Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-5146 http://linux.oracle.com/errata/ELSA-2026-5146.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: yggdrasil-0.4.8-3.el10_1.x86_64.rpm yggdrasil-devel-0.4.8-3.el10_1.x86_64.rpm aarch64: yggdrasil-0.4.8-3.el10_1.aarch64.rpm yggdrasil-devel-0.4.8-3.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/yggdrasil-0.4.8-3.el10_1.src.rpm Related CVEs: CVE-2025-61726 CVE-2025-61729 CVE-2025-68121 Description of changes: [0.4.8-3] - Bump release for rebuild _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-3341 http://linux.oracle.com/errata/ELSA-2026-3341.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: containernetworking-plugins-1.7.1-3.el9_7.x86_64.rpm aarch64: containernetworking-plugins-1.7.1-3.el9_7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/containernetworking-plugins-1.7.1-3.el9_7.src.rpm Related CVEs: CVE-2025-61726 CVE-2025-61729 CVE-2025-68121 Description of changes: [1:1.7.1-3] - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146859 [1:1.7.1-2] - rebuild for CVE-2025-22871 - Resolves: RHEL-90030 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7457 http://linux.oracle.com/errata/ELSA-2025-7457.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: exiv2-0.28.3-3.el10_0.2.x86_64.rpm exiv2-devel-0.28.3-3.el10_0.2.x86_64.rpm exiv2-doc-0.28.3-3.el10_0.2.noarch.rpm exiv2-libs-0.28.3-3.el10_0.2.x86_64.rpm aarch64: exiv2-0.28.3-3.el10_0.2.aarch64.rpm exiv2-devel-0.28.3-3.el10_0.2.aarch64.rpm exiv2-doc-0.28.3-3.el10_0.2.noarch.rpm exiv2-libs-0.28.3-3.el10_0.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/exiv2-0.28.3-3.el10_0.2.src.rpm Related CVEs: CVE-2025-26623 Description of changes: [0.28.3-3.2] - Revert: remove rpath patch Resolves: RHEL-80106 - Fix CVE-2025-26623 exiv2: Use After Free Resolves: RHEL-80106 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8506 http://linux.oracle.com/errata/ELSA-2025-8506.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-devel-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-docs-22.16.0-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-full-i18n-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-libs-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm npm-10.9.2-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.x86_64.rpm aarch64: nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-devel-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-docs-22.16.0-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-full-i18n-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-libs-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm npm-10.9.2-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.src.rpm Related CVEs: CVE-2025-23166 Description ofchanges: nodejs [1:22.15-1-1] - Update to 22.16.0 Fixes: CVE-2025-23166 - Resolves: RHEL-91596 RHEL-92859 [1:22.15.0-1] - Update to 22.15.0 - Drop upstream patches [1:22.13.1-4] - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 [1:22.13.1-3] - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86581 [1:22.13.1-2] - Remove obsolete lua pretransaction script from spec file Resolves: RHEL-81117 RHEL-71410 - Disable npm update notifications for users Resolves: RHEL-81080 [22.13.1-1] - Upgrade to version 22.13.1 Fixes CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76362 RHEL-76897 [22.11.0-1] - Upgrade to nodejs 22.11.0. Resolves: RHEL-35991 [22.4.1-4] - Exclude ix86 arches from building. Related: RHEL-35991 [22.4.1-4] - Initial import of nodeJS 22 Resolves: RHEL-35991 nodejs-nodemon nodejs-packaging _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8049 http://linux.oracle.com/errata/ELSA-2025-8049.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.10.1-1.0.1.el9_6.x86_64.rpm firefox-x11-128.10.1-1.0.1.el9_6.x86_64.rpm aarch64: firefox-128.10.1-1.0.1.el9_6.aarch64.rpm firefox-x11-128.10.1-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.10.1-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-4918 CVE-2025-4919 Description of changes: [128.10.1-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [128.10.1] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.10.1-1] - Update to 128.10.1 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7397 http://linux.oracle.com/errata/ELSA-2025-7397.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: skopeo-1.18.1-1.el9_6.x86_64.rpm skopeo-tests-1.18.1-1.el9_6.x86_64.rpm aarch64: skopeo-1.18.1-1.el9_6.aarch64.rpm skopeo-tests-1.18.1-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//skopeo-1.18.1-1.el9_6.src.rpm Related CVEs: CVE-2025-27144 Description of changes: [2:1.18.1-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.18 (https://github.com/containers/skopeo/commit/bfd0850) - fixes "CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-9.6.z]" - Resolves: RHEL-82972 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-4043 http://linux.oracle.com/errata/ELSA-2025-4043.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bluez-5.63-5.el8_10.x86_64.rpm bluez-cups-5.63-5.el8_10.x86_64.rpm bluez-hid2hci-5.63-5.el8_10.x86_64.rpm bluez-libs-5.63-5.el8_10.i686.rpm bluez-libs-5.63-5.el8_10.x86_64.rpm bluez-obexd-5.63-5.el8_10.x86_64.rpm bluez-libs-devel-5.63-5.el8_10.i686.rpm bluez-libs-devel-5.63-5.el8_10.x86_64.rpm aarch64: bluez-5.63-5.el8_10.aarch64.rpm bluez-cups-5.63-5.el8_10.aarch64.rpm bluez-hid2hci-5.63-5.el8_10.aarch64.rpm bluez-libs-5.63-5.el8_10.aarch64.rpm bluez-obexd-5.63-5.el8_10.aarch64.rpm bluez-libs-devel-5.63-5.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//bluez-5.63-5.el8_10.src.rpm Related CVEs: CVE-2023-27349 CVE-2023-51589 Description of changes: [5.63-5] + bluez-5.63-5 - Resolves: RHEL-35371 - Fixing CVE-2023-27349 - Resolves: RHEL-35492 - Fixing CVE-2023-51589 [5.63-4] + bluez-5.63-4 - Resolves: RHEL-35501 - Fixing CVE-2023-50230 - Resolves: RHEL-35504 - Fixing CVE-2023-50229 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-3845 http://linux.oracle.com/errata/ELSA-2025-3845.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: java-1.8.0-openjdk-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.452.b09-2.0.1.el9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.452.b09-2.0.1.el9.noarch.rpm java-1.8.0-openjdk-src-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-fastdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-slowdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.452.b09-2.0.1.el9.x86_64.rpm aarch64: java-1.8.0-openjdk-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-javadoc-1.8.0.452.b09-2.0.1.el9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.452.b09-2.0.1.el9.noarch.rpm java-1.8.0-openjdk-src-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-fastdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-slowdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.452.b09-2.0.1.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//java-1.8.0-openjdk-1.8.0.452.b09-2.0.1.el9.src.rpm Related CVEs: CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Description of changes: [1:1.8.0.452.b09-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:1.8.0.452.b09-1] - Update to 8u452-b09 (GA) - Update release notes for 8u452-b09. - Remove long option documentation from JDK-8335912/JDK-8337499 as not present in 8u - Require tzdata 2025a due to upstream inclusion of JDK-8347965 - Sync the copy of the portable specfile with the latest update - ** This tarball is embargoed until 2025-04-15 @ 1pm PT. ** - Resolves: RHEL-86976 - Resolves: RHEL-86618 _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.