Oracle Linux has received several security updates, including the Thunderbird, kernel, Firefox, redis:6, and apache-commons-beanutils security updates:

ELSA-2025-12188 Important: Oracle Linux 10 thunderbird security update
ELSA-2025-11855 Moderate: Oracle Linux 10 kernel security update
ELSA-2025-11797 Important: Oracle Linux 10 firefox security update
ELSA-2025-12006 Important: Oracle Linux 8 redis:6 security update
ELSA-2025-10814 Important: Oracle Linux 7 apache-commons-beanutils security update

ELSA-2025-12188 Important: Oracle Linux 10 thunderbird security update

Oracle Linux Security Advisory ELSA-2025-12188

http://linux.oracle.com/errata/ELSA-2025-12188.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.13.0-3.0.1.el10_0.x86_64.rpm

aarch64:
thunderbird-128.13.0-3.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/thunderbird-128.13.0-3.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-8027
CVE-2025-8028
CVE-2025-8029
CVE-2025-8030
CVE-2025-8031
CVE-2025-8032
CVE-2025-8033
CVE-2025-8034
CVE-2025-8035

Description of changes:

[128.13.0-3.0.1]
- Add Oracle prefs

[128.13.0-3]
- Update to 128.13.0 build3

[128.13.0-2]
- Update to 128.13.0 build2

[128.13.0-1]
- Update to 128.13.0 build1

ELSA-2025-11855 Moderate: Oracle Linux 10 kernel security update

Oracle Linux Security Advisory ELSA-2025-11855

http://linux.oracle.com/errata/ELSA-2025-11855.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-abi-stablelists-6.12.0-55.24.1.0.1.el10_0.noarch.rpm
kernel-core-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-cross-headers-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-core-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-matched-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-core-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-extra-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-debug-uki-virt-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-devel-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-devel-matched-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-doc-6.12.0-55.24.1.0.1.el10_0.noarch.rpm
kernel-headers-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-modules-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-modules-core-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-modules-extra-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-tools-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-devel-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-addons-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
libperf-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
perf-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
python3-perf-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
rtla-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm
rv-6.12.0-55.24.1.0.1.el10_0.x86_64.rpm

aarch64:
kernel-cross-headers-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
kernel-headers-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
kernel-tools-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-devel-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
libperf-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
perf-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
python3-perf-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
rtla-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm
rv-6.12.0-55.24.1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-6.12.0-55.24.1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-22091
CVE-2025-22121
CVE-2025-37797
CVE-2025-38088
CVE-2025-38110

Description of changes:

[6.12.0-55.24.1.0.1.el10_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 = 26-7
- Remove BuildRequires on commons-collections-testframework

[1.8.3-12]
- Remove workaround for rpm bug #646523

[1.8.3-11]
- Rebuild to regenerate API documentation
- Resolves: CVE-2013-1571

[1.8.3-10]
- Build with xmvn
- Don't generate extra JARs
- Simplify build dependencies
- Update to current packaging guidelines

[1.8.3-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

[1.8.3-8]
- Update for https://fedoraproject.org/wiki/Fedora_19_Maven_Rebuild
- Replace maven BuildRequires with maven-local

[1.8.3-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

[1.8.3-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

[1.8.3-5]
- Packaging fixes
- Remove unneeded depmap
- Remove versioned jars and javadocs
- Use maven 3 to build

[1.8.3-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

[1.8.3-3]
- Add license to javadoc subpackage

[1.8.3-2]
- Added provides to javadoc subpackage

[1.8.3-1]
- Re-did whole spec file, dropped gcj support
- Rename package (jakarta-commons-beanutils->apache-commons-beanutils)

[0:1.7.0-12.3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

[0:1.7.0-11.3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[0:1.7.0-10.3]
- Fedora-specific: enable GCJ support

[0:1.7.0-10.2]
- Fedora-specific: BuildRequires: java-1.6.0-devel

[0:1.7.0-10.1]
- Fedora-specific: remove repolib
- Fedora-specific: enable JDK6 support

[0:1.7.0-10]
- add flag to build with maven

[0:1.7.0-9]
- add jdk6 patch
- fix repolib

[0:1.7.0-8.jpp5]
- fix duplicate files
- correctly unpack sources
- remove spurious gnu-crypto requirement
- remove spurious javadoc package requirements
- fix javadoc directory
- fix build-classpath call
- use macros

[0:1.7.0-7]
- First JPP5 build

[0:1.7.0-6jpp]
- Make Vendor, Distribution based on macro
- Fix aot build
- Add poms and depmap frags
- Build with maven1 by default
- Add manual subpackage when built with maven

[0:1.7.0-2jpp.ep1.2]
- Fix repolib location

[0:1.7.0-2jpp.ep1.1]
- New repolib location

[0:1.7.0-2jpp.el4ep1.3]
- Remove pre section used for RHUG cleanup

[0:1.7.0-2jpp.el4ep1.2]
- Add -brew suffix

[0:1.7.0-2jpp.el4ep1.1]
- Add repolib support

[0:1.7.0-5jpp]
- Require what is used in post/postun for javadoc

[0:1.7.0-4jpp]
- Add AOT bits

[0:1.7.0-3jpp]
- Add header
- Remove unecessary macro definitions

[0:1.7.0-2jpp_1rh]
- Merge with upstream

[0:1.7.0-1jpp_3rh]
- Fix build so that collections jar is created

[0:1.7.0-2jpp]
- Use the "dist" target to get a full build, including bean-collections

[0:1.7.0-1jpp_1rh]
- Import from upstream

[0:1.7.0-1jpp]
- Upgrade to 1.7.0

[0:1.6.1-4jpp_6rh]
- add coreutils BuildRequires

[0:1.6.1-5jpp]
- Rebuild with ant-1.6.2

[0:1.6.1-4jpp_5rh]
- Added trigger to restore symlinks that are removed if ugrading
from a commons-beanutils rhug package

[0:1.6.1-4jpp_4rh]
- more of the same, for version-suffixed .jar files

[0:1.6.1-4jpp_3rh]
- add RHUG upgrade cleanup

[0:1.6.1-4jpp_2rh]
- RH vacuuming part II

[0:1.6.1-4jpp_1rh]
- RH vacuuming

[0:1.6.1-4jpp]
- update for JPackage 1.5

[1.6.1-2jpp]
- fix ASF license and add packager name

[1.6.1-1jpp]
- 1.6.1

[1.6-1jpp]
- 1.6

[1.5-1jpp]
- 1.5

[1.4.1-1jpp]
- 1.4.1

[1.4-1jpp]
- 1.4

[1.3-3jpp]
- change to commons-xxx.jar instead of commons-xxx.home in ant parameters

[1.3-2jpp]
- use sed instead of bash 2.x extension in link area to make spec compatible
with distro using bash 1.1x

[1.3-1jpp]
- 1.3
- added short names in %{_javadir}, as does jakarta developpers
- first jPackage release