Oracle has released security updates for its Linux distributions. The updates address vulnerabilities in PostgreSQL (CVE-2025-8714 and CVE-2025-8715) for Oracle Linux 10 and 9, as well as a security fix for Python3.11 (CVE-2025-8194) for Oracle Linux 8. Additionally, an important update has been released for Thunderbird on Oracle Linux 8 to address multiple vulnerabilities.

ELSA-2025-14826 Important: Oracle Linux 10 postgresql16 security update
ELSA-2025-14827 Important: Oracle Linux 9 postgresql:16 security update
ELSA-2025-14841 Moderate: Oracle Linux 8 python3.11 security update
ELSA-2025-14743 Important: Oracle Linux 8 thunderbird security update
ELBA-2025-14544 Oracle Linux 8 osbuild-composer bug fix and enhancement update

ELSA-2025-14826 Important: Oracle Linux 10 postgresql16 security update

Oracle Linux Security Advisory ELSA-2025-14826

http://linux.oracle.com/errata/ELSA-2025-14826.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
postgresql-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-contrib-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-docs-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-plperl-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-plpython3-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-pltcl-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-private-devel-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-private-libs-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-server-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-server-devel-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-static-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-test-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-test-rpm-macros-16.10-1.0.1.el10_0.noarch.rpm
postgresql-upgrade-16.10-1.0.1.el10_0.x86_64.rpm
postgresql-upgrade-devel-16.10-1.0.1.el10_0.x86_64.rpm

aarch64:
postgresql-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-contrib-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-docs-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-plperl-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-plpython3-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-pltcl-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-private-devel-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-private-libs-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-server-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-server-devel-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-static-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-test-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-test-rpm-macros-16.10-1.0.1.el10_0.noarch.rpm
postgresql-upgrade-16.10-1.0.1.el10_0.aarch64.rpm
postgresql-upgrade-devel-16.10-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/postgresql16-16.10-1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-8714
CVE-2025-8715

Description of changes:

[16.10-1.0.1]
- Replace upstream reference [Orabug: 37044148]

[16.10-1]
- Update to version 16.10
- Resolves: rhbz#2388580

[16.8-2]
- Add tmpfiles.d configuration

ELSA-2025-14827 Important: Oracle Linux 9 postgresql:16 security update

Oracle Linux Security Advisory ELSA-2025-14827

http://linux.oracle.com/errata/ELSA-2025-14827.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
pgaudit-16.0-1.module+el9.4.0+90394+9e4f3cba.x86_64.rpm
pg_repack-1.5.1-1.module+el9.6.0+90592+523cb846.x86_64.rpm
pgvector-0.6.2-2.module+el9.6.0+90592+523cb846.x86_64.rpm
postgres-decoderbufs-2.4.0-1.Final.module+el9.4.0+90394+9e4f3cba.x86_64.rpm
postgresql-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-contrib-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-docs-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-plperl-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-plpython3-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-pltcl-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-private-devel-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-private-libs-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-server-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-server-devel-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-static-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-test-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-test-rpm-macros-16.10-1.module+el9.6.0+90645+dc18b914.noarch.rpm
postgresql-upgrade-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm
postgresql-upgrade-devel-16.10-1.module+el9.6.0+90645+dc18b914.x86_64.rpm

aarch64:
pgaudit-16.0-1.module+el9.4.0+90394+9e4f3cba.aarch64.rpm
pg_repack-1.5.1-1.module+el9.6.0+90592+523cb846.aarch64.rpm
pgvector-0.6.2-2.module+el9.6.0+90592+523cb846.aarch64.rpm
postgres-decoderbufs-2.4.0-1.Final.module+el9.4.0+90394+9e4f3cba.aarch64.rpm
postgresql-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-contrib-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-docs-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-plperl-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-plpython3-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-pltcl-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-private-devel-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-private-libs-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-server-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-server-devel-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-static-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-test-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-test-rpm-macros-16.10-1.module+el9.6.0+90645+dc18b914.noarch.rpm
postgresql-upgrade-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm
postgresql-upgrade-devel-16.10-1.module+el9.6.0+90645+dc18b914.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/pgaudit-16.0-1.module+el9.4.0+90394+9e4f3cba.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/pg_repack-1.5.1-1.module+el9.6.0+90592+523cb846.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/pgvector-0.6.2-2.module+el9.6.0+90592+523cb846.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/postgres-decoderbufs-2.4.0-1.Final.module+el9.4.0+90394+9e4f3cba.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/postgresql-16.10-1.module+el9.6.0+90645+dc18b914.src.rpm

Related CVEs:

CVE-2025-8714
CVE-2025-8715

Description of changes:

pgaudit
pg_repack
pgvector
[0.6.2-2]
- Enable Portable build
- Resolves: RHEL-84405

postgres-decoderbufs
postgresql
[16.10-1]
- Update to 16.10

ELSA-2025-14841 Moderate: Oracle Linux 8 python3.11 security update

Oracle Linux Security Advisory ELSA-2025-14841

http://linux.oracle.com/errata/ELSA-2025-14841.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-3.11.13-2.0.1.el8_10.x86_64.rpm
python3.11-debug-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-debug-3.11.13-2.0.1.el8_10.x86_64.rpm
python3.11-devel-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-devel-3.11.13-2.0.1.el8_10.x86_64.rpm
python3.11-idle-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-idle-3.11.13-2.0.1.el8_10.x86_64.rpm
python3.11-libs-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-libs-3.11.13-2.0.1.el8_10.x86_64.rpm
python3.11-rpm-macros-3.11.13-2.0.1.el8_10.noarch.rpm
python3.11-test-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-test-3.11.13-2.0.1.el8_10.x86_64.rpm
python3.11-tkinter-3.11.13-2.0.1.el8_10.i686.rpm
python3.11-tkinter-3.11.13-2.0.1.el8_10.x86_64.rpm

aarch64:
python3.11-3.11.13-2.0.1.el8_10.aarch64.rpm
python3.11-debug-3.11.13-2.0.1.el8_10.aarch64.rpm
python3.11-devel-3.11.13-2.0.1.el8_10.aarch64.rpm
python3.11-idle-3.11.13-2.0.1.el8_10.aarch64.rpm
python3.11-libs-3.11.13-2.0.1.el8_10.aarch64.rpm
python3.11-rpm-macros-3.11.13-2.0.1.el8_10.noarch.rpm
python3.11-test-3.11.13-2.0.1.el8_10.aarch64.rpm
python3.11-tkinter-3.11.13-2.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.11-3.11.13-2.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-8194

Description of changes:

[3.11.13-2.0.1]
- Update rpm-macros description [Orabug: 36024572]

[3.11.13-2]
- Security fix for CVE-2025-8194
Resolves: RHEL-106338

ELSA-2025-14743 Important: Oracle Linux 8 thunderbird security update

Oracle Linux Security Advisory ELSA-2025-14743

http://linux.oracle.com/errata/ELSA-2025-14743.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.14.0-3.0.1.el8_10.x86_64.rpm

aarch64:
thunderbird-128.14.0-3.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/thunderbird-128.14.0-3.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-9179
CVE-2025-9180
CVE-2025-9181
CVE-2025-9182
CVE-2025-9185

Description of changes:

[128.14.0-3.0.1]
- Fix prefs for new nss [Orabug: 37079820]
- Add Oracle prefs file

[128.14.0]
- Add OpenELA debranding

[128.14.0-3]
- Update to 128.14.0 build2

[128.14.0-2]
- Add missing translations

[128.14.0-1]
- Update to 128.14.0 build1

ELBA-2025-14544 Oracle Linux 8 osbuild-composer bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-14544

http://linux.oracle.com/errata/ELBA-2025-14544.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-101.4-1.0.1.el8_10.x86_64.rpm
osbuild-composer-core-101.4-1.0.1.el8_10.x86_64.rpm
osbuild-composer-worker-101.4-1.0.1.el8_10.x86_64.rpm

aarch64:
osbuild-composer-101.4-1.0.1.el8_10.aarch64.rpm
osbuild-composer-core-101.4-1.0.1.el8_10.aarch64.rpm
osbuild-composer-worker-101.4-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/osbuild-composer-101.4-1.0.1.el8_10.src.rpm

Description of changes:

[101.4-1.0.1]
- Rebuilt to fix:
- CVE-2024-34156
- CVE-2024-1394
- RHEL-24303
- RHEL-57905
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- support for building OL8/9 images on Oracle Linux 8 [Orabug: 36400619]

[101.4-1]
- Resolves: RHEL-95416