Kernel, PostgreSQL, Podman, and more updates for Oracle Linux

Oracle Linux 6312 Published One week ago by Philipp Esselbach

News

ELSA-2025-3026 Important: Oracle Linux 8 kernel security update

Oracle Linux Security Advisory ELSA-2025-3026

http://linux.oracle.com/errata/ELSA-2025-3026.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.45.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.45.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.45.1.el8_10.x86_64.rpm
perf-4.18.0-553.45.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.45.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.45.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.45.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.45.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.45.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.45.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.45.1.el8_10.aarch64.rpm
perf-4.18.0-553.45.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.45.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.45.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.45.1.el8_10.src.rpm

Related CVEs:

CVE-2023-52922

Description of changes:

[4.18.0-553.45.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 skb before dev_kfree_skb_any() (Joshua Washington) [RHEL-73269] {CVE-2024-40937}
- gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [RHEL-73269]
- can: bcm: Fix UAF in bcm_proc_show() (CKI Backport Bot) [RHEL-80733] {CVE-2023-52922}
- gfs2: glock holder GL_NOPID fix (Andreas Gruenbacher) [RHEL-80694]
- gfs2: Decode missing glock flags in tracepoints (Andreas Gruenbacher) [RHEL-80694]
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (Mete Durlu) [RHEL-79810]
- net: smc: fix spurious error message from __sock_release() (Mete Durlu) [RHEL-79812]

ELSA-2025-3082 Important: Oracle Linux 8 postgresql:12 security update

Oracle Linux Security Advisory ELSA-2025-3082

http://linux.oracle.com/errata/ELSA-2025-3082.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pgaudit-1.4.0-7.module+el8.10.0+90397+67dad74f.x86_64.rpm
pg_repack-1.4.6-3.module+el8.9.0+90107+c48bae1a.x86_64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.9.0+90107+c48bae1a.x86_64.rpm
postgresql-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-contrib-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-docs-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-plperl-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-plpython3-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-pltcl-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-server-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-server-devel-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-static-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-test-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-test-rpm-macros-12.22-3.module+el8.10.0+90540+03ca8735.noarch.rpm
postgresql-upgrade-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm
postgresql-upgrade-devel-12.22-3.module+el8.10.0+90540+03ca8735.x86_64.rpm

aarch64:
pgaudit-1.4.0-7.module+el8.10.0+90397+67dad74f.aarch64.rpm
pg_repack-1.4.6-3.module+el8.9.0+90107+c48bae1a.aarch64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.9.0+90107+c48bae1a.aarch64.rpm
postgresql-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-contrib-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-docs-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-plperl-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-plpython3-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-pltcl-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-server-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-server-devel-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-static-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-test-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-test-rpm-macros-12.22-3.module+el8.10.0+90540+03ca8735.noarch.rpm
postgresql-upgrade-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm
postgresql-upgrade-devel-12.22-3.module+el8.10.0+90540+03ca8735.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pgaudit-1.4.0-7.module+el8.10.0+90397+67dad74f.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//pg_repack-1.4.6-3.module+el8.9.0+90107+c48bae1a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//postgres-decoderbufs-0.10.0-2.module+el8.9.0+90107+c48bae1a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//postgresql-12.22-3.module+el8.10.0+90540+03ca8735.src.rpm

Related CVEs:

CVE-2025-1094

Description of changes:

pgaudit
postgres-decoderbufs
postgresql
[12.22-3]
- Fix backport for CVE-2025-1094

[12.22-2]
- Backport fix for CVE-2025-1094

ELBA-2025-3394 Oracle Linux 8 tzdata bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-3394

http://linux.oracle.com/errata/ELBA-2025-3394.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
tzdata-2025b-1.0.1.el8.noarch.rpm
tzdata-java-2025b-1.0.1.el8.noarch.rpm

aarch64:
tzdata-2025b-1.0.1.el8.noarch.rpm
tzdata-java-2025b-1.0.1.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tzdata-2025b-1.0.1.el8.src.rpm

Description of changes:

[2025b-1.0.1]
- Use javac 1.6 or newer

[2025b-1]
- Update to tzdata-2025b (RHEL-84748)
- Chile's Aysén Region moves from -04/-03
to -03 year-round, diverging from America/Santiago and
creating a new zone America/Coyhaique.

ELBA-2025-3110 Oracle Linux 8 mesa bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-3110

http://linux.oracle.com/errata/ELBA-2025-3110.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
mesa-dri-drivers-23.1.4-4.el8_10.i686.rpm
mesa-dri-drivers-23.1.4-4.el8_10.x86_64.rpm
mesa-filesystem-23.1.4-4.el8_10.i686.rpm
mesa-filesystem-23.1.4-4.el8_10.x86_64.rpm
mesa-libEGL-23.1.4-4.el8_10.i686.rpm
mesa-libEGL-23.1.4-4.el8_10.x86_64.rpm
mesa-libEGL-devel-23.1.4-4.el8_10.i686.rpm
mesa-libEGL-devel-23.1.4-4.el8_10.x86_64.rpm
mesa-libGL-23.1.4-4.el8_10.i686.rpm
mesa-libGL-23.1.4-4.el8_10.x86_64.rpm
mesa-libGL-devel-23.1.4-4.el8_10.i686.rpm
mesa-libGL-devel-23.1.4-4.el8_10.x86_64.rpm
mesa-libOSMesa-23.1.4-4.el8_10.i686.rpm
mesa-libOSMesa-23.1.4-4.el8_10.x86_64.rpm
mesa-libgbm-23.1.4-4.el8_10.i686.rpm
mesa-libgbm-23.1.4-4.el8_10.x86_64.rpm
mesa-libglapi-23.1.4-4.el8_10.i686.rpm
mesa-libglapi-23.1.4-4.el8_10.x86_64.rpm
mesa-libxatracker-23.1.4-4.el8_10.i686.rpm
mesa-libxatracker-23.1.4-4.el8_10.x86_64.rpm
mesa-vdpau-drivers-23.1.4-4.el8_10.i686.rpm
mesa-vdpau-drivers-23.1.4-4.el8_10.x86_64.rpm
mesa-vulkan-devel-23.1.4-4.el8_10.i686.rpm
mesa-vulkan-devel-23.1.4-4.el8_10.x86_64.rpm
mesa-vulkan-drivers-23.1.4-4.el8_10.i686.rpm
mesa-vulkan-drivers-23.1.4-4.el8_10.x86_64.rpm
mesa-libOSMesa-devel-23.1.4-4.el8_10.i686.rpm
mesa-libOSMesa-devel-23.1.4-4.el8_10.x86_64.rpm
mesa-libgbm-devel-23.1.4-4.el8_10.i686.rpm
mesa-libgbm-devel-23.1.4-4.el8_10.x86_64.rpm

aarch64:
mesa-dri-drivers-23.1.4-4.el8_10.aarch64.rpm
mesa-filesystem-23.1.4-4.el8_10.aarch64.rpm
mesa-libEGL-23.1.4-4.el8_10.aarch64.rpm
mesa-libEGL-devel-23.1.4-4.el8_10.aarch64.rpm
mesa-libGL-23.1.4-4.el8_10.aarch64.rpm
mesa-libGL-devel-23.1.4-4.el8_10.aarch64.rpm
mesa-libOSMesa-23.1.4-4.el8_10.aarch64.rpm
mesa-libgbm-23.1.4-4.el8_10.aarch64.rpm
mesa-libglapi-23.1.4-4.el8_10.aarch64.rpm
mesa-libxatracker-23.1.4-4.el8_10.aarch64.rpm
mesa-vdpau-drivers-23.1.4-4.el8_10.aarch64.rpm
mesa-libOSMesa-devel-23.1.4-4.el8_10.aarch64.rpm
mesa-libgbm-devel-23.1.4-4.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//mesa-23.1.4-4.el8_10.src.rpm

Description of changes:

[23.1.4-4]
- Fix two nouveau bugs for customer (RHEL-54452)

ELSA-2025-20190 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20190

http://linux.oracle.com/errata/ELSA-2025-20190.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.341.3.3.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.341.3.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.341.3.3.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.341.3.3.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.341.3.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.341.3.3.el8uek.src.rpm

Related CVEs:

CVE-2024-39494
CVE-2024-57892

Description of changes:

[5.4.17-2136.341.3.3.el8uek]
- ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 37727037] {CVE-2024-39494}

[5.4.17-2136.341.3.2.el8uek]
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam) [Orabug: 37707634] {CVE-2024-57892}
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi) [Orabug: 37707634]

ELSA-2025-3336 Important: Oracle Linux 9 podman security update

Oracle Linux Security Advisory ELSA-2025-3336

http://linux.oracle.com/errata/ELSA-2025-3336.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
podman-5.2.2-15.0.1.el9_5.x86_64.rpm
podman-docker-5.2.2-15.0.1.el9_5.noarch.rpm
podman-plugins-5.2.2-15.0.1.el9_5.x86_64.rpm
podman-remote-5.2.2-15.0.1.el9_5.x86_64.rpm
podman-tests-5.2.2-15.0.1.el9_5.x86_64.rpm

aarch64:
podman-5.2.2-15.0.1.el9_5.aarch64.rpm
podman-docker-5.2.2-15.0.1.el9_5.noarch.rpm
podman-plugins-5.2.2-15.0.1.el9_5.aarch64.rpm
podman-remote-5.2.2-15.0.1.el9_5.aarch64.rpm
podman-tests-5.2.2-15.0.1.el9_5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//podman-5.2.2-15.0.1.el9_5.src.rpm

Related CVEs:

CVE-2025-22869

Description of changes:

[5.2.2-15.0.1]
- podman: do not set rlimits to the default value [Orabug: 37310981]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[4:5.2.2-15]
- update to the latest content of https://github.com/containers/podman/tree/v5.2-rhel
( https://github.com/containers/podman/commit/a2d774c)
- fixes "Excessive memory leak due to uncontrolled accumulation of health.log entries in Podman 5.x - [RHEL 9.5] Zstream"
- Resolves: RHEL-83558

[4:5.2.2-14]
- update to the latest content of https://github.com/containers/podman/tree/v5.2-rhel
( https://github.com/containers/podman/commit/ea1bef4)
- fixes "CVE-2025-22869 podman: Potential denial of service in golang.org/x/crypto [rhel-9.5.z]"
- Resolves: RHEL-81318

ELSA-2025-3262 Moderate: Oracle Linux 9 nginx:1.24 security update

Oracle Linux Security Advisory ELSA-2025-3262

http://linux.oracle.com/errata/ELSA-2025-3262.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-all-modules-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm
nginx-core-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-filesystem-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm
nginx-mod-devel-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-mod-http-image-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-mod-http-perl-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-mod-http-xslt-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-mod-mail-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm
nginx-mod-stream-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm

aarch64:
nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-all-modules-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm
nginx-core-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-filesystem-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm
nginx-mod-devel-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-mod-http-image-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-mod-http-perl-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-mod-http-xslt-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-mod-mail-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
nginx-mod-stream-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.src.rpm

Related CVEs:

CVE-2024-7347

Description of changes:

[1.24.0-4.0.1.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]

[1:1.24.0-4.1]
- Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)

[1:1.24.0-4]
- Resolves: RHEL-49350 - nginx worker processes memory leak

[1:1.24.0-3]
- Resolves: RHEL-40622 - openssl 3.2 ENGINE regression in nginx

[1:1.24.0-2]
- Resolves: RHEL-38498 - Nginx seg faults when proxy_ssl_certificate is set

[1:1.24.0-1]
- new version 1.24.0

[1:1.22.1-5]
- Resolves: RHEL-12737 - nginx:1.22/nginx: HTTP/2: Multiple HTTP/2 enabled web
servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

[1:1.22.1-4]
- Resolves: #2170808 - Running nginx with systemctl and entering ssl
private key's pass phrase
- added new ssl_pass_phrase_dialog directive which enables setting
external program for entering password for encrypted private key

ELSA-2025-3208 Important: Oracle Linux 9 kernel security update

Oracle Linux Security Advisory ELSA-2025-3208

http://linux.oracle.com/errata/ELSA-2025-3208.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.4.0-503.34.1.el9_5.x86_64.rpm
kernel-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-abi-stablelists-5.14.0-503.34.1.el9_5.noarch.rpm
kernel-core-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-core-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-devel-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-devel-matched-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-modules-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-modules-core-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-modules-extra-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-debug-uki-virt-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-devel-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-devel-matched-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-doc-5.14.0-503.34.1.el9_5.noarch.rpm
kernel-headers-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-modules-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-modules-core-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-modules-extra-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-tools-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-tools-libs-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-uki-virt-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-uki-virt-addons-5.14.0-503.34.1.el9_5.x86_64.rpm
perf-5.14.0-503.34.1.el9_5.x86_64.rpm
python3-perf-5.14.0-503.34.1.el9_5.x86_64.rpm
rtla-5.14.0-503.34.1.el9_5.x86_64.rpm
rv-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-cross-headers-5.14.0-503.34.1.el9_5.x86_64.rpm
kernel-tools-libs-devel-5.14.0-503.34.1.el9_5.x86_64.rpm
libperf-5.14.0-503.34.1.el9_5.x86_64.rpm

aarch64:
bpftool-7.4.0-503.34.1.el9_5.aarch64.rpm
kernel-headers-5.14.0-503.34.1.el9_5.aarch64.rpm
kernel-tools-5.14.0-503.34.1.el9_5.aarch64.rpm
kernel-tools-libs-5.14.0-503.34.1.el9_5.aarch64.rpm
perf-5.14.0-503.34.1.el9_5.aarch64.rpm
python3-perf-5.14.0-503.34.1.el9_5.aarch64.rpm
rtla-5.14.0-503.34.1.el9_5.aarch64.rpm
rv-5.14.0-503.34.1.el9_5.aarch64.rpm
kernel-cross-headers-5.14.0-503.34.1.el9_5.aarch64.rpm
kernel-tools-libs-devel-5.14.0-503.34.1.el9_5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.34.1.el9_5.src.rpm

Related CVEs:

CVE-2025-21785

Description of changes:

[5.14.0-503.34.1.el9_5.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64

Kernel, Jinja, Grub, Freetype updates for AlmaLinux

Firefox and Thunderbird updates for Slackware

Kernel, PostgreSQL, Podman, and more updates for Oracle Linux

ELSA-2025-3026 Important: Oracle Linux 8 kernel security update

ELSA-2025-3082 Important: Oracle Linux 8 postgresql:12 security update

ELBA-2025-3394 Oracle Linux 8 tzdata bug fix and enhancement update

ELBA-2025-3110 Oracle Linux 8 mesa bug fix update

ELSA-2025-20190 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

ELSA-2025-3336 Important: Oracle Linux 9 podman security update

ELSA-2025-3262 Moderate: Oracle Linux 9 nginx:1.24 security update

ELSA-2025-3208 Important: Oracle Linux 9 kernel security update

Windows

Linux

macOS

Community