ELSA-2025-19566
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-19566
ELSA-2025-19566 - osbuild-composer security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2025-11-04 |
Description
[134.1-3.0.1]
- Add OL10 support
- Update repository URLs for baseos, appstream and UERK
- Fix the label for UEKR repository
- Simplify repository names [JIRA: OLDIS-35893]
- Ensure build on latest golang: CVE-2024-34156
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]
- Rebuild for CVE-2025-22871
[134.1-3]
- Fix json tailoring blueprint conversion
Resolves: RHEL-115392
- Fix unclosed logrus logging pipes
Resolves: RHEL-121533
- Update go-jose dependency
Resolves: RHEL-82957 (CVE-2025-27144)
Related CVEs
| CVE-2025-27144 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 10 (aarch64) | osbuild-composer-134.1-3.0.1.el10_0.src.rpm | 2fa88e98cfa595aa82a0456a7df9635ee08c574a267ea82f99d79fc04d0fca26 | - | ol10_aarch64_appstream |
| osbuild-composer-134.1-3.0.1.el10_0.aarch64.rpm | 93ecebfdbfc0a557689aecea2ba5ab1579b511f4a27e23647b519ecbd0ad1ce7 | - | ol10_aarch64_appstream | |
| osbuild-composer-core-134.1-3.0.1.el10_0.aarch64.rpm | 13684cc22af7131f7d3201477a408a4a2cf72297e0e52161b58f8c76841ca5a6 | - | ol10_aarch64_appstream | |
| osbuild-composer-worker-134.1-3.0.1.el10_0.aarch64.rpm | 83ecf5440c9c37f0789e467f4f3d7bed5f9e457fe79a9e5a1bd1578c7dd6f294 | - | ol10_aarch64_appstream | |
| Oracle Linux 10 (x86_64) | osbuild-composer-134.1-3.0.1.el10_0.src.rpm | 2fa88e98cfa595aa82a0456a7df9635ee08c574a267ea82f99d79fc04d0fca26 | - | ol10_x86_64_appstream |
| osbuild-composer-134.1-3.0.1.el10_0.x86_64.rpm | a1ca9366dad1195fc2f14ec714f3a460540a36fd0451af3a00266d217cb193c0 | - | ol10_x86_64_appstream | |
| osbuild-composer-core-134.1-3.0.1.el10_0.x86_64.rpm | 7aa3da898a5dc2b33b0c847e0f4001ba9610254a437f7a6ff5e890cc5a60b267 | - | ol10_x86_64_appstream | |
| osbuild-composer-worker-134.1-3.0.1.el10_0.x86_64.rpm | c34fefb293e9b2bc4a9d38f22e7e15874efd2adcbed0cdc70f81d880e52a1f59 | - | ol10_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
