.x86_64.rpm
ol-automation-manager-cli-2.3.1-3.el8.noarch.rpm
python311-olamkit-2.3.1-3.el8.noarch.rpm
python3.11-aiohttp-3.9.5-1.0.4.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/ol-automation-manager-2.3.1-3.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-aiohttp-3.9.5-1.0.4.el8.src.rpm

Related CVEs:

CVE-2025-53643
CVE-2024-52304
CVE-2025-57833

Description of changes:

ol-automation-manager
[2.3.1-3.el8]
- OLAM-893 Fix for CVE-2025-57833

[2.3.1-1.el8]
- OLAM-853 Provide support for OLVM inventory and credential.
- OLAM-874 Provide support for OCI inventory.

OLAMSA-2025-0018 Moderate: Oracle Linux 9 python-aiohttp security update

Oracle Linux Security Advisory OLAMSA-2025-0018

http://linux.oracle.com/errata/OLAMSA-2025-0018.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-aiohttp-3.9.5-1.0.4.el9.x86_64.rpm
python3.11-django-4.2.17-1.0.1.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python-aiohttp-3.9.5-1.0.4.el9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/python-django-4.2.17-1.0.1.el9.src.rpm

Related CVEs:

CVE-2025-53643
CVE-2024-52304
CVE-2025-26699

Description of changes:

python-aiohttp
[3.9.5-1.0.4]
- OLAM-889 Apply patch for CVE-2025-53643

python-django
[4.2.17-1.0.1]
- OLAM-880 Apply patch for CVE-2025-26699

ELSA-2025-16904 Moderate: Oracle Linux 10 kernel security update

Oracle Linux Security Advisory ELSA-2025-16904

http://linux.oracle.com/errata/ELSA-2025-16904.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-abi-stablelists-6.12.0-55.37.1.0.1.el10_0.noarch.rpm
kernel-core-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-cross-headers-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-core-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-matched-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-core-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-extra-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-debug-uki-virt-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-devel-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-devel-matched-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-doc-6.12.0-55.37.1.0.1.el10_0.noarch.rpm
kernel-headers-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-modules-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-modules-core-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-modules-extra-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-tools-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-devel-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-addons-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
libperf-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
perf-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
python3-perf-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
rtla-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm
rv-6.12.0-55.37.1.0.1.el10_0.x86_64.rpm

aarch64:
kernel-cross-headers-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
kernel-headers-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
kernel-tools-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-devel-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
libperf-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
perf-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
python3-perf-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
rtla-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm
rv-6.12.0-55.37.1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-6.12.0-55.37.1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-38396
CVE-2025-38523
CVE-2025-38527
CVE-2025-39682
CVE-2025-39694
CVE-2025-39698

Description of changes:

[6.12.0-55.37.1.0.1]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 "Databases" menu blank in Cockpit [rhel-10.0.z]
- Resolves: RHEL-109890 - RootDN Access Control Plugin with wildcards for IP addresses fails with an error "Invalid IP address" [rhel-10.0.z]
- Resolves: RHEL-109893 - On RHDS 12.6 The user password policy for a user was created, but the pwdpolicysubentry attribute for this user incorrectly points to the People OU password - policy instead of the specific user policy. [rhel-10.0.z]
- Resolves: RHEL-109898 - AddressSanitizer: leak in do_search [rhel-10.0.z]
- Resolves: RHEL-109905 - ns-slapd crashed when we add nsslapd-referral [rhel-10.0.z]
- Resolves: RHEL-109947 - CWE-284 dirsrv log rotation creates files with world readable permission [rhel-10.0.z]
- Resolves: RHEL-109956 - CWE-532 Created user password hash available to see in audit log [rhel-10.0.z]
- Resolves: RHEL-109959 - CWE-778 Log doesn't show what user gets password changed by administrator [rhel-10.0.z]
- Resolves: RHEL-110405 - RHDS12: Web console doesn't show Server Version [rhel-10.0.z]
- Resolves: RHEL-80498 - Can't rename users member of automember rule [rhel-10.0.z]
- Resolves: RHEL-92053 - Memory leak in roles_cache_create_object_from_entry [rhel-10.0.z]

OLAMSA-2025-0017 Important: Oracle Linux 8 ol-automation-manager security update

Oracle Linux Security Advisory OLAMSA-2025-0017

http://linux.oracle.com/errata/OLAMSA-2025-0017.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ol-automation-manager-2.2.0-43.el8.x86_64.rpm
ol-automation-manager-cli-2.2.0-43.el8.noarch.rpm
python311-olamkit-2.2.0-43.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/ol-automation-manager-2.2.0-43.el8.src.rpm

Related CVEs:

CVE-2024-45590
CVE-2025-57833
CVE-2025-53643

Description of changes:

[2.2.0-43.el8]
- OLAM-888 Fix for CVE-2024-45590
- OLAM-893 Fix for CVE-2025-57833

[2.2.0-42.el8]
- OLAM-889 Fix for CVE-2025-53643

ELSA-2025-17084 Important: Oracle Linux 9 ipa security update

Oracle Linux Security Advisory ELSA-2025-17084

http://linux.oracle.com/errata/ELSA-2025-17084.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
ipa-client-4.12.2-14.0.1.el9_6.5.x86_64.rpm
ipa-client-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-client-encrypted-dns-4.12.2-14.0.1.el9_6.5.x86_64.rpm
ipa-client-epn-4.12.2-14.0.1.el9_6.5.x86_64.rpm
ipa-client-samba-4.12.2-14.0.1.el9_6.5.x86_64.rpm
ipa-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-selinux-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-selinux-luna-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-selinux-nfast-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-server-4.12.2-14.0.1.el9_6.5.x86_64.rpm
ipa-server-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-server-dns-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-server-encrypted-dns-4.12.2-14.0.1.el9_6.5.x86_64.rpm
ipa-server-trust-ad-4.12.2-14.0.1.el9_6.5.x86_64.rpm
python3-ipaclient-4.12.2-14.0.1.el9_6.5.noarch.rpm
python3-ipalib-4.12.2-14.0.1.el9_6.5.noarch.rpm
python3-ipaserver-4.12.2-14.0.1.el9_6.5.noarch.rpm
python3-ipatests-4.12.2-14.0.1.el9_6.5.noarch.rpm

aarch64:
ipa-client-4.12.2-14.0.1.el9_6.5.aarch64.rpm
ipa-client-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-client-encrypted-dns-4.12.2-14.0.1.el9_6.5.aarch64.rpm
ipa-client-epn-4.12.2-14.0.1.el9_6.5.aarch64.rpm
ipa-client-samba-4.12.2-14.0.1.el9_6.5.aarch64.rpm
ipa-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-selinux-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-selinux-luna-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-selinux-nfast-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-server-4.12.2-14.0.1.el9_6.5.aarch64.rpm
ipa-server-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-server-dns-4.12.2-14.0.1.el9_6.5.noarch.rpm
ipa-server-encrypted-dns-4.12.2-14.0.1.el9_6.5.aarch64.rpm
ipa-server-trust-ad-4.12.2-14.0.1.el9_6.5.aarch64.rpm
python3-ipaclient-4.12.2-14.0.1.el9_6.5.noarch.rpm
python3-ipalib-4.12.2-14.0.1.el9_6.5.noarch.rpm
python3-ipaserver-4.12.2-14.0.1.el9_6.5.noarch.rpm
python3-ipatests-4.12.2-14.0.1.el9_6.5.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/ipa-4.12.2-14.0.1.el9_6.5.src.rpm

Related CVEs:

CVE-2025-7493

Description of changes:

[4.12.2-14.0.1.5]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Add bind to ipa-server-common Requires [Orabug: 36518596]

[4.12.2-14.5]
- Resolves: RHEL-110068
EMBARGOED CVE-2025-7493 ipa: Privilege escalation from host to domain admin in FreeIPA

[4.12.2-14.4]
- Resolves: RHEL-110068
EMBARGOED CVE-2025-7493 ipa: Privilege escalation from host to domain admin in FreeIPA

ELSA-2025-17162 Moderate: Oracle Linux 9 perl-JSON-XS security update

Oracle Linux Security Advisory ELSA-2025-17162

http://linux.oracle.com/errata/ELSA-2025-17162.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-JSON-XS-4.04-1.el9_6.x86_64.rpm

aarch64:
perl-JSON-XS-4.04-1.el9_6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/perl-JSON-XS-4.04-1.el9_6.src.rpm

Related CVEs:

CVE-2025-40928

Description of changes:

[1:4.04-1]
- Update to 4.04
- Fix CVE-2025-40928

ELSA-2025-17129 Important: Oracle Linux 8 idm:DL1 security update

Oracle Linux Security Advisory ELSA-2025-17129

http://linux.oracle.com/errata/ELSA-2025-17129.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.x86_64.rpm
custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
ipa-client-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-client-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-client-epn-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-client-samba-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-core-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-python-compat-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-selinux-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-server-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-dns-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-trust-ad-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.x86_64.rpm
python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-ipaclient-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipalib-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipaserver-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipatests-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.noarch.rpm
python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-qrcode-core-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.x86_64.rpm
softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm
softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm

aarch64:
bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.aarch64.rpm
custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
ipa-client-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-client-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-client-epn-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-client-samba-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-core-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-python-compat-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-selinux-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-server-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-dns-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-trust-ad-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.aarch64.rpm
python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-ipaclient-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipalib-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipaserver-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipatests-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.noarch.rpm
python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-qrcode-core-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.aarch64.rpm
softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm
softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/ipa-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/ipa-healthcheck-0.12-6.module+el8.10.0+90676+16d53ab4.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-qrcode-5.3-1.module+el8.10.0+90676+16d53ab4.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.src.rpm

Related CVEs:

CVE-2025-7493

Description of changes:

bind-dyndb-ldap
[11.6-6]
- Fix rpminspect warnings
Resolves: RHEL-22497

custodia
ipa
[4.9.13-20.0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]

[4.9.13-20]
- Refactor ipatests for unique krbcanonicalname
Resolves: RHEL-110061

[4.9.13-19]
- Enforce uniqueness across krbprincipalname and krbcanonicalname
ipa-kdb: enforce PAC presence on TGT for TGS-REQ
ipatests: extend test for unique krbcanonicalname
Resolves: RHEL-110061

ipa-healthcheck
opendnssec
[2.1.7-2]
- Don't creat /var/run/opendnssec directory
- Resolves: RHEL-12163

python-jwcrypto
python-kdcproxy
[0.4-5.1]
- Log KDC timeout only once per request
Resolves: RHEL-68634

python-qrcode
python-yubico
pyusb
slapi-nis
softhsm

ELSA-2025-17163 Moderate: Oracle Linux 8 perl-JSON-XS security update

Oracle Linux Security Advisory ELSA-2025-17163

http://linux.oracle.com/errata/ELSA-2025-17163.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-JSON-XS-3.04-4.el8_10.x86_64.rpm

aarch64:
perl-JSON-XS-3.04-4.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/perl-JSON-XS-3.04-4.el8_10.src.rpm

Related CVEs:

CVE-2025-40928

Description of changes:

[1:3.04-4]
- Resolves: RHEL-113630 - Fix CVE-2025-40928
- Package tests

ELSA-2025-16117 Moderate: Oracle Linux 7 python3 security update

Oracle Linux Security Advisory ELSA-2025-16117

http://linux.oracle.com/errata/ELSA-2025-16117.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-3.6.8-21.0.5.el7_9.i686.rpm
python3-3.6.8-21.0.5.el7_9.x86_64.rpm
python3-debug-3.6.8-21.0.5.el7_9.i686.rpm
python3-debug-3.6.8-21.0.5.el7_9.x86_64.rpm
python3-devel-3.6.8-21.0.5.el7_9.i686.rpm
python3-devel-3.6.8-21.0.5.el7_9.x86_64.rpm
python3-idle-3.6.8-21.0.5.el7_9.i686.rpm
python3-idle-3.6.8-21.0.5.el7_9.x86_64.rpm
python3-libs-3.6.8-21.0.5.el7_9.i686.rpm
python3-libs-3.6.8-21.0.5.el7_9.x86_64.rpm
python3-test-3.6.8-21.0.5.el7_9.i686.rpm
python3-test-3.6.8-21.0.5.el7_9.x86_64.rpm
python3-tkinter-3.6.8-21.0.5.el7_9.i686.rpm
python3-tkinter-3.6.8-21.0.5.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python3-3.6.8-21.0.5.el7_9.src.rpm

Related CVEs:

CVE-2025-8194

Description of changes:

[3.6.8-21.0.5]
- tarfile now validates archives to ensure member offsets are non-negative [Orabug: 38442771][CVE-2025-8194]