ELSA-2025-20928

ULN >
Oracle Linux Errata repository >
ELSA-2025-20928

ELSA-2025-20928 - ipa security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-11-25

Description

[4.12.2-22.0.1.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Add bind to ipa-server-common Requires [Orabug: 36518596]

[4.12.2-22.1]
- Resolves: RHEL-118449 ipa: Privilege escalation from host to domain admin in FreeIPA

[4.12.2-22]
- Resolves: RHEL-107483 ipa-ca-install fails on CA-less replica due to inadequate key usage in master certificate

Related CVEs

CVE-2025-7493

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ipa-4.12.2-22.0.1.el9_7.1.src.rpm	fc95ed63bf9ab62e6a121196d3226ca87bd0e72aef07dbf9d9f9355c6ac478fb	-	ol9_aarch64_appstream
	ipa-4.12.2-22.0.1.el9_7.1.src.rpm	fc95ed63bf9ab62e6a121196d3226ca87bd0e72aef07dbf9d9f9355c6ac478fb	-	ol9_aarch64_codeready_builder
	ipa-client-4.12.2-22.0.1.el9_7.1.aarch64.rpm	26dbb8ca4f78ad36f0b1b70a44bc5e567b3d902cdca00d5273037589648c8285	-	ol9_aarch64_appstream
	ipa-client-common-4.12.2-22.0.1.el9_7.1.noarch.rpm	8c65a8541862efb9abd97ebfa93dbbdc7f8b1dd1c0d0c0320043cb0f4aee559f	-	ol9_aarch64_appstream
	ipa-client-encrypted-dns-4.12.2-22.0.1.el9_7.1.aarch64.rpm	ffad730a86ab113d9b41fd3184da455e1518fce8a07faa604a970458049db268	-	ol9_aarch64_appstream
	ipa-client-epn-4.12.2-22.0.1.el9_7.1.aarch64.rpm	ffcba3a2369a85cc3b2f596ec07e0023e96f3a9eba00edbcdf5f86ca1cdae23d	-	ol9_aarch64_appstream
	ipa-client-samba-4.12.2-22.0.1.el9_7.1.aarch64.rpm	08c6972b0523c82d52114e2549e14708782f6bd14afc9f5e2a8d9155c7adac08	-	ol9_aarch64_appstream
	ipa-common-4.12.2-22.0.1.el9_7.1.noarch.rpm	3068b44eb264b67e34fc50baa442ef82d6ebf09066b5456e855a32cc136960c6	-	ol9_aarch64_appstream
	ipa-selinux-4.12.2-22.0.1.el9_7.1.noarch.rpm	ee3d30dcecdf7cf64b8818b7ab73ef524eae81b7177939eb45f9bd7150873361	-	ol9_aarch64_appstream
	ipa-selinux-luna-4.12.2-22.0.1.el9_7.1.noarch.rpm	e018eef029d70bfa49a5945754e6b4eb7756254d85b6dbbdbbe0f3ff7f106d88	-	ol9_aarch64_appstream
	ipa-selinux-nfast-4.12.2-22.0.1.el9_7.1.noarch.rpm	da286034485f1e3aab4056a584424c549cf0216b1217992c3d41efa1b880d9c9	-	ol9_aarch64_appstream
	ipa-server-4.12.2-22.0.1.el9_7.1.aarch64.rpm	d22ed50523a05239f710c69c6e539bfb821a0ede059ad0d02b933a237b3bd4e3	-	ol9_aarch64_appstream
	ipa-server-common-4.12.2-22.0.1.el9_7.1.noarch.rpm	331661c53adfed6ea428667d528071b2619709c88d268ce9430d31e21d4a7005	-	ol9_aarch64_appstream
	ipa-server-dns-4.12.2-22.0.1.el9_7.1.noarch.rpm	9b67812416af5d3b5e986ec73b2cae0fc5bb7858d20efda8952640a93d5a21d3	-	ol9_aarch64_appstream
	ipa-server-encrypted-dns-4.12.2-22.0.1.el9_7.1.aarch64.rpm	3df33e0ac5b6e47ab42282f52f907d9c46f9d3554384a1c9b124a4cae0318a14	-	ol9_aarch64_appstream
	ipa-server-trust-ad-4.12.2-22.0.1.el9_7.1.aarch64.rpm	695bd9b69ffe13ca19bb4885e704e31c3a7aa3801ce5df46c992491b2f789a0d	-	ol9_aarch64_appstream
	python3-ipaclient-4.12.2-22.0.1.el9_7.1.noarch.rpm	633c3237d3b604319cd92ea3aef03f71506891ebc265b163a51c51f2114f0295	-	ol9_aarch64_appstream
	python3-ipalib-4.12.2-22.0.1.el9_7.1.noarch.rpm	b0e2c6dd2945f5f8a890df50b510a03c4842d22cd1b81d50bb2539de6740e793	-	ol9_aarch64_appstream
	python3-ipaserver-4.12.2-22.0.1.el9_7.1.noarch.rpm	033483a41ea7fc140e0fc8c45a17bd775f0c3af7b33b3844eb58ec8cab8dfc1e	-	ol9_aarch64_appstream
	python3-ipatests-4.12.2-22.0.1.el9_7.1.noarch.rpm	459c50c5bb4fe18318e7a6241746a61e1440918d234dd45320dc130419530b8c	-	ol9_aarch64_codeready_builder

Oracle Linux 9 (x86_64)	ipa-4.12.2-22.0.1.el9_7.1.src.rpm	fc95ed63bf9ab62e6a121196d3226ca87bd0e72aef07dbf9d9f9355c6ac478fb	-	ol9_x86_64_appstream
	ipa-4.12.2-22.0.1.el9_7.1.src.rpm	fc95ed63bf9ab62e6a121196d3226ca87bd0e72aef07dbf9d9f9355c6ac478fb	-	ol9_x86_64_codeready_builder
	ipa-client-4.12.2-22.0.1.el9_7.1.x86_64.rpm	b6327618057347ae1d211e1c828c12e4920f5f7ee47e8ddc533c06e13f831ed7	-	ol9_x86_64_appstream
	ipa-client-common-4.12.2-22.0.1.el9_7.1.noarch.rpm	8c65a8541862efb9abd97ebfa93dbbdc7f8b1dd1c0d0c0320043cb0f4aee559f	-	ol9_x86_64_appstream
	ipa-client-encrypted-dns-4.12.2-22.0.1.el9_7.1.x86_64.rpm	100d7e0839ef595c202a7104fd4bb229424457bcd71ac5e22d4aba75d93d623f	-	ol9_x86_64_appstream
	ipa-client-epn-4.12.2-22.0.1.el9_7.1.x86_64.rpm	e7f6b44a552496ce4c7144461ab23331a083a11eea47e9ee5347d8b11f32b45e	-	ol9_x86_64_appstream
	ipa-client-samba-4.12.2-22.0.1.el9_7.1.x86_64.rpm	f252108fe1685528a875158b6e3f37a684ce8d93b57a3f411655705c2fc42d93	-	ol9_x86_64_appstream
	ipa-common-4.12.2-22.0.1.el9_7.1.noarch.rpm	3068b44eb264b67e34fc50baa442ef82d6ebf09066b5456e855a32cc136960c6	-	ol9_x86_64_appstream
	ipa-selinux-4.12.2-22.0.1.el9_7.1.noarch.rpm	ee3d30dcecdf7cf64b8818b7ab73ef524eae81b7177939eb45f9bd7150873361	-	ol9_x86_64_appstream
	ipa-selinux-luna-4.12.2-22.0.1.el9_7.1.noarch.rpm	e018eef029d70bfa49a5945754e6b4eb7756254d85b6dbbdbbe0f3ff7f106d88	-	ol9_x86_64_appstream
	ipa-selinux-nfast-4.12.2-22.0.1.el9_7.1.noarch.rpm	da286034485f1e3aab4056a584424c549cf0216b1217992c3d41efa1b880d9c9	-	ol9_x86_64_appstream
	ipa-server-4.12.2-22.0.1.el9_7.1.x86_64.rpm	717fdb6197d37cc00b8d29468d853414a4e2aacde959793c6d52dcdbbcc72439	-	ol9_x86_64_appstream
	ipa-server-common-4.12.2-22.0.1.el9_7.1.noarch.rpm	331661c53adfed6ea428667d528071b2619709c88d268ce9430d31e21d4a7005	-	ol9_x86_64_appstream
	ipa-server-dns-4.12.2-22.0.1.el9_7.1.noarch.rpm	9b67812416af5d3b5e986ec73b2cae0fc5bb7858d20efda8952640a93d5a21d3	-	ol9_x86_64_appstream
	ipa-server-encrypted-dns-4.12.2-22.0.1.el9_7.1.x86_64.rpm	c9b9c06703700c0c98c29b272d77b3463db195f3a7c0a49755a97f7738b6078f	-	ol9_x86_64_appstream
	ipa-server-trust-ad-4.12.2-22.0.1.el9_7.1.x86_64.rpm	bd16c7bc6a47105e7504bce9612e90358ac20d0cf8be90b3a1f834022d56b8a4	-	ol9_x86_64_appstream
	python3-ipaclient-4.12.2-22.0.1.el9_7.1.noarch.rpm	633c3237d3b604319cd92ea3aef03f71506891ebc265b163a51c51f2114f0295	-	ol9_x86_64_appstream
	python3-ipalib-4.12.2-22.0.1.el9_7.1.noarch.rpm	b0e2c6dd2945f5f8a890df50b510a03c4842d22cd1b81d50bb2539de6740e793	-	ol9_x86_64_appstream
	python3-ipaserver-4.12.2-22.0.1.el9_7.1.noarch.rpm	033483a41ea7fc140e0fc8c45a17bd775f0c3af7b33b3844eb58ec8cab8dfc1e	-	ol9_x86_64_appstream
	python3-ipatests-4.12.2-22.0.1.el9_7.1.noarch.rpm	459c50c5bb4fe18318e7a6241746a61e1440918d234dd45320dc130419530b8c	-	ol9_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691