ELSA-2025-7967

ELSA-2025-7967 - osbuild-composer security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-05-20

Description

[101-3.0.1]
- Rebuilt to fix:
- CVE-2024-34156
- CVE-2024-1394
- RHEL-24303
- RHEL-57905
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- support for building OL8/9 images on Oracle Linux 8 [Orabug: 36400619]

[101-3]
- Resolve RHEL-84643 (CVE-2025-30204)

Related CVEs

CVE-2025-30204

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	osbuild-composer-101-3.0.1.el8_10.src.rpm	d127a05efeefef505ef6b3b0f3368376e141d20d2fc6c6ff387ad179582fa10d	-	ol8_aarch64_appstream
	osbuild-composer-101-3.0.1.el8_10.aarch64.rpm	4c7e5e4f6403aa76cfe51e728b32a9f7f7364c43204c57c47095c9f76edea665	-	ol8_aarch64_appstream
	osbuild-composer-core-101-3.0.1.el8_10.aarch64.rpm	ffbd627882b18fcfd24711cf29691bb45a2c9673af47807112d68151982ede01	-	ol8_aarch64_appstream
	osbuild-composer-worker-101-3.0.1.el8_10.aarch64.rpm	21c8ba9533740364239e416bc42da997589d51c62d6e811cbf60f31840d9557d	-	ol8_aarch64_appstream
Oracle Linux 8 (x86_64)	osbuild-composer-101-3.0.1.el8_10.src.rpm	d127a05efeefef505ef6b3b0f3368376e141d20d2fc6c6ff387ad179582fa10d	-	ol8_x86_64_appstream
	osbuild-composer-101-3.0.1.el8_10.x86_64.rpm	8ca21e93b3823e6da0de34d798734fcd14a244c728ac07732ac0b9464c0739f1	-	ol8_x86_64_appstream
	osbuild-composer-core-101-3.0.1.el8_10.x86_64.rpm	adae7795f9d4beb4651bc1e411615b8a0babb73e07742e5749cf2692af1fc54f	-	ol8_x86_64_appstream
	osbuild-composer-worker-101-3.0.1.el8_10.x86_64.rpm	d45e82a660aef6a78feb04e5aa6a8fb1efa7dcd2f50a88f1b7c4dd2ef497e895	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team