Python, GCC-Toolset, Kernel, and more updates for Oracle Linux

Oracle Linux 6440 Published by

Multiple updates are available for Oracle Linux, including security patches and bug fixes. The updates affect various versions of Oracle Linux, including 7, 8, 9, and 10, with some updates specific to individual components like Python, GCC, and the kernel. Security-related updates have been flagged as important or moderate severity, addressing potential vulnerabilities in software packages such as PHP, Java, and Perl.

ELSA-2026-1410 Moderate: Oracle Linux 9 python3.11 security update
ELSA-2026-1408 Moderate: Oracle Linux 9 python3.12 security update
ELSA-2026-1089 Important: Oracle Linux 9 python3.11-urllib3 security update
ELSA-2026-1088 Important: Oracle Linux 9 python3.12-urllib3 security update
ELSA-2026-1087 Important: Oracle Linux 9 python-urllib3 security update
ELBA-2026-1356 Oracle Linux 9 fuse-overlayfs bug fix and enhancement update
ELSA-2026-1359 Moderate: Oracle Linux 9 gcc-toolset-15-binutils security update
ELSA-2026-1350 Moderate: Oracle Linux 9 curl security update
ELBA-2026-1358 Oracle Linux 9 WALinuxAgent bug fix and enhancement update
ELBA-2026-1357 Oracle Linux 9 rig bug fix and enhancement update
ELBA-2026-1355 Oracle Linux 9 mod_security_crs bug fix and enhancement update
ELBA-2026-1354 Oracle Linux 9 dpdk bug fix and enhancement update
ELBA-2026-1352 Oracle Linux 9 device-mapper-multipath bug fix and enhancement update
ELBA-2026-1351 Oracle Linux 9 microcode_ctl bug fix and enhancement update
ELSA-2026-1381 Moderate: Oracle Linux 9 osbuild-composer security update
ELSA-2026-1239 Important: Oracle Linux 9 fence-agents security update
ELSA-2026-1143 Important: Oracle Linux 9 kernel security update
ELBA-2026-1364 Oracle Linux 9 libvirt bug fix and enhancement update
ELBA-2026-1363 Oracle Linux 9 virt-v2v bug fix and enhancement update
ELBA-2026-1360 Oracle Linux 9 nmstate bug fix and enhancement update
ELBA-2026-1362 Oracle Linux 9 cmake bug fix and enhancement update
ELBA-2026-50072 Oracle Linux 9 gcc bug fix update
ELBA-2026-50069 Oracle Linux 9 bootc bug fix update
ELSA-2026-1334 Moderate: Oracle Linux 10 glibc security update
ELSA-2026-1178 Moderate: Oracle Linux 10 kernel security update
ELSA-2026-1086 Important: Oracle Linux 10 python-urllib3 security update
ELBA-2026-50070 Oracle Linux 10 bootc bug fix update
ELSA-2026-50071 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELBA-2026-1142-1 Oracle Linux 8 kernel bug fix update
ELSA-2026-1412 Important: Oracle Linux 8 php:8.2 security update
ELSA-2026-1374 Moderate: Oracle Linux 8 python3.11 security update
ELSA-2026-1344 Important: Oracle Linux 8 grafana security update
ELSA-2026-1224 Important: Oracle Linux 8 python3.11-urllib3 security update
ELSA-2026-1254 Important: Oracle Linux 8 python-urllib3 security update
ELSA-2026-1240 Important: Oracle Linux 8 fence-agents security update
ELSA-2026-1226 Important: Oracle Linux 8 python3.12-urllib3 security update
ELSA-2026-1142 Important: Oracle Linux 8 kernel security update
ELSA-2026-0932 Important: Oracle Linux 8 java-1.8.0-openjdk security update
ELSA-2026-0928 Important: Oracle Linux 8 java-21-openjdk security update
ELSA-2026-50071 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50071 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2026-0367 Important: Oracle Linux 7 mariadb security update
ELSA-2026-0079 Moderate: Oracle Linux 7 perl security update
ELBA-2025-22492 Oracle Linux 7 ca-certificates bug fix and enhancement update



ELSA-2026-1410 Moderate: Oracle Linux 9 python3.11 security update


Oracle Linux Security Advisory ELSA-2026-1410

http://linux.oracle.com/errata/ELSA-2026-1410.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-3.11.13-5.0.1.el9_7.x86_64.rpm
python3.11-debug-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-debug-3.11.13-5.0.1.el9_7.x86_64.rpm
python3.11-devel-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-devel-3.11.13-5.0.1.el9_7.x86_64.rpm
python3.11-idle-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-idle-3.11.13-5.0.1.el9_7.x86_64.rpm
python3.11-libs-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-libs-3.11.13-5.0.1.el9_7.x86_64.rpm
python3.11-test-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-test-3.11.13-5.0.1.el9_7.x86_64.rpm
python3.11-tkinter-3.11.13-5.0.1.el9_7.i686.rpm
python3.11-tkinter-3.11.13-5.0.1.el9_7.x86_64.rpm

aarch64:
python3.11-3.11.13-5.0.1.el9_7.aarch64.rpm
python3.11-debug-3.11.13-5.0.1.el9_7.aarch64.rpm
python3.11-devel-3.11.13-5.0.1.el9_7.aarch64.rpm
python3.11-idle-3.11.13-5.0.1.el9_7.aarch64.rpm
python3.11-libs-3.11.13-5.0.1.el9_7.aarch64.rpm
python3.11-test-3.11.13-5.0.1.el9_7.aarch64.rpm
python3.11-tkinter-3.11.13-5.0.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.11-3.11.13-5.0.1.el9_7.src.rpm

Related CVEs:

CVE-2025-12084
CVE-2025-13836

Description of changes:

[3.11.13-5.0.1]
- Remove upstream URL reference [Orabug: 36073032]

[3.11.13-5]
- Security fix for CVE-2025-13836
Resolves: RHEL-141025

[3.11.13-4]
- Security fix for CVE-2025-12084
Resolves: RHEL-135395



ELSA-2026-1408 Moderate: Oracle Linux 9 python3.12 security update


Oracle Linux Security Advisory ELSA-2026-1408

http://linux.oracle.com/errata/ELSA-2026-1408.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-3.12.12-4.0.1.el9_7.x86_64.rpm
python3.12-debug-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-debug-3.12.12-4.0.1.el9_7.x86_64.rpm
python3.12-devel-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-devel-3.12.12-4.0.1.el9_7.x86_64.rpm
python3.12-idle-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-idle-3.12.12-4.0.1.el9_7.x86_64.rpm
python3.12-libs-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-libs-3.12.12-4.0.1.el9_7.x86_64.rpm
python3.12-test-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-test-3.12.12-4.0.1.el9_7.x86_64.rpm
python3.12-tkinter-3.12.12-4.0.1.el9_7.i686.rpm
python3.12-tkinter-3.12.12-4.0.1.el9_7.x86_64.rpm

aarch64:
python3.12-3.12.12-4.0.1.el9_7.aarch64.rpm
python3.12-debug-3.12.12-4.0.1.el9_7.aarch64.rpm
python3.12-devel-3.12.12-4.0.1.el9_7.aarch64.rpm
python3.12-idle-3.12.12-4.0.1.el9_7.aarch64.rpm
python3.12-libs-3.12.12-4.0.1.el9_7.aarch64.rpm
python3.12-test-3.12.12-4.0.1.el9_7.aarch64.rpm
python3.12-tkinter-3.12.12-4.0.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.12-3.12.12-4.0.1.el9_7.src.rpm

Related CVEs:

CVE-2025-12084
CVE-2025-13836

Description of changes:

[3.12.12-4.0.1]
- Remove upstream URL reference

[3.12.12-4]
- Release bump to correct the build for wrong release
Related: RHEL-141026

[3.12.12-3]
- Security fix for CVE-2025-13836
Resolves: RHEL-141026

[3.12.12-2]
- Security fix for CVE-2025-12084
Resolves: RHEL-135399



ELSA-2026-1089 Important: Oracle Linux 9 python3.11-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1089

http://linux.oracle.com/errata/ELSA-2026-1089.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-urllib3-1.26.12-5.el9_7.1.noarch.rpm

aarch64:
python3.11-urllib3-1.26.12-5.el9_7.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.11-urllib3-1.26.12-5.el9_7.1.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.26.12-5.1]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-140565, RHEL-139404



ELSA-2026-1088 Important: Oracle Linux 9 python3.12-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1088

http://linux.oracle.com/errata/ELSA-2026-1088.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-urllib3-1.26.19-1.el9_7.1.noarch.rpm

aarch64:
python3.12-urllib3-1.26.19-1.el9_7.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python3.12-urllib3-1.26.19-1.el9_7.1.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.26.19-1.1]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-139403



ELSA-2026-1087 Important: Oracle Linux 9 python-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1087

http://linux.oracle.com/errata/ELSA-2026-1087.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-urllib3-1.26.5-6.el9_7.1.noarch.rpm

aarch64:
python3-urllib3-1.26.5-6.el9_7.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/python-urllib3-1.26.5-6.el9_7.1.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.26.5-6.1]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-139401



ELBA-2026-1356 Oracle Linux 9 fuse-overlayfs bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1356

http://linux.oracle.com/errata/ELBA-2026-1356.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
fuse-overlayfs-1.16-1.el9_7.x86_64.rpm

aarch64:
fuse-overlayfs-1.16-1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/fuse-overlayfs-1.16-1.el9_7.src.rpm

Description of changes:

[1.16-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.16
- fixes "Update fuse-overlayfs to 1.16 [rhel-9.7.z]"
- Resolves: RHEL-128520



ELSA-2026-1359 Moderate: Oracle Linux 9 gcc-toolset-15-binutils security update


Oracle Linux Security Advisory ELSA-2026-1359

http://linux.oracle.com/errata/ELSA-2026-1359.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
gcc-toolset-15-binutils-2.44-3.el9_7.1.x86_64.rpm
gcc-toolset-15-binutils-devel-2.44-3.el9_7.1.i686.rpm
gcc-toolset-15-binutils-devel-2.44-3.el9_7.1.x86_64.rpm
gcc-toolset-15-binutils-gold-2.44-3.el9_7.1.x86_64.rpm
gcc-toolset-15-binutils-gprofng-2.44-3.el9_7.1.x86_64.rpm

aarch64:
gcc-toolset-15-binutils-2.44-3.el9_7.1.aarch64.rpm
gcc-toolset-15-binutils-devel-2.44-3.el9_7.1.aarch64.rpm
gcc-toolset-15-binutils-gold-2.44-3.el9_7.1.aarch64.rpm
gcc-toolset-15-binutils-gprofng-2.44-3.el9_7.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/gcc-toolset-15-binutils-2.44-3.el9_7.1.src.rpm

Related CVEs:

CVE-2025-11083

Description of changes:

[2.44-3.1]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-130674)



ELSA-2026-1350 Moderate: Oracle Linux 9 curl security update


Oracle Linux Security Advisory ELSA-2026-1350

http://linux.oracle.com/errata/ELSA-2026-1350.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
curl-7.76.1-35.el9_7.3.x86_64.rpm
curl-minimal-7.76.1-35.el9_7.3.x86_64.rpm
libcurl-7.76.1-35.el9_7.3.i686.rpm
libcurl-7.76.1-35.el9_7.3.x86_64.rpm
libcurl-devel-7.76.1-35.el9_7.3.i686.rpm
libcurl-devel-7.76.1-35.el9_7.3.x86_64.rpm
libcurl-minimal-7.76.1-35.el9_7.3.i686.rpm
libcurl-minimal-7.76.1-35.el9_7.3.x86_64.rpm

aarch64:
curl-7.76.1-35.el9_7.3.aarch64.rpm
curl-minimal-7.76.1-35.el9_7.3.aarch64.rpm
libcurl-7.76.1-35.el9_7.3.aarch64.rpm
libcurl-devel-7.76.1-35.el9_7.3.aarch64.rpm
libcurl-minimal-7.76.1-35.el9_7.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/curl-7.76.1-35.el9_7.3.src.rpm

Related CVEs:

CVE-2025-9086

Description of changes:

[7.76.1-35.el9_7.3]
- http: fix crash in rate-limited upload (RHEL-129493)

[7.76.1-35.el9_7.2]
- openssl: respect system crypto policy for TLS max version (RHEL-128921)

[7.76.1-35.el9_7.1]
- rebuild for rhel-9.7.0 z-stream (RHEL-121659)

[7.76.1-35]
- cookie: don't treat the leading slash as trailing (CVE-2025-9086)
Resolves: RHEL-121659



ELBA-2026-1358 Oracle Linux 9 WALinuxAgent bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1358

http://linux.oracle.com/errata/ELBA-2026-1358.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
WALinuxAgent-2.13.1.1-3.0.1.el9_7.1.noarch.rpm
WALinuxAgent-cvm-2.13.1.1-3.0.1.el9_7.1.noarch.rpm
WALinuxAgent-udev-2.13.1.1-3.0.1.el9_7.1.noarch.rpm

aarch64:
WALinuxAgent-2.13.1.1-3.0.1.el9_7.1.noarch.rpm
WALinuxAgent-cvm-2.13.1.1-3.0.1.el9_7.1.noarch.rpm
WALinuxAgent-udev-2.13.1.1-3.0.1.el9_7.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/WALinuxAgent-2.13.1.1-3.0.1.el9_7.1.src.rpm

Description of changes:

[2.13.1.1-3.0.1.el9_7.1]
- Add oracle support to fix waagent.service build issue

[2.13.1.1-3.el9_7.1]
- wla-Support-for-FIPS-140-3-3324.patch [RHEL-124949]
- Resolves: RHEL-124949
(Update walagent to 2.14 to support FIPS 140-3 on Azure [rhel-9.7.z])



ELBA-2026-1357 Oracle Linux 9 rig bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1357

http://linux.oracle.com/errata/ELBA-2026-1357.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
rig-1.1-7.el9_7.noarch.rpm

aarch64:
rig-1.1-7.el9_7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/rig-1.1-7.el9_7.src.rpm

Description of changes:

[1.1-7]
- Add fix to avoid using deprecated sosreport command.



ELBA-2026-1355 Oracle Linux 9 mod_security_crs bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1355

http://linux.oracle.com/errata/ELBA-2026-1355.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
mod_security_crs-3.3.5-3.el9_7.noarch.rpm

aarch64:
mod_security_crs-3.3.5-3.el9_7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/mod_security_crs-3.3.5-3.el9_7.src.rpm

Description of changes:

[3.3.5-3]
- Resolves: RHEL-80178 A form data, "鹿沼市御成橋"(a name of street/city
in Japanese) is forbade by mod_security_crs-3.3.4-3.el8.noarch



ELBA-2026-1354 Oracle Linux 9 dpdk bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1354

http://linux.oracle.com/errata/ELBA-2026-1354.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dpdk-24.11.3-1.el9_7.x86_64.rpm
dpdk-devel-24.11.3-1.el9_7.x86_64.rpm
dpdk-doc-24.11.3-1.el9_7.noarch.rpm
dpdk-tools-24.11.3-1.el9_7.x86_64.rpm

aarch64:
dpdk-24.11.3-1.el9_7.aarch64.rpm
dpdk-devel-24.11.3-1.el9_7.aarch64.rpm
dpdk-doc-24.11.3-1.el9_7.noarch.rpm
dpdk-tools-24.11.3-1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/dpdk-24.11.3-1.el9_7.src.rpm

Description of changes:

[24.11.3-1]
- Rebase to 24.11.3 (RHEL-121231)



ELBA-2026-1352 Oracle Linux 9 device-mapper-multipath bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1352

http://linux.oracle.com/errata/ELBA-2026-1352.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
device-mapper-multipath-0.8.7-39.el9_7.1.x86_64.rpm
device-mapper-multipath-devel-0.8.7-39.el9_7.1.i686.rpm
device-mapper-multipath-devel-0.8.7-39.el9_7.1.x86_64.rpm
device-mapper-multipath-libs-0.8.7-39.el9_7.1.i686.rpm
device-mapper-multipath-libs-0.8.7-39.el9_7.1.x86_64.rpm
kpartx-0.8.7-39.el9_7.1.x86_64.rpm

aarch64:
device-mapper-multipath-0.8.7-39.el9_7.1.aarch64.rpm
device-mapper-multipath-devel-0.8.7-39.el9_7.1.aarch64.rpm
device-mapper-multipath-libs-0.8.7-39.el9_7.1.aarch64.rpm
kpartx-0.8.7-39.el9_7.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/device-mapper-multipath-0.8.7-39.el9_7.1.src.rpm

Description of changes:

[0.8.7-39.1]
- Add 0150-libmpathpersist-retry-commands-on-other-paths-in-mpa.patch
- Add 0151-libmpathpersist-check-released-key-against-the-reser.patch
- Add 0152-multipathd-remove-thread-from-mpath_pr_event_handle.patch
- Add 0153-libmpathpersist-remove-uneeded-wrapper-function.patch
- Add 0154-libmpathpersist-reduce-log-level-for-persistent-rese.patch
- Add 0155-libmpathpersist-remove-pointless-update_map_pr-ret-v.patch
- Add 0156-multipathd-use-update_map_pr-in-mpath_pr_event_handl.patch
- Add 0157-libmpathpersist-limit-changing-prflag-in-update_map_.patch
- Add 0158-multipathd-Don-t-call-update_map_pr-unnecessarily.patch
- Add 0159-libmpathpersist-remove-useless-function-send_prout_a.patch
- Add 0160-libmpathpersist-fix-memory-leak-in-mpath_prout_rel.patch
- Add 0161-limpathpersist-redesign-failed-release-workaround.patch
- Add 0162-libmpathpersist-fail-the-release-if-all-threads-fail.patch
- Add 0163-limpathpersist-Handle-changing-key-corner-case.patch
- Add 0164-libmpathpersist-fix-command-keyword-ordering.patch
- Add 0165-libmpathpersist-use-conf-timeout-for-updating-persis.patch
- Add 0166-libmapthpersist-Handle-REGISTER-AND-IGNORE-changing-.patch
- Add 0167-libmultipath-rename-prflag_value-enums.patch
- Add 0168-libmpathpersist-use-a-switch-statement-for-prout-com.patch
- Add 0169-libmpathpersist-Add-safety-check-for-preempting-on-k.patch
- Add 0170-limpathpersist-remove-update_map_pr-code-for-NULL-pp.patch
- Add 0171-libmpathpersist-move-update_map_pr-to-multipathd.patch
- Add 0172-multipathd-clean-up-update_map_pr-and-mpath_pr_event.patch
- Add 0173-libmpathpersist-clean-up-duplicate-function-declarat.patch
- Add 0174-multipathd-wrap-setting-and-unsetting-prflag.patch
- Add 0175-multipathd-unregister-PR-key-when-path-is-restored-i.patch
- Add 0176-libmpathpersist-Fix-up-reservation_key-checking.patch
- Add 0177-libmpathpersist-change-how-reservation-conflicts-are.patch
- Add 0178-libmpathpersist-Clear-prkey-in-multipathd-before-unr.patch
- Add 0179-libmpathpersist-only-clear-the-key-if-we-are-using-t.patch
- Add 0180-libmpathpersist-Restore-old-reservation-key-on-failu.patch
- Add 0181-libmpatpersist-update-reservation-key-before-checkin.patch
- Add 0182-libmpathpersist-retry-on-conflicts-in-mpath_prout_co.patch
- Add 0183-libmpathpersist-Don-t-always-fail-registrations-for-.patch
- Add 0184-libmpathpersist-Don-t-try-release-workaround-for-inv.patch
- Add 0185-libmpathpersist-Don-t-fail-RESERVE-commands-unnecess.patch
- Add 0186-libmpathpersist-reregister-keys-when-self-preempting.patch
- Add 0187-libmpathpersist-handle-updating-key-race-condition.patch
- Add 0188-libmpathpersist-handle-preempting-all-registrants-re.patch
- Add 0189-libmpathpersist-Fix-REGISTER-AND-IGNORE-while-holdin.patch
- Add 0190-libmpathpersist-Handle-RESERVE-with-reservation-held.patch
- Add 0191-libmpathpersist-use-check_holding_reservation-in-mpa.patch
- Add 0192-libmpathpersist-Fix-unregistering-while-holding-the-.patch
- Add 0193-libmpathpersist-Fix-race-between-restoring-a-path-an.patch
- Add 0194-multipathd-Fix-tracking-of-old-PR-key.patch
- Add 0195-multipathd-Fix-race-while-registering-PR-key.patch
- Add 0196-mpathpersist-Fix-REPORT-CAPABILITIES-output.patch
* Fixes RHEL-118723 ("There are many bugs in multipath's persistent
reservation handling [rhel-9.7.z]")
- Resolves: RHEL-118723



ELBA-2026-1351 Oracle Linux 9 microcode_ctl bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-1351

http://linux.oracle.com/errata/ELBA-2026-1351.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
microcode_ctl-20250812-1.20251111.1.0.1.el9_7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/microcode_ctl-20250812-1.20251111.1.0.1.el9_7.src.rpm

Description of changes:

[20250812-1.20251111.1.0.1]
- add support for UEK7/UEK8 and ueknext kernels
- don't bother calling dracut if virtualized [Orabug: 35710094]
- ensure UEK also rebuilds initramfs [Orabug: 34280058]
- enable early update for 06-4f-01
- remove no longer appropriate caveats for 06-2d-07 and 06-55-04
- enable early and late load on RHCK

[4:20250812-1.20251111-1]
- Fix typo in /usr/share/microcode_ctl/ucode_with_caveats/intel-06-8f-08/config
- Update Intel CPU microcode to microcode-20251111 release (RHEL-128260)
- New microcode files (in hex):
06-ae-01: Granite Rapids-D: revision 1000273
- Microcode files (/platform_mask shown) with revision updates (in hex):
06-8f-07/87: Sapphire Rapids: 2b000643 to 2b000650
06-8f-08/10: Sapphire Rapids with HBM: 2c000401 to 2c000410
06-8f-08/87: Sapphire Rapids: 2b000643 to 2b000650
06-97-02/07: Alder Lake: 003a to 003d
06-97-05/07: Alder Lake: 003a to 003d
06-9a-03/80: Alder Lake-L: 0437 to 043a
06-9a-04/80: Alder Lake-L: 0437 to 043a
06-9a-04/40: Arizona Beach (Atom C11xx): 000a to 000b
06-ad-01/95: Granite Rapids-X: 10003d0 to 10003f0
06-ad-01/20: Granite Rapids-X: a000100 to a000124
06-af-03/01: Crestmont (Sierra Forest): 3000362 to 3000382
06-b7-01/32: Raptor Lake: 012f to 0132
06-ba-02/e0: Raptor Lake-P: 4129 to 6133
06-ba-03/e0: Raptor Lake-P: 4129 to 6133
06-bd-01/80: Lunar Lake: 0123 to 0125
06-be-00/19: Gracemont (Alder Lake-N): 001d to 001e
06-bf-02/07: Raptor Lake-S: 003a to 003d
06-bf-05/07: Raptor Lake-S: 003a to 003d
06-c5-02/82: Arrow Lake-H: 0119 to 011a
06-c6-02/82: Arrow Lake: 0119 to 011a
06-cf-02/87: Emerald Rapids: 210002b3 to 210002c0
- Fixes errata RPL070/ADL083/LNL047/ARL054/SPR154/EMR147:
"REP SCASB, REP CMPSB may return incorrect results when racing
memory access with another core or thread" on Raptor Lake,
Alder Lake, Lunar Lake, Arrow Lake, Sapphire Rapids, Emerald Rapids.



ELSA-2026-1381 Moderate: Oracle Linux 9 osbuild-composer security update


Oracle Linux Security Advisory ELSA-2026-1381

http://linux.oracle.com/errata/ELSA-2026-1381.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-149-3.0.1.el9_7.x86_64.rpm
osbuild-composer-core-149-3.0.1.el9_7.x86_64.rpm
osbuild-composer-worker-149-3.0.1.el9_7.x86_64.rpm

aarch64:
osbuild-composer-149-3.0.1.el9_7.aarch64.rpm
osbuild-composer-core-149-3.0.1.el9_7.aarch64.rpm
osbuild-composer-worker-149-3.0.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/osbuild-composer-149-3.0.1.el9_7.src.rpm

Related CVEs:

CVE-2025-58183

Description of changes:

[149-3.0.1]
- Add missing dependency over dracut-config-rescue for image-installer [ORABUG: 38587453]
- Switch to UEKR8 repositories for OL9.6 [Orabug: 37962207]
- Add support to create OpenScap images [JIRA: OLDIS-35301]
- Simplify repository names [JIRA: OLDIS-35893]
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]

[149-3]
- Rebuilt to fix:
- CVE-2025-58183
- RHEL-125705



ELSA-2026-1239 Important: Oracle Linux 9 fence-agents security update


Oracle Linux Security Advisory ELSA-2026-1239

http://linux.oracle.com/errata/ELSA-2026-1239.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
fence-agents-aliyun-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-all-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-amt-ws-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-apc-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-apc-snmp-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-aws-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-azure-arm-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-bladecenter-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-brocade-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-cisco-mds-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-cisco-ucs-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-common-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-compute-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-drac5-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-eaton-snmp-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-emerson-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-eps-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-gce-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-heuristics-ping-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-hpblade-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ibm-powervs-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ibm-vpc-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ibmblade-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ifmib-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo-moonshot-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo-mp-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo-ssh-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo2-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-intelmodular-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ipdu-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ipmilan-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-kdump-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-kubevirt-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-lpar-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-mpath-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-nutanix-ahv-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-openstack-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-redfish-4.10.0-98.el9_7.4.x86_64.rpm
fence-agents-rhevm-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-rsa-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-rsb-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-sbd-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-scsi-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-virsh-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-vmware-rest-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-vmware-soap-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-wti-4.10.0-98.el9_7.4.noarch.rpm
fence-virt-4.10.0-98.el9_7.4.x86_64.rpm
fence-virtd-4.10.0-98.el9_7.4.x86_64.rpm
fence-virtd-cpg-4.10.0-98.el9_7.4.x86_64.rpm
fence-virtd-libvirt-4.10.0-98.el9_7.4.x86_64.rpm
fence-virtd-multicast-4.10.0-98.el9_7.4.x86_64.rpm
fence-virtd-serial-4.10.0-98.el9_7.4.x86_64.rpm
fence-virtd-tcp-4.10.0-98.el9_7.4.x86_64.rpm
ha-cloud-support-4.10.0-98.el9_7.4.x86_64.rpm

aarch64:
fence-agents-all-4.10.0-98.el9_7.4.aarch64.rpm
fence-agents-amt-ws-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-apc-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-apc-snmp-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-bladecenter-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-brocade-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-cisco-mds-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-cisco-ucs-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-common-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-drac5-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-eaton-snmp-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-emerson-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-eps-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-heuristics-ping-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-hpblade-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ibm-powervs-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ibm-vpc-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ibmblade-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ifmib-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo-moonshot-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo-mp-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo-ssh-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ilo2-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-intelmodular-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ipdu-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-ipmilan-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-kdump-4.10.0-98.el9_7.4.aarch64.rpm
fence-agents-kubevirt-4.10.0-98.el9_7.4.aarch64.rpm
fence-agents-lpar-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-mpath-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-nutanix-ahv-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-redfish-4.10.0-98.el9_7.4.aarch64.rpm
fence-agents-rhevm-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-rsa-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-rsb-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-sbd-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-scsi-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-virsh-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-vmware-rest-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-vmware-soap-4.10.0-98.el9_7.4.noarch.rpm
fence-agents-wti-4.10.0-98.el9_7.4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/fence-agents-4.10.0-98.el9_7.4.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[4.10.0-98.4]
- bundled urllib3: fix CVE-2025-66471
- bundled urllib3: fix CVE-2026-21441
Resolves: RHEL-139793, RHEL-140795

[4.10.0-98.1]
- bundled urllib3: fix CVE-2025-66418
Resolves: RHEL-136061



ELSA-2026-1143 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-1143

http://linux.oracle.com/errata/ELSA-2026-1143.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-abi-stablelists-5.14.0-611.26.1.el9_7.noarch.rpm
kernel-core-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-cross-headers-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-core-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-devel-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-devel-matched-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-modules-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-modules-core-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-modules-extra-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-debug-uki-virt-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-devel-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-devel-matched-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-doc-5.14.0-611.26.1.el9_7.noarch.rpm
kernel-headers-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-modules-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-modules-core-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-modules-extra-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-tools-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-tools-libs-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-tools-libs-devel-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-uki-virt-5.14.0-611.26.1.el9_7.x86_64.rpm
kernel-uki-virt-addons-5.14.0-611.26.1.el9_7.x86_64.rpm
libperf-5.14.0-611.26.1.el9_7.x86_64.rpm
perf-5.14.0-611.26.1.el9_7.x86_64.rpm
python3-perf-5.14.0-611.26.1.el9_7.x86_64.rpm
rtla-5.14.0-611.26.1.el9_7.x86_64.rpm
rv-5.14.0-611.26.1.el9_7.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-611.26.1.el9_7.aarch64.rpm
kernel-headers-5.14.0-611.26.1.el9_7.aarch64.rpm
kernel-tools-5.14.0-611.26.1.el9_7.aarch64.rpm
kernel-tools-libs-5.14.0-611.26.1.el9_7.aarch64.rpm
kernel-tools-libs-devel-5.14.0-611.26.1.el9_7.aarch64.rpm
libperf-5.14.0-611.26.1.el9_7.aarch64.rpm
perf-5.14.0-611.26.1.el9_7.aarch64.rpm
python3-perf-5.14.0-611.26.1.el9_7.aarch64.rpm
rtla-5.14.0-611.26.1.el9_7.aarch64.rpm
rv-5.14.0-611.26.1.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-611.26.1.el9_7.src.rpm

Related CVEs:

CVE-2025-38141
CVE-2025-38349
CVE-2025-38731
CVE-2025-40248
CVE-2025-40258
CVE-2025-40294
CVE-2025-68301
CVE-2025-68305

Description of changes:

[5.14.0-611.26.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 last_access_time in open_cached_dir_by_dentry() (Paulo Alcantara) [RHEL-128581]
- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (Paulo Alcantara) [RHEL-128581]
- smb: client: account smb directory cache usage and per-tcon totals (Paulo Alcantara) [RHEL-128581]
- smb: client: add drop_dir_cache module parameter to invalidate cached dirents (Paulo Alcantara) [RHEL-128581]
- smb: client: show lease state as R/H/W (or NONE) in open_files (Paulo Alcantara) [RHEL-128581]
- smb: client: show negotiated cipher in DebugData (Paulo Alcantara) [RHEL-128581]
- smb: client: add new tracepoint to trace lease break notification (Paulo Alcantara) [RHEL-128581]
- smb: client: Fix NULL pointer dereference in cifs_debug_dirs_proc_show() (Paulo Alcantara) [RHEL-128581]
- coredump: Only sort VMAs when core_sort_vma sysctl is set (Herton R. Krzesinski) [RHEL-113364]



ELSA-2026-1086 Important: Oracle Linux 10 python-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1086

http://linux.oracle.com/errata/ELSA-2026-1086.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-urllib3-1.26.19-2.el10_1.1.noarch.rpm

aarch64:
python3-urllib3-1.26.19-2.el10_1.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/python-urllib3-1.26.19-2.el10_1.1.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.26.19-2.1]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-139387



ELBA-2026-50070 Oracle Linux 10 bootc bug fix update


Oracle Linux Bug Fix Advisory ELBA-2026-50070

http://linux.oracle.com/errata/ELBA-2026-50070.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
bootc-1.8.0-2.0.3.el10_1.x86_64.rpm
bootc-oraclelinux-configs-1.8.0-2.0.3.el10_1.x86_64.rpm
system-reinstall-bootc-1.8.0-2.0.3.el10_1.x86_64.rpm

aarch64:
bootc-1.8.0-2.0.3.el10_1.aarch64.rpm
bootc-oraclelinux-configs-1.8.0-2.0.3.el10_1.aarch64.rpm
system-reinstall-bootc-1.8.0-2.0.3.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/bootc-1.8.0-2.0.3.el10_1.src.rpm

Description of changes:

[1.8.0-2.0.3]
- Update bootc-oraclelinux-configs and image-builder scripts



ELSA-2026-50071 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50071

http://linux.oracle.com/errata/ELSA-2026-50071.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.351.3.3.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.351.3.3.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.351.3.3.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.351.3.3.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.351.3.3.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.351.3.3.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.351.3.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.351.3.3.el8uek.src.rpm

Related CVEs:

CVE-2025-40022

Description of changes:

[5.4.17-2136.351.3.3]
- crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (Eric Biggers) [Orabug: 38884602] {CVE-2025-40022}



ELBA-2026-1142-1 Oracle Linux 8 kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2026-1142-1

http://linux.oracle.com/errata/ELBA-2026-1142-1.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.97.1.0.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.97.1.0.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
perf-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.97.1.0.1.el8_10.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.97.1.0.1.el8_10.src.rpm

Description of changes:

[4.18.0-553.97.1.0.1]
- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

[4.18.0-553.97.1]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 =32 (John J Coleman) [RHEL-111354]
- xen: Fix x86 sched_clock() interface for xen (John J Coleman) [RHEL-111354]
- x86/xen/time: Output xen sched_clock time from 0 (John J Coleman) [RHEL-111354]

[4.18.0-553.95.1]
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (Olga Kornievskaia) [RHEL-132819]
- vsock: Ignore signal/timeout on connect() if already established (CKI Backport Bot) [RHEL-139273] {CVE-2025-40248}
- scsi: lpfc: avoid crashing in lpfc_nlp_get() if lpfc_nodelist was freed (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Update PRLO handling in direct attached topology (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Add condition to delete ndlp object after sending BLS_RJT to an ABTS (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN processing for ndlps (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute for Fabric nodes (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix possible file string name overflow when updating firmware (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Validate ELS LS_ACC completion payload (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Revise NPIV ELS unsol rcv cmpl logic to drop ndlp based on nlp_state (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fill in missing ndlp kref puts in error paths (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login (Ewan D. Milne) [RHEL-32324]



ELSA-2026-1412 Important: Oracle Linux 8 php:8.2 security update


Oracle Linux Security Advisory ELSA-2026-1412

http://linux.oracle.com/errata/ELSA-2026-1412.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
apcu-panel-5.1.23-1.module+el8.10.0+90469+8883f508.noarch.rpm
libzip-1.7.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm
libzip-devel-1.7.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm
libzip-tools-1.7.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm
php-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-bcmath-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-cli-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-common-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-dba-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-dbg-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-devel-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-embedded-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-enchant-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-ffi-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-fpm-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-gd-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-gmp-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-intl-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-ldap-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-mbstring-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-mysqlnd-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-odbc-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-opcache-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-pdo-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-pear-1.10.14-1.module+el8.10.0+90469+8883f508.noarch.rpm
php-pecl-apcu-5.1.23-1.module+el8.10.0+90469+8883f508.x86_64.rpm
php-pecl-apcu-devel-5.1.23-1.module+el8.10.0+90469+8883f508.x86_64.rpm
php-pecl-rrd-2.0.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm
php-pecl-xdebug3-3.2.2-2.module+el8.10.0+90469+8883f508.x86_64.rpm
php-pecl-zip-1.22.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm
php-pgsql-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-process-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-snmp-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-soap-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm
php-xml-8.2.30-1.module+el8.10.0+90775+243071a5.x86_64.rpm

aarch64:
apcu-panel-5.1.23-1.module+el8.10.0+90469+8883f508.noarch.rpm
libzip-1.7.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm
libzip-devel-1.7.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm
libzip-tools-1.7.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm
php-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-bcmath-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-cli-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-common-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-dba-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-dbg-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-devel-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-embedded-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-enchant-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-ffi-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-fpm-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-gd-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-gmp-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-intl-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-ldap-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-mbstring-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-mysqlnd-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-odbc-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-opcache-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-pdo-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-pear-1.10.14-1.module+el8.10.0+90469+8883f508.noarch.rpm
php-pecl-apcu-5.1.23-1.module+el8.10.0+90469+8883f508.aarch64.rpm
php-pecl-apcu-devel-5.1.23-1.module+el8.10.0+90469+8883f508.aarch64.rpm
php-pecl-rrd-2.0.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm
php-pecl-xdebug3-3.2.2-2.module+el8.10.0+90469+8883f508.aarch64.rpm
php-pecl-zip-1.22.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm
php-pgsql-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-process-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-snmp-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-soap-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm
php-xml-8.2.30-1.module+el8.10.0+90775+243071a5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/libzip-1.7.3-1.module+el8.10.0+90469+8883f508.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-8.2.30-1.module+el8.10.0+90775+243071a5.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pear-1.10.14-1.module+el8.10.0+90469+8883f508.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-apcu-5.1.23-1.module+el8.10.0+90469+8883f508.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-rrd-2.0.3-1.module+el8.10.0+90469+8883f508.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-xdebug3-3.2.2-2.module+el8.10.0+90469+8883f508.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-zip-1.22.3-1.module+el8.10.0+90469+8883f508.src.rpm

Related CVEs:

CVE-2025-1220
CVE-2025-1735
CVE-2025-6491
CVE-2025-14177
CVE-2025-14178
CVE-2025-14180

Description of changes:

libzip
[1.7.3-1]
- update to 1.7.3

[1.6.1-1]
- update to 1.6.1
- enable lzma support

[1.5.2-1]
- update to 1.5.2
- add all explicit cmake options to ensure openssl is used
even in local build with other lilbraries available

[1.5.1-1]
- update to 1.5.1
- drop dependency on zlib-devel and bzip2-devel no more
referenced in libzip.pc
- drop rpath patch merged upstream

[1.5.0-2]
- add dependency on zlib-devel and bzip2-devel #1556068

[1.5.0-1]
- update to 1.5.0
- use openssl for cryptography instead of bundled custom AES implementation

[1.4.0-5]
- missing BR on C compiler
- use ldconfig_scriptlets

[1.4.0-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.4.0-3]
- add upstream patch and drop multilib hack

[1.4.0-2]
- re-add multilib hack #1529886

php
[8.2.30-1]
- rebase to 8.2.30

php-pear
[1:1.10.14-1]
- update PEAR to 1.10.14 for PHP 8.2 RHEL-14705

[1:1.10.13-1]
- update PEAR to 1.10.13
- update Archive_Tar to 1.4.14

[1:1.10.12-1]
- update PEAR to 1.10.12
- update Archive_Tar to 1.4.9
- update Console_Getopt to 1.4.3
- update XML_Util to 1.4.5

[1:1.10.9-1]
- update PEAR to 1.10.9
- update Archive_Tar to 1.4.7
- update Console_Getopt to 1.4.2

[1:1.10.5-8]
- require /usr/bin/gpg instead of gnupg

[1:1.10.5-7]
- enable autoloader only in Fedora

[1:1.10.5-6]
- add patch for PHP 7.2 from
https://github.com/pear/pear-core/pull/71

[1:1.10.5-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1:1.10.5-4]
- add autoloader for each package

[1:1.10.5-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

php-pecl-apcu
[5.1.23-1]
- update to 5.1.23 for PHP 8.2 RHEL-14705

[5.1.20-1]
- update to 5.1.20

[5.1.18-1]
- update to 5.1.18

[5.1.17-1]
- update to 5.1.17

[5.1.12-1]
- update to 5.1.12 (stable)

[5.1.11-1]
- update to 5.1.11 (stable)

[5.1.10-1]
- update to 5.1.10 (stable)

[5.1.9-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[5.1.9-2]
- undefine _strict_symbol_defs_build

[5.1.9-1]
- Update to 5.1.9 (php 7, stable)

php-pecl-rrd
[2.0.3-1]
- update to 2.0.3

[2.0.1-1]
- build for RHEL 8

[2.0.1-13]
- rebuild for https://fedoraproject.org/wiki/Changes/php74

[2.0.1-12]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

[2.0.1-11]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

[2.0.1-10]
- Rebuild for https://fedoraproject.org/wiki/Changes/php73

[2.0.1-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[2.0.1-8]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[2.0.1-7]
- undefine _strict_symbol_defs_build

[2.0.1-6]
- rebuild for https://fedoraproject.org/wiki/Changes/php72

php-pecl-xdebug3
[3.2.2-2]
- drop inet_ntoa usage using upstream patch

[3.2.2-1]
- update to 3.2.2 for PHP 8.2 RHEL-14705

[3.1.2-1]
- update to 3.1.2 rhbz#2030322

[3.0.4-5]
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

[3.0.4-4]
- ignore tests relying on DNS #1979841

[3.0.4-2]
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065

[3.0.4-1]
- update to 3.0.4

[3.0.3-2]
- rebuild for https://fedoraproject.org/wiki/Changes/php80

[3.0.3-1]
- update to 3.0.3

[3.0.2-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

php-pecl-zip
[1.22.3-1]
- update to 1.22.3 for PHP 8.2 RHEL-14705

[1.19.2-1]
- update to 1.19.2

[1.18.2-1]
- update to 1.18.2

[1.15.4-1]
- Update to 1.15.4

[1.15.3-1]
- Update to 1.15.3

[1.15.2-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.15.2-2]
- undefine _strict_symbol_defs_build

[1.15.2-1]
- Update to 1.15.2

[1.15.1-4]
- rebuild for https://fedoraproject.org/wiki/Changes/php72

[1.15.1-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild



ELSA-2026-1374 Moderate: Oracle Linux 8 python3.11 security update


Oracle Linux Security Advisory ELSA-2026-1374

http://linux.oracle.com/errata/ELSA-2026-1374.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-3.11.13-4.0.1.el8_10.x86_64.rpm
python3.11-debug-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-debug-3.11.13-4.0.1.el8_10.x86_64.rpm
python3.11-devel-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-devel-3.11.13-4.0.1.el8_10.x86_64.rpm
python3.11-idle-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-idle-3.11.13-4.0.1.el8_10.x86_64.rpm
python3.11-libs-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-libs-3.11.13-4.0.1.el8_10.x86_64.rpm
python3.11-rpm-macros-3.11.13-4.0.1.el8_10.noarch.rpm
python3.11-test-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-test-3.11.13-4.0.1.el8_10.x86_64.rpm
python3.11-tkinter-3.11.13-4.0.1.el8_10.i686.rpm
python3.11-tkinter-3.11.13-4.0.1.el8_10.x86_64.rpm

aarch64:
python3.11-3.11.13-4.0.1.el8_10.aarch64.rpm
python3.11-debug-3.11.13-4.0.1.el8_10.aarch64.rpm
python3.11-devel-3.11.13-4.0.1.el8_10.aarch64.rpm
python3.11-idle-3.11.13-4.0.1.el8_10.aarch64.rpm
python3.11-libs-3.11.13-4.0.1.el8_10.aarch64.rpm
python3.11-rpm-macros-3.11.13-4.0.1.el8_10.noarch.rpm
python3.11-test-3.11.13-4.0.1.el8_10.aarch64.rpm
python3.11-tkinter-3.11.13-4.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.11-3.11.13-4.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-12084
CVE-2025-13836

Description of changes:

[3.11.13-4.0.1]
- Update rpm-macros description [Orabug: 36024572]

[3.11.13-4]
- Security fix for CVE-2025-13836
Resolves: RHEL-140992

[3.11.13-3]
- Security fix for CVE-2025-12084
Resolves: RHEL-135390



ELSA-2026-1344 Important: Oracle Linux 8 grafana security update


Oracle Linux Security Advisory ELSA-2026-1344

http://linux.oracle.com/errata/ELSA-2026-1344.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-9.2.10-27.0.1.el8_10.x86_64.rpm
grafana-selinux-9.2.10-27.0.1.el8_10.x86_64.rpm

aarch64:
grafana-9.2.10-27.0.1.el8_10.aarch64.rpm
grafana-selinux-9.2.10-27.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/grafana-9.2.10-27.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-61729

Description of changes:

[9.2.10-27.0.1]
- Fixes CVE-2024-1442 Add email verification when updating user email [Orabug: 38550520]

[9.2.10-27]
- Resolves RHEL-140537: CVE-2025-61729



ELSA-2026-1224 Important: Oracle Linux 8 python3.11-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1224

http://linux.oracle.com/errata/ELSA-2026-1224.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-urllib3-1.26.12-6.el8_10.noarch.rpm

aarch64:
python3.11-urllib3-1.26.12-6.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.11-urllib3-1.26.12-6.el8_10.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.26.12-6]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-140555, RHEL-139408



ELSA-2026-1254 Important: Oracle Linux 8 python-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1254

http://linux.oracle.com/errata/ELSA-2026-1254.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-urllib3-1.24.2-9.el8_10.noarch.rpm

aarch64:
python3-urllib3-1.24.2-9.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python-urllib3-1.24.2-9.el8_10.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.24.2-9]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-139410



ELSA-2026-1240 Important: Oracle Linux 8 fence-agents security update


Oracle Linux Security Advisory ELSA-2026-1240

http://linux.oracle.com/errata/ELSA-2026-1240.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
fence-agents-all-4.2.1-129.el8_10.20.x86_64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.20.x86_64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.20.x86_64.rpm
fence-agents-lpar-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-mpath-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-nutanix-ahv-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.20.x86_64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.20.noarch.rpm

aarch64:
fence-agents-all-4.2.1-129.el8_10.20.aarch64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.20.aarch64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.20.aarch64.rpm
fence-agents-mpath-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-nutanix-ahv-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.20.aarch64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.20.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.20.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/fence-agents-4.2.1-129.el8_10.20.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[4.2.1-129.20]
- bundled urllib3: fix CVE-2025-66471
- bundled urllib3: fix CVE-2026-21441
Resolves: RHEL-139756, RHEL-140783

[4.2.1-129.17]
- bundled urllib3: fix CVE-2025-66418
Resolves: RHEL-136027

[4.2.1-129.16]
- fence_nutanix_ahv: new fence agent
Resolves: RHEL-110964

[4.2.1-129.15]
- fence_kubevirt: use hard poweroff
Resolves: RHEL-96179

[4.2.1-129.14]
- fence_aws: add skip_os_shutdown parameter
Resolves: RHEL-109814

[4.2.1-129.13]
- bundled requests: fix CVE-2024-47081
Resolves: RHEL-104741

[4.2.1-129.12]
- fence_ibm_vpc: add apikey file support
Resolves: RHEL-107506

[4.2.1-129.11]
- fence_aliyun: add credentials file support
Resolves: RHEL-99338

[4.2.1-129.8]
- fence_ibm_powervs: add private endpoint and token file support
Resolves: RHEL-65025

[4.2.1-129.7]
- fence_azure_arm: use azure-identity instead of msrestazure, which has
been deprecated
Resolves: RHEL-76492



ELSA-2026-1226 Important: Oracle Linux 8 python3.12-urllib3 security update


Oracle Linux Security Advisory ELSA-2026-1226

http://linux.oracle.com/errata/ELSA-2026-1226.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-urllib3-1.26.19-2.el8_10.noarch.rpm

aarch64:
python3.12-urllib3-1.26.19-2.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python3.12-urllib3-1.26.19-2.el8_10.src.rpm

Related CVEs:

CVE-2025-66418
CVE-2025-66471
CVE-2026-21441

Description of changes:

[1.26.19-2]
- Security fix for CVE-2025-66471
- Security fix for CVE-2025-66418
- Security fix for CVE-2026-21441
Resolves: RHEL-139409



ELSA-2026-1142 Important: Oracle Linux 8 kernel security update


Oracle Linux Security Advisory ELSA-2026-1142

http://linux.oracle.com/errata/ELSA-2026-1142.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.97.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.97.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.97.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.97.1.el8_10.x86_64.rpm
perf-4.18.0-553.97.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.97.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.97.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.97.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.97.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.97.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.97.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.97.1.el8_10.aarch64.rpm
perf-4.18.0-553.97.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.97.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.97.1.el8_10.src.rpm

Related CVEs:

CVE-2023-53673
CVE-2025-40154
CVE-2025-40248
CVE-2025-40277

Description of changes:

[4.18.0-553.97.1]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 =32 (John J Coleman) [RHEL-111354]
- xen: Fix x86 sched_clock() interface for xen (John J Coleman) [RHEL-111354]
- x86/xen/time: Output xen sched_clock time from 0 (John J Coleman) [RHEL-111354]

[4.18.0-553.95.1]
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (Olga Kornievskaia) [RHEL-132819]
- vsock: Ignore signal/timeout on connect() if already established (CKI Backport Bot) [RHEL-139273] {CVE-2025-40248}
- scsi: lpfc: avoid crashing in lpfc_nlp_get() if lpfc_nodelist was freed (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Update PRLO handling in direct attached topology (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Add condition to delete ndlp object after sending BLS_RJT to an ABTS (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN processing for ndlps (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute for Fabric nodes (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix possible file string name overflow when updating firmware (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Validate ELS LS_ACC completion payload (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Revise NPIV ELS unsol rcv cmpl logic to drop ndlp based on nlp_state (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fill in missing ndlp kref puts in error paths (Ewan D. Milne) [RHEL-32324]
- scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login (Ewan D. Milne) [RHEL-32324]



ELSA-2026-0932 Important: Oracle Linux 8 java-1.8.0-openjdk security update


Oracle Linux Security Advisory ELSA-2026-0932

http://linux.oracle.com/errata/ELSA-2026-0932.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-1.8.0-openjdk-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-demo-fastdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-demo-slowdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-devel-fastdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-devel-slowdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-fastdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-headless-fastdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-headless-slowdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.482.b08-1.0.1.el8.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.482.b08-1.0.1.el8.noarch.rpm
java-1.8.0-openjdk-slowdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-src-fastdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm
java-1.8.0-openjdk-src-slowdebug-1.8.0.482.b08-1.0.1.el8.x86_64.rpm

aarch64:
java-1.8.0-openjdk-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-demo-fastdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-demo-slowdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-devel-fastdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-devel-slowdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-fastdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-headless-fastdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-headless-slowdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.482.b08-1.0.1.el8.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.482.b08-1.0.1.el8.noarch.rpm
java-1.8.0-openjdk-slowdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-src-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-src-fastdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm
java-1.8.0-openjdk-src-slowdebug-1.8.0.482.b08-1.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/java-1.8.0-openjdk-1.8.0.482.b08-1.0.1.el8.src.rpm

Related CVEs:

CVE-2025-64720
CVE-2025-65018
CVE-2026-21925
CVE-2026-21933
CVE-2026-21945

Description of changes:

[1.8.0.482.b08-1.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]

[1:1.8.0.482.b08-1]
- Update to 8u482-b08 (GA).
- Update release notes for 8u482-b08.
- Remove generated-configure.sh changes from JDK-8141590 & FIPS patch as we already autogenerate this
- Turn on system FreeType as on later JDK versions and add to _privatelibs
- Set bundled FreeType version to 2.13.2 following JDK-8316028
- Bump LCMS 2 version to 2.14.0 following JDK-8297088
- Bump libpng version to 1.6.51 following JDK-8372534
- Update FIPS patch to include nss.fips.cfg that grants CKA_ENCRYPT
- Handle 'upgrade' as an alternative to 'update' in openjdk_news.sh
- Sync the copy of the portable specfile with the latest update
- ** This tarball is embargoed until 2026-01-20 @ 1pm PT. **
- Resolves: RHEL-142689
- Resolves: RHEL-139521
- Resolves: RHEL-131446
- Resolves: RHEL-131459
- Resolves: RHEL-142865
- Resolves: RHEL-142696

[1:1.8.0.472.b08-2]
- Bump rpmrelease for CentOS build
- Add scripts to handle tagging of portable-based RPMs
- Related: RHEL-118769
- Related: RHEL-119444
- Related: RHEL-118781



ELSA-2026-0928 Important: Oracle Linux 8 java-21-openjdk security update


Oracle Linux Security Advisory ELSA-2026-0928

http://linux.oracle.com/errata/ELSA-2026-0928.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-21-openjdk-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-demo-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-demo-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-demo-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-devel-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-devel-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-devel-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-headless-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-headless-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-headless-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-javadoc-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-javadoc-zip-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-jmods-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-jmods-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-jmods-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-src-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-src-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-src-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-static-libs-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-static-libs-fastdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm
java-21-openjdk-static-libs-slowdebug-21.0.10.0.7-1.0.1.el8.x86_64.rpm

aarch64:
java-21-openjdk-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-demo-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-demo-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-demo-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-devel-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-devel-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-devel-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-headless-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-headless-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-headless-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-javadoc-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-javadoc-zip-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-jmods-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-jmods-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-jmods-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-src-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-src-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-src-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-static-libs-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-static-libs-fastdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm
java-21-openjdk-static-libs-slowdebug-21.0.10.0.7-1.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/java-21-openjdk-21.0.10.0.7-1.0.1.el8.src.rpm

Related CVEs:

CVE-2025-64720
CVE-2025-65018
CVE-2026-21925
CVE-2026-21933
CVE-2026-21945

Description of changes:

[1:21.0.10.0.7-1.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]

[1:21.0.10.0.7-1]
- Update to jdk-21.0.10+7 (GA)
- Update release notes to 21.0.10+7
- Bump libpng version to 1.6.51 following JDK-8372534
- Update FIPS patch to include nss.fips.cfg that grants CKA_ENCRYPT
- Handle 'upgrade' as an alternative to 'update' in openjdk_news.sh
- Sync the copy of the portable specfile with the latest update
- Resolves: RHEL-142858
- Resolves: RHEL-139526
- Resolves: RHEL-131450
- Resolves: RHEL-131463
- Resolves: RHEL-142860
- Resolves: RHEL-142819
- ** This tarball is embargoed until 2026-01-20 @ 1pm PT. **

[1:21.0.9.0.10-2]
- Bump rpmrelease for CentOS build
- Add scripts to handle tagging of portable-based RPMs
- Related: RHEL-118773
- Related: RHEL-119450



ELSA-2026-50071 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50071

http://linux.oracle.com/errata/ELSA-2026-50071.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.351.3.3.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.351.3.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.351.3.3.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.351.3.3.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.351.3.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.351.3.3.el8uek.src.rpm

Related CVEs:

CVE-2025-40022

Description of changes:

[5.4.17-2136.351.3.3]
- crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (Eric Biggers) [Orabug: 38884602] {CVE-2025-40022}



ELSA-2026-50071 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50071

http://linux.oracle.com/errata/ELSA-2026-50071.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.351.3.3.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.351.3.3.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.351.3.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.351.3.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.351.3.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.351.3.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.351.3.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.351.3.3.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.351.3.3.el7uek.src.rpm

Related CVEs:

CVE-2025-40022

Description of changes:

[5.4.17-2136.351.3.3]
- crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (Eric Biggers) [Orabug: 38884602] {CVE-2025-40022}



ELSA-2026-0367 Important: Oracle Linux 7 mariadb security update


Oracle Linux Security Advisory ELSA-2026-0367

http://linux.oracle.com/errata/ELSA-2026-0367.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
mariadb-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-bench-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-devel-5.5.68-1.0.1.el7.i686.rpm
mariadb-devel-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-embedded-5.5.68-1.0.1.el7.i686.rpm
mariadb-embedded-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-embedded-devel-5.5.68-1.0.1.el7.i686.rpm
mariadb-embedded-devel-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-libs-5.5.68-1.0.1.el7.i686.rpm
mariadb-libs-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-server-5.5.68-1.0.1.el7.x86_64.rpm
mariadb-test-5.5.68-1.0.1.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mariadb-5.5.68-1.0.1.el7.src.rpm

Related CVEs:

CVE-2025-13699

Description of changes:

[1:5.5.68-1.0.1]
- Fixes CVE-2025-13699, remote code execution via improper path validation [Orabug: 38829265]
- Fixes failing SSL and timezone tests



ELSA-2026-0079 Moderate: Oracle Linux 7 perl security update


Oracle Linux Security Advisory ELSA-2026-0079

http://linux.oracle.com/errata/ELSA-2026-0079.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-5.16.3-299.0.1.el7_9.x86_64.rpm
perl-CPAN-1.9800-299.0.1.el7_9.noarch.rpm
perl-ExtUtils-CBuilder-0.28.2.6-299.0.1.el7_9.noarch.rpm
perl-ExtUtils-Embed-1.30-299.0.1.el7_9.noarch.rpm
perl-ExtUtils-Install-1.58-299.0.1.el7_9.noarch.rpm
perl-IO-Zlib-1.10-299.0.1.el7_9.noarch.rpm
perl-Locale-Maketext-Simple-0.21-299.0.1.el7_9.noarch.rpm
perl-Module-CoreList-2.76.02-299.0.1.el7_9.noarch.rpm
perl-Module-Loaded-0.08-299.0.1.el7_9.noarch.rpm
perl-Object-Accessor-0.42-299.0.1.el7_9.noarch.rpm
perl-Package-Constants-0.02-299.0.1.el7_9.noarch.rpm
perl-Pod-Escapes-1.04-299.0.1.el7_9.noarch.rpm
perl-Time-Piece-1.20.1-299.0.1.el7_9.x86_64.rpm
perl-core-5.16.3-299.0.1.el7_9.x86_64.rpm
perl-devel-5.16.3-299.0.1.el7_9.i686.rpm
perl-devel-5.16.3-299.0.1.el7_9.x86_64.rpm
perl-libs-5.16.3-299.0.1.el7_9.i686.rpm
perl-libs-5.16.3-299.0.1.el7_9.x86_64.rpm
perl-macros-5.16.3-299.0.1.el7_9.x86_64.rpm
perl-tests-5.16.3-299.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/perl-5.16.3-299.0.1.el7_9.src.rpm

Related CVEs:

CVE-2023-31484

Description of changes:

[4:5.16.3-299.0.1]
- Fixed CVE-2023-31484 verify TLS certificates [Orabug: 38816274]



ELBA-2025-22492 Oracle Linux 7 ca-certificates bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-22492

http://linux.oracle.com/errata/ELBA-2025-22492.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
ca-certificates-2025.2.80_v9.0.304-71.0.1.el7_9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ca-certificates-2025.2.80_v9.0.304-71.0.1.el7_9.src.rpm

Description of changes:

[2025.2.80_v9.0.304-71.0.1]
- Resolve ELBA-2025-22492 [Orabug: 38712242]
- Update to CKBI 2.80_v9.0.304 from NSS 3.114
- Adding:
- # Certificate "TWCA CYBER Root CA"
- # Certificate "TWCA Global Root CA G2"
- # Certificate "SecureSign Root CA12"
- # Certificate "SecureSign Root CA14"
- # Certificate "SecureSign Root CA15"
- # Certificate "D-TRUST BR Root CA 2 2023"
- # Certificate "TrustAsia SMIME ECC Root CA"
- # Certificate "TrustAsia SMIME RSA Root CA"
- # Certificate "TrustAsia TLS ECC Root CA"
- # Certificate "TrustAsia TLS RSA Root CA"
- # Certificate "D-TRUST EV Root CA 2 2023"
- # Certificate "SwissSign RSA SMIME Root CA 2022 - 1"
- # Certificate "SwissSign RSA TLS Root CA 2022 - 1"
- # Certificate "Sectigo Public Code Signing Root R46"
- # Certificate "Sectigo Public Code Signing Root E46"


OpenJDK, Python, OpenSSL updates for AlmaLinux

Xen, Kernel-Firmware, OpenSSL, and more updates for SUSE Linux

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...