ELSA-2025-3556 Important: Oracle Linux 9 firefox security update
ELSA-2025-3506 Moderate: Oracle Linux 9 kernel security update
ELSA-2025-3210 Important: Oracle Linux 8 container-tools:ol8 security update
ELBA-2025-3507 Oracle Linux 8 kernel bug fix update
ELSA-2025-3582 Important: Oracle Linux 8 firefox security update
ELSA-2025-3407 Important: Oracle Linux 9 freetype security update
ELSA-2025-3556 Important: Oracle Linux 9 firefox security update
Oracle Linux Security Advisory ELSA-2025-3556
http://linux.oracle.com/errata/ELSA-2025-3556.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
firefox-128.9.0-2.0.1.el9_5.x86_64.rpm
firefox-x11-128.9.0-2.0.1.el9_5.x86_64.rpm
aarch64:
firefox-128.9.0-2.0.1.el9_5.aarch64.rpm
firefox-x11-128.9.0-2.0.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.9.0-2.0.1.el9_5.src.rpm
Related CVEs:
CVE-2025-3028
CVE-2025-3029
CVE-2025-3030
Description of changes:
[128.9.0-2.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file
[128.9.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)
[128.9.0-2]
- Update to 128.9.0 build2
[128.9.0-1]
- Update to 128.9.0 build1
ELSA-2025-3506 Moderate: Oracle Linux 9 kernel security update
Oracle Linux Security Advisory ELSA-2025-3506
http://linux.oracle.com/errata/ELSA-2025-3506.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-7.4.0-503.35.1.el9_5.x86_64.rpm
kernel-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-abi-stablelists-5.14.0-503.35.1.el9_5.noarch.rpm
kernel-core-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-cross-headers-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-core-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-devel-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-devel-matched-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-modules-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-modules-core-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-modules-extra-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-debug-uki-virt-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-devel-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-devel-matched-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-doc-5.14.0-503.35.1.el9_5.noarch.rpm
kernel-headers-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-modules-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-modules-core-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-modules-extra-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-tools-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-tools-libs-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-tools-libs-devel-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-uki-virt-5.14.0-503.35.1.el9_5.x86_64.rpm
kernel-uki-virt-addons-5.14.0-503.35.1.el9_5.x86_64.rpm
libperf-5.14.0-503.35.1.el9_5.x86_64.rpm
perf-5.14.0-503.35.1.el9_5.x86_64.rpm
python3-perf-5.14.0-503.35.1.el9_5.x86_64.rpm
rtla-5.14.0-503.35.1.el9_5.x86_64.rpm
rv-5.14.0-503.35.1.el9_5.x86_64.rpm
aarch64:
bpftool-7.4.0-503.35.1.el9_5.aarch64.rpm
kernel-cross-headers-5.14.0-503.35.1.el9_5.aarch64.rpm
kernel-headers-5.14.0-503.35.1.el9_5.aarch64.rpm
kernel-tools-5.14.0-503.35.1.el9_5.aarch64.rpm
kernel-tools-libs-5.14.0-503.35.1.el9_5.aarch64.rpm
kernel-tools-libs-devel-5.14.0-503.35.1.el9_5.aarch64.rpm
perf-5.14.0-503.35.1.el9_5.aarch64.rpm
python3-perf-5.14.0-503.35.1.el9_5.aarch64.rpm
rtla-5.14.0-503.35.1.el9_5.aarch64.rpm
rv-5.14.0-503.35.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.35.1.el9_5.src.rpm
Related CVEs:
CVE-2024-43855
Description of changes:
[5.14.0-503.35.1.el9_5.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64
