Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-9466 http://linux.oracle.com/errata/ELSA-2025-9466.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: mod_proxy_cluster-1.3.22-1.el10_0.2.x86_64.rpm aarch64: mod_proxy_cluster-1.3.22-1.el10_0.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/mod_proxy_cluster-1.3.22-1.el10_0.2.src.rpm Related CVEs: CVE-2024-10306 Description of changes: [1.3.22-1.el10_0.2] - Resolves: RHEL-82256 - Update deprecated misspeled EnableMCPMReceive directive [1.3.22-1.el10_0.1] - Resolves: RHEL-80796 - Rebase mod_proxy_cluster to upstream 1.3.22.Final release [1.3.22-1] - Resolves: RHEL-80480 Rebase mod_proxy_cluster to upstream 1.3.22.Final release _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-9156 http://linux.oracle.com/errata/ELSA-2025-9156.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: ipp-usb-0.9.27-3.el10_0.x86_64.rpm aarch64: ipp-usb-0.9.27-3.el10_0.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/golang-github-openprinting-ipp-usb-0.9.27-3.el10_0.src.rpm Related CVEs: CVE-2025-22871 Description of changes: [0.9.27-3] - rebuild to fix CVE-2025-22871 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8196 http://linux.oracle.com/errata/ELSA-2025-8196.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.11.0-1.0.1.el10_0.x86_64.rpm aarch64: thunderbird-128.11.0-1.0.1.el10_0.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/thunderbird-128.11.0-1.0.1.el10_0.src.rpm Related CVEs: CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932 Description of changes: [128.11.0-1.0.1] - Add Oracle prefs [128.11.0-1] - Update to 128.11.0 [128.10.1-1] - Update to 128.10.1 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7491 http://linux.oracle.com/errata/ELSA-2025-7491.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.11.0-1.0.1.el10_0.x86_64.rpm aarch64: firefox-128.11.0-1.0.1.el10_0.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/firefox-128.11.0-1.0.1.el10_0.src.rpm Related CVEs: CVE-2025-3028 CVE-2025-3029 CVE-2025-3030 Description of changes: [128.11.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789] [128.11.0-1] - Update to 128.11.0 [128.10.1-1] - Update to 128.10.1 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8131 http://linux.oracle.com/errata/ELSA-2025-8131.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.3.8-10.el10_0.x86_64.rpm ruby-bundled-gems-3.3.8-10.el10_0.x86_64.rpm ruby-default-gems-3.3.8-10.el10_0.noarch.rpm ruby-devel-3.3.8-10.el10_0.x86_64.rpm ruby-doc-3.3.8-10.el10_0.noarch.rpm ruby-libs-3.3.8-10.el10_0.x86_64.rpm rubygem-bigdecimal-3.1.5-10.el10_0.x86_64.rpm rubygem-bundler-2.5.22-10.el10_0.noarch.rpm rubygem-io-console-0.7.1-10.el10_0.x86_64.rpm rubygem-irb-1.13.1-10.el10_0.noarch.rpm rubygem-json-2.7.2-10.el10_0.x86_64.rpm rubygem-minitest-5.20.0-10.el10_0.noarch.rpm rubygem-power_assert-2.0.3-10.el10_0.noarch.rpm rubygem-psych-5.1.2-10.el10_0.x86_64.rpm rubygem-racc-1.7.3-10.el10_0.x86_64.rpm rubygem-rake-13.1.0-10.el10_0.noarch.rpm rubygem-rbs-3.4.0-10.el10_0.x86_64.rpm rubygem-rdoc-6.6.3.1-10.el10_0.noarch.rpm rubygem-rexml-3.3.9-10.el10_0.noarch.rpm rubygem-rss-0.3.1-10.el10_0.noarch.rpm rubygem-test-unit-3.6.1-10.el10_0.noarch.rpm rubygem-typeprof-0.21.9-10.el10_0.noarch.rpm rubygems-3.5.22-10.el10_0.noarch.rpm rubygems-devel-3.5.22-10.el10_0.noarch.rpm aarch64: ruby-3.3.8-10.el10_0.aarch64.rpm ruby-bundled-gems-3.3.8-10.el10_0.aarch64.rpm ruby-default-gems-3.3.8-10.el10_0.noarch.rpm ruby-devel-3.3.8-10.el10_0.aarch64.rpm ruby-doc-3.3.8-10.el10_0.noarch.rpm ruby-libs-3.3.8-10.el10_0.aarch64.rpm rubygem-bigdecimal-3.1.5-10.el10_0.aarch64.rpm rubygem-bundler-2.5.22-10.el10_0.noarch.rpm rubygem-io-console-0.7.1-10.el10_0.aarch64.rpm rubygem-irb-1.13.1-10.el10_0.noarch.rpm rubygem-json-2.7.2-10.el10_0.aarch64.rpm rubygem-minitest-5.20.0-10.el10_0.noarch.rpm rubygem-power_assert-2.0.3-10.el10_0.noarch.rpm rubygem-psych-5.1.2-10.el10_0.aarch64.rpm rubygem-racc-1.7.3-10.el10_0.aarch64.rpm rubygem-rake-13.1.0-10.el10_0.noarch.rpm rubygem-rbs-3.4.0-10.el10_0.aarch64.rpm rubygem-rdoc-6.6.3.1-10.el10_0.noarch.rpm rubygem-rexml-3.3.9-10.el10_0.noarch.rpm rubygem-rss-0.3.1-10.el10_0.noarch.rpm rubygem-test-unit-3.6.1-10.el10_0.noarch.rpm rubygem-typeprof-0.21.9-10.el10_0.noarch.rpm rubygems-3.5.22-10.el10_0.noarch.rpm rubygems-devel-3.5.22-10.el10_0.noarch.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/ruby-3.3.8-10.el10_0.src.rpm Related CVEs: CVE-2025-25186 CVE-2025-27219 CVE-2025-27221 Description of changes: [3.3.8-10] - Upgrade to Ruby 3.3.8. Resolves: RHEL-87342 - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186) - Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219) Resolves: RHEL-86116 - Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221) _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8047 http://linux.oracle.com/errata/ELSA-2025-8047.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: python3-unbound-1.20.0-10.el10_0.x86_64.rpm unbound-1.20.0-10.el10_0.x86_64.rpm unbound-anchor-1.20.0-10.el10_0.x86_64.rpm unbound-devel-1.20.0-10.el10_0.x86_64.rpm unbound-dracut-1.20.0-10.el10_0.x86_64.rpm unbound-libs-1.20.0-10.el10_0.x86_64.rpm aarch64: python3-unbound-1.20.0-10.el10_0.aarch64.rpm unbound-1.20.0-10.el10_0.aarch64.rpm unbound-anchor-1.20.0-10.el10_0.aarch64.rpm unbound-devel-1.20.0-10.el10_0.aarch64.rpm unbound-dracut-1.20.0-10.el10_0.aarch64.rpm unbound-libs-1.20.0-10.el10_0.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/unbound-1.20.0-10.el10_0.src.rpm Related CVEs: CVE-2024-8508 Description of changes: [1.20.0-10] - Prevent unbounded name compression (CVE-2024-8508) _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7599 http://linux.oracle.com/errata/ELSA-2025-7599.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm aspnetcore-runtime-dbg-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm aspnetcore-targeting-pack-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm dotnet-apphost-pack-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm dotnet-hostfxr-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm dotnet-runtime-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm dotnet-runtime-dbg-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm dotnet-sdk-8.0-8.0.117-1.0.1.el10_0.x86_64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.117-1.0.1.el10_0.x86_64.rpm dotnet-sdk-dbg-8.0-8.0.117-1.0.1.el10_0.x86_64.rpm dotnet-targeting-pack-8.0-8.0.17-1.0.1.el10_0.x86_64.rpm dotnet-templates-8.0-8.0.117-1.0.1.el10_0.x86_64.rpm aarch64: aspnetcore-runtime-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm aspnetcore-runtime-dbg-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm aspnetcore-targeting-pack-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm dotnet-apphost-pack-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm dotnet-hostfxr-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm dotnet-runtime-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm dotnet-runtime-dbg-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm dotnet-sdk-8.0-8.0.117-1.0.1.el10_0.aarch64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.117-1.0.1.el10_0.aarch64.rpm dotnet-sdk-dbg-8.0-8.0.117-1.0.1.el10_0.aarch64.rpm dotnet-targeting-pack-8.0-8.0.17-1.0.1.el10_0.aarch64.rpm dotnet-templates-8.0-8.0.117-1.0.1.el10_0.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/dotnet8.0-8.0.117-1.0.1.el10_0.src.rpm Related CVEs: CVE-2025-26646 Description of changes: [8.0.117-1.0.1] - Add support for Oracle Linux [8.0.117-1] - Update to .NET SDK 8.0.117 and Runtime 8.0.17 - Resolves: RHEL-94416 [8.0.116-2] - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89447 [8.0.115-2] - Update to .NETSDK 8.0.115 and Runtime 8.0.15 - Resolves: RHEL-85275 [8.0.114-2] - Update to .NET SDK 8.0.114 and Runtime 8.0.14 - Resolves: RHEL-81643 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7466 http://linux.oracle.com/errata/ELSA-2025-7466.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: delve-1.24.1-1.0.1.el10_0.x86_64.rpm go-toolset-1.23.7-1.el10_0.x86_64.rpm golang-1.23.7-1.el10_0.x86_64.rpm golang-bin-1.23.7-1.el10_0.x86_64.rpm golang-docs-1.23.7-1.el10_0.noarch.rpm golang-misc-1.23.7-1.el10_0.noarch.rpm golang-src-1.23.7-1.el10_0.noarch.rpm golang-tests-1.23.7-1.el10_0.noarch.rpm aarch64: delve-1.24.1-1.0.1.el10_0.aarch64.rpm go-toolset-1.23.7-1.el10_0.aarch64.rpm golang-1.23.7-1.el10_0.aarch64.rpm golang-bin-1.23.7-1.el10_0.aarch64.rpm golang-docs-1.23.7-1.el10_0.noarch.rpm golang-misc-1.23.7-1.el10_0.noarch.rpm golang-src-1.23.7-1.el10_0.noarch.rpm golang-tests-1.23.7-1.el10_0.noarch.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/delve-1.24.1-1.0.1.el10_0.src.rpm http://oss.oracle.com/ol10/SRPMS-updates/golang-1.23.7-1.el10_0.src.rpm Related CVEs: CVE-2024-45336 CVE-2024-45341 CVE-2025-22866 Description of changes: delve [1.24.1-1.0.1] - Disable DWARF compression which has issues (Alex Burmashev) [1.24.1-1] - Update Delve to 1.24.1 [1.22.1-6] - plans/ci.fmf: Update repo golang [1.23.7-1] - Update to 1.23.7 - golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341) - golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336) - crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866) _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.