ELSA-2025-9184

ULN >
Oracle Linux Errata repository >
ELSA-2025-9184

ELSA-2025-9184 - ipa security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-06-17

Description

[4.12.2-14.0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Add bind to ipa-server-common Requires [Orabug: 36518596]

[4.12.2-14.1]
- Resolves: RHEL-89908
EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA
- Resolves: RHEL-89144
kdb: ipadb_get_connection() succeeds but returns null LDAP context

Related CVEs

CVE-2025-4404

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ipa-4.12.2-14.0.1.el9_6.1.src.rpm	02caad6327eae76d0234586692ecff095ace4b66bc8d33938b2f66064b519cdf	-	ol9_aarch64_appstream
	ipa-4.12.2-14.0.1.el9_6.1.src.rpm	02caad6327eae76d0234586692ecff095ace4b66bc8d33938b2f66064b519cdf	-	ol9_aarch64_codeready_builder
	ipa-client-4.12.2-14.0.1.el9_6.1.aarch64.rpm	a7f2bac3cd17c2afe01734356aa044654c9e89d81a898e9b954810af0150d7f5	-	ol9_aarch64_appstream
	ipa-client-common-4.12.2-14.0.1.el9_6.1.noarch.rpm	82fed5ffab6352363c43bf07cbab6f6912126fe9da379f3a64f4420ade01b6e8	-	ol9_aarch64_appstream
	ipa-client-encrypted-dns-4.12.2-14.0.1.el9_6.1.aarch64.rpm	df536cbd02aa2ed05b45498fcbb2cc22e1ca1e4433015871f6fb0d541b02394c	-	ol9_aarch64_appstream
	ipa-client-epn-4.12.2-14.0.1.el9_6.1.aarch64.rpm	6062d78fa32bf05a6c26f6860b1a58f135898aa5da35409dbfcddcc57609bd7f	-	ol9_aarch64_appstream
	ipa-client-samba-4.12.2-14.0.1.el9_6.1.aarch64.rpm	209d8c617596afa8d579603610828cc303586f958f59d8fc619fb607a1d1d30c	-	ol9_aarch64_appstream
	ipa-common-4.12.2-14.0.1.el9_6.1.noarch.rpm	d089d8c0841ccdafcb23de1bdf996ee689f588c7711c72119b05f61b8b931933	-	ol9_aarch64_appstream
	ipa-selinux-4.12.2-14.0.1.el9_6.1.noarch.rpm	5ecd67541c32f3c18678ed8c9ee55c5dd50cad7d087aefbe75281516080f846a	-	ol9_aarch64_appstream
	ipa-selinux-luna-4.12.2-14.0.1.el9_6.1.noarch.rpm	d73b5ae1124bc96bc11dcdaea43a43530bf9315b4f93f5f2d96074b50af34059	-	ol9_aarch64_appstream
	ipa-selinux-nfast-4.12.2-14.0.1.el9_6.1.noarch.rpm	915f2a33a070c0fca1a3d982fa15bea95838518d5f18920d846b2b19d8c00974	-	ol9_aarch64_appstream
	ipa-server-4.12.2-14.0.1.el9_6.1.aarch64.rpm	67a4ac6779a5241ea3154b7d7ed93443110c18db2d0e5ebce21f28e96868ea92	-	ol9_aarch64_appstream
	ipa-server-common-4.12.2-14.0.1.el9_6.1.noarch.rpm	b608889632ef68fcf532b626b46cc4a00992e5d5beadcae69901cd018b1ff533	-	ol9_aarch64_appstream
	ipa-server-dns-4.12.2-14.0.1.el9_6.1.noarch.rpm	016aa5dcdf5edd285afcab8d29bc5b33b71b75f66e6cfb0be3e6d4e6a5e585c0	-	ol9_aarch64_appstream
	ipa-server-encrypted-dns-4.12.2-14.0.1.el9_6.1.aarch64.rpm	e70ddf8bb3446a83e5186ad276b4bbd2b25dd144e136b13371612d7e6246c365	-	ol9_aarch64_appstream
	ipa-server-trust-ad-4.12.2-14.0.1.el9_6.1.aarch64.rpm	8fc59e5ea2a9e12693c26b2704fdb642e08a8f2f254c7811b453415c87187a0e	-	ol9_aarch64_appstream
	python3-ipaclient-4.12.2-14.0.1.el9_6.1.noarch.rpm	5d9242467d8e6e9bfe692980f885d2fd301a65773fcefc6e7ea62da246c167e9	-	ol9_aarch64_appstream
	python3-ipalib-4.12.2-14.0.1.el9_6.1.noarch.rpm	dbe5e85a5d835a15afe522739389a1768d6b3a0a395b9b25109bfadc04df2dfd	-	ol9_aarch64_appstream
	python3-ipaserver-4.12.2-14.0.1.el9_6.1.noarch.rpm	78808fb94f80bd59605103580947cf2f9be04b4c912dee718939a462a6a4d2b4	-	ol9_aarch64_appstream
	python3-ipatests-4.12.2-14.0.1.el9_6.1.noarch.rpm	4d0518913bdd6e0fbfa1e4b232cda56825d51557d3ab26a67a3fefc51f681b55	-	ol9_aarch64_codeready_builder

Oracle Linux 9 (x86_64)	ipa-4.12.2-14.0.1.el9_6.1.src.rpm	02caad6327eae76d0234586692ecff095ace4b66bc8d33938b2f66064b519cdf	-	ol9_x86_64_appstream
	ipa-4.12.2-14.0.1.el9_6.1.src.rpm	02caad6327eae76d0234586692ecff095ace4b66bc8d33938b2f66064b519cdf	-	ol9_x86_64_codeready_builder
	ipa-client-4.12.2-14.0.1.el9_6.1.x86_64.rpm	ae4588e24c2ac76401eb657e2a396945aa1a638bb8300d8a50dd7353e28e5985	-	ol9_x86_64_appstream
	ipa-client-common-4.12.2-14.0.1.el9_6.1.noarch.rpm	82fed5ffab6352363c43bf07cbab6f6912126fe9da379f3a64f4420ade01b6e8	-	ol9_x86_64_appstream
	ipa-client-encrypted-dns-4.12.2-14.0.1.el9_6.1.x86_64.rpm	68b8103459b14f1599ce7b724f4d77c3668302283a573975843e02d607c4be8d	-	ol9_x86_64_appstream
	ipa-client-epn-4.12.2-14.0.1.el9_6.1.x86_64.rpm	d5d774e822620a1ed97bd37d017e57c2b872519b45036bd2baf749e143db3406	-	ol9_x86_64_appstream
	ipa-client-samba-4.12.2-14.0.1.el9_6.1.x86_64.rpm	44a1934313585e626b891267196226e908b5e02c1a6821f6eca40ede62bad032	-	ol9_x86_64_appstream
	ipa-common-4.12.2-14.0.1.el9_6.1.noarch.rpm	d089d8c0841ccdafcb23de1bdf996ee689f588c7711c72119b05f61b8b931933	-	ol9_x86_64_appstream
	ipa-selinux-4.12.2-14.0.1.el9_6.1.noarch.rpm	5ecd67541c32f3c18678ed8c9ee55c5dd50cad7d087aefbe75281516080f846a	-	ol9_x86_64_appstream
	ipa-selinux-luna-4.12.2-14.0.1.el9_6.1.noarch.rpm	d73b5ae1124bc96bc11dcdaea43a43530bf9315b4f93f5f2d96074b50af34059	-	ol9_x86_64_appstream
	ipa-selinux-nfast-4.12.2-14.0.1.el9_6.1.noarch.rpm	915f2a33a070c0fca1a3d982fa15bea95838518d5f18920d846b2b19d8c00974	-	ol9_x86_64_appstream
	ipa-server-4.12.2-14.0.1.el9_6.1.x86_64.rpm	a286a3e80e1f5b1538d2e2f0b6cdb8735d560dedcadf3d32d8ab6246c4ec7474	-	ol9_x86_64_appstream
	ipa-server-common-4.12.2-14.0.1.el9_6.1.noarch.rpm	b608889632ef68fcf532b626b46cc4a00992e5d5beadcae69901cd018b1ff533	-	ol9_x86_64_appstream
	ipa-server-dns-4.12.2-14.0.1.el9_6.1.noarch.rpm	016aa5dcdf5edd285afcab8d29bc5b33b71b75f66e6cfb0be3e6d4e6a5e585c0	-	ol9_x86_64_appstream
	ipa-server-encrypted-dns-4.12.2-14.0.1.el9_6.1.x86_64.rpm	d72cb3119bbad92e507211a12ebaeb12648568b0764d3f08355dddd9a3d1f16b	-	ol9_x86_64_appstream
	ipa-server-trust-ad-4.12.2-14.0.1.el9_6.1.x86_64.rpm	fa8c1c2c4d4f2d3b8920e4f902fbeda6ba914665dfe1d1258e612400156782ea	-	ol9_x86_64_appstream
	python3-ipaclient-4.12.2-14.0.1.el9_6.1.noarch.rpm	5d9242467d8e6e9bfe692980f885d2fd301a65773fcefc6e7ea62da246c167e9	-	ol9_x86_64_appstream
	python3-ipalib-4.12.2-14.0.1.el9_6.1.noarch.rpm	dbe5e85a5d835a15afe522739389a1768d6b3a0a395b9b25109bfadc04df2dfd	-	ol9_x86_64_appstream
	python3-ipaserver-4.12.2-14.0.1.el9_6.1.noarch.rpm	78808fb94f80bd59605103580947cf2f9be04b4c912dee718939a462a6a4d2b4	-	ol9_x86_64_appstream
	python3-ipatests-4.12.2-14.0.1.el9_6.1.noarch.rpm	4d0518913bdd6e0fbfa1e4b232cda56825d51557d3ab26a67a3fefc51f681b55	-	ol9_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691