ELSA-2025-3634 Low: Oracle Linux 9 python3.11 security update
ELSA-2025-3645 Moderate: Oracle Linux 9 tomcat security update
ELSA-2025-3631 Low: Oracle Linux 9 python3.12 security update
ELSA-2025-3617 Important: Oracle Linux 9 gimp security update
ELBA-2025-20214 Oracle Linux 9 kmod bug fix update
ELBA-2025-20213 Oracle Linux 9 kexec-tools bug fix update
ELSA-2025-3683 Moderate: Oracle Linux 8 tomcat security update
ELSA-2025-3615 Important: Oracle Linux 8 libxslt security update
ELBA-2025-20209 Oracle Linux 8 kexec-tools bug fix update
ELSA-2025-2879 Important: Oracle Linux 7 xorg-x11-server security update
ELSA-2025-3634 Low: Oracle Linux 9 python3.11 security update
Oracle Linux Security Advisory ELSA-2025-3634
http://linux.oracle.com/errata/ELSA-2025-3634.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
python3.11-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-devel-3.11.9-7.el9_5.3.i686.rpm
python3.11-devel-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-libs-3.11.9-7.el9_5.3.i686.rpm
python3.11-libs-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-tkinter-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-3.11.9-7.el9_5.3.i686.rpm
python3.11-debug-3.11.9-7.el9_5.3.i686.rpm
python3.11-debug-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-idle-3.11.9-7.el9_5.3.i686.rpm
python3.11-idle-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-test-3.11.9-7.el9_5.3.i686.rpm
python3.11-test-3.11.9-7.el9_5.3.x86_64.rpm
python3.11-tkinter-3.11.9-7.el9_5.3.i686.rpm
aarch64:
python3.11-3.11.9-7.el9_5.3.aarch64.rpm
python3.11-devel-3.11.9-7.el9_5.3.aarch64.rpm
python3.11-libs-3.11.9-7.el9_5.3.aarch64.rpm
python3.11-tkinter-3.11.9-7.el9_5.3.aarch64.rpm
python3.11-debug-3.11.9-7.el9_5.3.aarch64.rpm
python3.11-idle-3.11.9-7.el9_5.3.aarch64.rpm
python3.11-test-3.11.9-7.el9_5.3.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.11-3.11.9-7.el9_5.3.src.rpm
Related CVEs:
CVE-2024-7592
Description of changes:
[3.11.9-7.3]
- Security fix for CVE-2024-7592
Resolves: RHEL-85299
ELSA-2025-3645 Moderate: Oracle Linux 9 tomcat security update
Oracle Linux Security Advisory ELSA-2025-3645
http://linux.oracle.com/errata/ELSA-2025-3645.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
tomcat-9.0.87-2.el9_5.1.noarch.rpm
tomcat-admin-webapps-9.0.87-2.el9_5.1.noarch.rpm
tomcat-docs-webapp-9.0.87-2.el9_5.1.noarch.rpm
tomcat-el-3.0-api-9.0.87-2.el9_5.1.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-2.el9_5.1.noarch.rpm
tomcat-lib-9.0.87-2.el9_5.1.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-2.el9_5.1.noarch.rpm
tomcat-webapps-9.0.87-2.el9_5.1.noarch.rpm
aarch64:
tomcat-9.0.87-2.el9_5.1.noarch.rpm
tomcat-admin-webapps-9.0.87-2.el9_5.1.noarch.rpm
tomcat-docs-webapp-9.0.87-2.el9_5.1.noarch.rpm
tomcat-el-3.0-api-9.0.87-2.el9_5.1.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-2.el9_5.1.noarch.rpm
tomcat-lib-9.0.87-2.el9_5.1.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-2.el9_5.1.noarch.rpm
tomcat-webapps-9.0.87-2.el9_5.1.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//tomcat-9.0.87-2.el9_5.1.src.rpm
Related CVEs:
CVE-2024-50379
CVE-2025-24813
Description of changes:
[1:9.0.87-2.el9_5.1]
- Resolves: RHEL-82946
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
- Resolves: RHEL-71719
tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)
ELSA-2025-3631 Low: Oracle Linux 9 python3.12 security update
Oracle Linux Security Advisory ELSA-2025-3631
http://linux.oracle.com/errata/ELSA-2025-3631.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
python3.12-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-devel-3.12.5-2.el9_5.3.i686.rpm
python3.12-devel-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-libs-3.12.5-2.el9_5.3.i686.rpm
python3.12-libs-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-tkinter-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-3.12.5-2.el9_5.3.i686.rpm
python3.12-debug-3.12.5-2.el9_5.3.i686.rpm
python3.12-debug-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-idle-3.12.5-2.el9_5.3.i686.rpm
python3.12-idle-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-test-3.12.5-2.el9_5.3.i686.rpm
python3.12-test-3.12.5-2.el9_5.3.x86_64.rpm
python3.12-tkinter-3.12.5-2.el9_5.3.i686.rpm
aarch64:
python3.12-3.12.5-2.el9_5.3.aarch64.rpm
python3.12-devel-3.12.5-2.el9_5.3.aarch64.rpm
python3.12-libs-3.12.5-2.el9_5.3.aarch64.rpm
python3.12-tkinter-3.12.5-2.el9_5.3.aarch64.rpm
python3.12-debug-3.12.5-2.el9_5.3.aarch64.rpm
python3.12-idle-3.12.5-2.el9_5.3.aarch64.rpm
python3.12-test-3.12.5-2.el9_5.3.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.12-3.12.5-2.el9_5.3.src.rpm
Related CVEs:
CVE-2024-7592
Description of changes:
[3.12.5-2.3]
- Security fix for CVE-2024-7592
Resolves: RHEL-85300
ELSA-2025-3617 Important: Oracle Linux 9 gimp security update
Oracle Linux Security Advisory ELSA-2025-3617
http://linux.oracle.com/errata/ELSA-2025-3617.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
gimp-2.99.8-4.el9_5.x86_64.rpm
gimp-libs-2.99.8-4.el9_5.i686.rpm
gimp-libs-2.99.8-4.el9_5.x86_64.rpm
aarch64:
gimp-2.99.8-4.el9_5.aarch64.rpm
gimp-libs-2.99.8-4.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//gimp-2.99.8-4.el9_5.src.rpm
Related CVEs:
CVE-2023-44441
CVE-2023-44442
CVE-2023-44443
CVE-2023-44444
Description of changes:
[2:2.99.8-4]
- Applying fixes for vulnerabilities that led to possible RCE conditions.
- Fixes: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444
- Resolves: RHEL-86048 RHEL-86045 RHEL-86042 RHEL-86039
ELBA-2025-20214 Oracle Linux 9 kmod bug fix update
Oracle Linux Bug Fix Advisory ELBA-2025-20214
http://linux.oracle.com/errata/ELBA-2025-20214.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
kmod-28-10.0.2.el9.x86_64.rpm
kmod-libs-28-10.0.2.el9.i686.rpm
kmod-libs-28-10.0.2.el9.x86_64.rpm
kmod-devel-28-10.0.2.el9.i686.rpm
kmod-devel-28-10.0.2.el9.x86_64.rpm
aarch64:
kmod-28-10.0.2.el9.aarch64.rpm
kmod-libs-28-10.0.2.el9.aarch64.rpm
kmod-devel-28-10.0.2.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kmod-28-10.0.2.el9.src.rpm
Description of changes:
[28-10.0.2]
- Add improvement to modprobe to handle UEK8 packaging better [Orabug: 37689559] (Harshit Mogalapalli)
ELBA-2025-20213 Oracle Linux 9 kexec-tools bug fix update
Oracle Linux Bug Fix Advisory ELBA-2025-20213
http://linux.oracle.com/errata/ELBA-2025-20213.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
kexec-tools-2.0.29-5.0.2.el9.x86_64.rpm
aarch64:
kexec-tools-2.0.29-5.0.2.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kexec-tools-2.0.29-5.0.2.el9.src.rpm
Description of changes:
[2.0.29-5.0.2]
- fix detection of typed (compound) pages (Linux 6.12) [Orabug: 37561509]
[2.0.29-5.0.1]
- Rebase makedumpfile to v1.7.6 [Orabug: 37289579]
- Fix KEXEC_KERNEL_CHECK IMA rule & valid PE signature regression [Orabug: 36567412]
- Include support for virt-what [Orabug: 36517679]
- backport of upstream crash hotplug support [Orabug: 35884469]
- Insert new udev rules for crash hotplug into 98-kexec.rules [Orabug: 35801595]
- Handle xen_netfront in dracut module setup [Orabug: 35615400]
- Update UEK aarch64 reserved sizes for UEK7 kernels [Orabug: 34663083]
- Correct UEK reserved size for x86_64 [Orabug: 34391412]
- Update UEK reserved sizes [Orabug: 34240246]
- fix saving vmcore-dmesg.txt failed on aarch64 with UEK7 [Orabug: 34003037]
- include OL8 patch for sysconfig, its needed on OL9 [Orabug: 33512440]
- Update makedumpfile to 1.7.2 [Orabug: 34219368]
- kdump: skip lvm private devices [Orabug: 33822070] [Orabug: 33574003]
- Added dracut module setup patches [Orabug: 29518713] [Orabug: 22780125]
- Added orabug30352094-makedumpfile-Mark-mem-usage-option-unsupported-for-a.patch [Orabug: 30352094]
- Added orabug30822387.kdumpctl-arm64-fast-boot.patch [Orabug: 30822387]
- Added orabug30832988.kdump.sysconfig.iommu_off.x86_64.aarch64.patch [Orabug: 30832988]
- Added orabug30928441.kdumpctl.no_timer_check.patch [Orabug: 30928441]
- Added orabug32127375-kdump.sysconfig.no.double.s.patch [Orabug: 32127375]
- Added orabug32258986-arm64-support-more-than-one-crash-kernel-regions.patch [Orabug: 32258986]
- Removed orabug32258986-arm64-support-more-than-one-crash-kernel-regions.patch [Orabug: 32258986]
- Removed orabug34003037-arm64-crashdump-deduce-paddr-of-_text-based-on-kerne.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-make-phys_offset-signed.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-crashdump-unify-routine-to-get-page_offset.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-read-VA_BITS-from-kcore-for-52-bits-VA-kernel.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-fix-PAGE_OFFSET-calc-for-flipped-mm.patch [Orabug: 34003037]
- Removed orabug34003037-kdump-kexec-fix-saving-vmcore-dmesg.txt-failed-on-aa.patch [Orabug: 34003037]
- Fix formatting for orabug33822070-kdump-skip-lvm-private-devices.patch [Orabug: 33822070]
- Rework orabug34663083-Update-UEK-reserved-sizes.patch [Orabug: 34240246]
- Rebase kexec-tools to v2.0.28
[2.0.29-5]
- 99-kdump.conf: Omit nouveau and amdgpu module
[2.0.29-4]
- kdump.service: Replace ConditionKernelCommandLine with ExecCondition
[2.0.29-3]
- fadump: fix passing additional parameters for capture kernel
- fadump: pass additional parameters for capture kernel
[2.0.29-2]
- Re-introduce vmcore creation notification to kdump
- Revert "Introduce vmcore creation notification to kdump"
- Add kdump dracut config
- kdump-lib-initramfs: Improve mount point retrieval logic
[2.0.29-1]
- Release 2.0.29-1
- Rebase makedumpfile to v1.7.6
ELSA-2025-3683 Moderate: Oracle Linux 8 tomcat security update
Oracle Linux Security Advisory ELSA-2025-3683
http://linux.oracle.com/errata/ELSA-2025-3683.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
tomcat-9.0.87-1.el8_10.3.noarch.rpm
tomcat-admin-webapps-9.0.87-1.el8_10.3.noarch.rpm
tomcat-docs-webapp-9.0.87-1.el8_10.3.noarch.rpm
tomcat-el-3.0-api-9.0.87-1.el8_10.3.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-1.el8_10.3.noarch.rpm
tomcat-lib-9.0.87-1.el8_10.3.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-1.el8_10.3.noarch.rpm
tomcat-webapps-9.0.87-1.el8_10.3.noarch.rpm
aarch64:
tomcat-9.0.87-1.el8_10.3.noarch.rpm
tomcat-admin-webapps-9.0.87-1.el8_10.3.noarch.rpm
tomcat-docs-webapp-9.0.87-1.el8_10.3.noarch.rpm
tomcat-el-3.0-api-9.0.87-1.el8_10.3.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-1.el8_10.3.noarch.rpm
tomcat-lib-9.0.87-1.el8_10.3.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-1.el8_10.3.noarch.rpm
tomcat-webapps-9.0.87-1.el8_10.3.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tomcat-9.0.87-1.el8_10.3.src.rpm
Related CVEs:
CVE-2024-50379
CVE-2025-24813
Description of changes:
[1:9.0.87-1.el8_10.3]
- Resolves: RHEL-82934
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
- Resolves: RHEL-71708
tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)
ELSA-2025-3615 Important: Oracle Linux 8 libxslt security update
Oracle Linux Security Advisory ELSA-2025-3615
http://linux.oracle.com/errata/ELSA-2025-3615.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
libxslt-1.1.32-6.1.0.1.el8_10.i686.rpm
libxslt-1.1.32-6.1.0.1.el8_10.x86_64.rpm
libxslt-devel-1.1.32-6.1.0.1.el8_10.i686.rpm
libxslt-devel-1.1.32-6.1.0.1.el8_10.x86_64.rpm
aarch64:
libxslt-1.1.32-6.1.0.1.el8_10.aarch64.rpm
libxslt-devel-1.1.32-6.1.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libxslt-1.1.32-6.1.0.1.el8_10.src.rpm
Related CVEs:
CVE-2024-55549
CVE-2025-24855
Description of changes:
[1.1.32-6.1.0.1]
- Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball
[1.1.32-6.1]
- Fix CVE-2024-55549 (RHEL-83506)
- Fix CVE-2025-24855 (RHEL-83492)
ELBA-2025-20209 Oracle Linux 8 kexec-tools bug fix update
Oracle Linux Bug Fix Advisory ELBA-2025-20209
http://linux.oracle.com/errata/ELBA-2025-20209.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
kexec-tools-2.0.28-1.0.9.el8_10.x86_64.rpm
aarch64:
kexec-tools-2.0.28-1.0.9.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kexec-tools-2.0.28-1.0.9.el8_10.src.rpm
Description of changes:
[2.0.28-1.0.9]
- fix detection of typed (compound) pages (Linux 6.12) [Orabug: 37561509]
ELSA-2025-2879 Important: Oracle Linux 7 xorg-x11-server security update
Oracle Linux Security Advisory ELSA-2025-2879
http://linux.oracle.com/errata/ELSA-2025-2879.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
xorg-x11-server-Xdmx-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-Xephyr-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-Xnest-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-Xorg-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-Xvfb-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-Xwayland-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-common-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-devel-1.20.4-29.0.1.el7_9.i686.rpm
xorg-x11-server-devel-1.20.4-29.0.1.el7_9.x86_64.rpm
xorg-x11-server-source-1.20.4-29.0.1.el7_9.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//xorg-x11-server-1.20.4-29.0.1.el7_9.src.rpm
Related CVEs:
CVE-2025-26594
CVE-2025-26595
CVE-2025-26596
CVE-2025-26597
CVE-2025-26598
CVE-2025-26599
CVE-2025-26600
CVE-2025-26601
Description of changes:
[1.20.4-29.0.1]
- Fixed CVE-2025-26594 CVE-2025-26595 CVE-2025-26596
- CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600
- CVE-2025-26601 [Orabug: 37712847]
