Oracle Errata System
Oracle Linux
5.11
2025-07-10T18:32:29
ELSA-2025-10677: golang security update (MODERATE)
Oracle Linux 10
[1.24.4-1]
- Update to Go 1.24.4 (fips-1)
[1.24.3-3]
- Update to Go 1.24.3 (fips-3)
[1.24.3-2]
- Update to Go 1.24.3 (fips-2)
[1.24.3-1]
- Update to Go 1.24.3
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-4673
cpe:/a:oracle:linux:10::appstream
ELSA-2025-10630: libxml2 security update (IMPORTANT)
Oracle Linux 10
[2.12.5-7]
- Refresh patches from upstream (RHEL-96395, RHEL-96408 and RHEL-96421)
[2.12.5-6]
- Fix CVE-2025-6021 (RHEL-96495)
- Fix CVE-2025-49794 (RHEL-96395)
- Fix CVE-2025-49795 (RHEL-96408)
- Fix CVE-2025-49796 (RHEL-96421)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-6021
CVE-2025-49795
CVE-2025-49794
CVE-2025-49796
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-10635: gnome-remote-desktop security update (MODERATE)
Oracle Linux 10
[47.3-2]
- Backport connection throttling
Resolves: RHEL-92787
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-5024
cpe:/a:oracle:linux:10::appstream
ELSA-2025-10549: podman security update (IMPORTANT)
Oracle Linux 10
[6:5.4.0-12.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[6:5.4.0-12]
- update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel
(https://github.com/containers/podman/commit/9811294)
- fixes 'CVE-2025-6032 podman: podman missing TLS verification [rhel-9.6.z]'
- Resolves: RHEL-96708
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-6032
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-20405: Unbreakable Enterprise kernel security update (MODERATE)
Oracle Linux 10
Oracle Linux 9
[6.12.0-100.28.2.2.el10uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-36357
CVE-2024-36350
cpe:/a:oracle:linux:9::UEKR8
cpe:/a:oracle:linux:10::UEKR8
ELSA-2025-10371: kernel security update (IMPORTANT)
Oracle Linux 10
[6.12.0-55.20.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-21759
CVE-2025-21991
CVE-2025-37799
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7459: buildah security update (MODERATE)
Oracle Linux 10
[2:1.39.4-2.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]
[2:1.39.4-2]
- Rebuild on new golang to fix CVE-2025-22871
[2:1.39.4-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.4
- Related: RHEL-80817
[2:1.39.3-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.3
- Related: RHEL-80817
[2:1.39.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.2
- Related: RHEL-80817
[2:1.39.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.1
- Resolves: RHEL-81133
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-27144
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7458: xorg-x11-server-Xwayland security update (IMPORTANT)
Oracle Linux 10
[24.1.5-4]
- CVE fix for: CVE-2025-49175 (RHEL-97129), CVE-2025-49176 (RHEL-97135),
CVE-2025-49177 (RHEL-97141), CVE-2025-49178 (RHEL-97147),
CVE-2025-49179 (RHEL-97153), CVE-2025-49180 (RHEL-97159)
[24.1.5-3]
Rebuild for 10.0.z required due to issue when releasing original erratum.
- CVE fix for: CVE-2025-26594 (RHEL-80504), CVE-2025-26595 (RHEL-80505),
CVE-2025-26596 (RHEL-80510), CVE-2025-26597 (RHEL-80511),
CVE-2025-26598 (RHEL-80513), CVE-2025-26599 (RHEL-80512),
CVE-2025-26600 (RHEL-80517), CVE-2025-26601 (RHEL-80516)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-26594
CVE-2025-26599
CVE-2025-26596
CVE-2025-26601
CVE-2025-26595
CVE-2025-26600
CVE-2024-9632
CVE-2025-26597
CVE-2025-26598
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9348: kernel security update (MODERATE)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-21999
CVE-2025-23150
CVE-2025-37738
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9079: kernel security update (IMPORTANT)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-21963
CVE-2025-21893
CVE-2025-21962
CVE-2025-21979
CVE-2025-21764
CVE-2025-21887
CVE-2025-21969
CVE-2025-37750
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8669: kernel security update (IMPORTANT)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-21997
CVE-2025-21669
CVE-2025-37943
CVE-2025-21926
CVE-2025-22055
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8374: kernel security update (MODERATE)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-21919
CVE-2025-37785
CVE-2025-21964
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8137: kernel security update (IMPORTANT)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-21756
CVE-2024-53104
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7956: kernel security update (MODERATE)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-21966
CVE-2025-21993
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7501: kernel security update (IMPORTANT)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-21927
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9896: kernel security update (MODERATE)
Oracle Linux 10
[6.12.0-55.19.1.0.1_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-21883
CVE-2025-21961
CVE-2025-22104
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-10140: python3.12 security update (IMPORTANT)
Oracle Linux 10
[3.12.9-2.0.1.2]
- Remove upstream URL reference
[3.12.9-2.2]
- Enable PAC and BTI protections for aarch64
- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435
- Resolves: RHEL-98058, RHEL-98020, RHEL-97809, RHEL-98184, RHEL-98211
[3.12.9-2.1]
- Apply Intel's CET for mitigation against control-flow hijacking attacks
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-4330
CVE-2025-4517
CVE-2024-12718
CVE-2025-4138
CVE-2025-4435
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-10195: thunderbird security update (IMPORTANT)
Oracle Linux 10
[128.12.0-1.0.1]
- Add Oracle prefs
[128.12.0-1]
- Update to 128.12.0 build1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-5986
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8319: pcs security update (IMPORTANT)
Oracle Linux 10
[0.12.0-3.el10_0.2]
- Rebased pcs to the latest sources (see CHANGELOG.md)
Resolves: RHEL-7681, RHEL-21050, RHEL-22423, RHEL-35407, RHEL-44347, RHEL-63186, RHEL-66607, RHEL-76176, RHEL-81938
- Rebased HA Cluster Management add-on to the latest sources
Resolves: RHEL-30686, RHEL-30695, RHEL-30698, RHEL-79314, RHEL-84143, RHEL-85195
- The upstream version of HA Cluster Management add-on can now be queried through RPM - see bundled(pcs-web-ui)
Resolves: RHEL-86227
- Updated bundled rubygems: backports, childprocess, ffi, puma, rack, rack-protection, rack-session, rack-test, sinatra, tilt
- Updated bundled Python dependency dacite
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-46727
cpe:/a:oracle:linux:10::addons
ELSA-2025-7478: corosync security update (MODERATE)
Oracle Linux 10
[3.1.9-1.1]
- Resolves: RHEL-84612
- totemsrp: Check size of orf_token msg (fixes CVE-2025-30472)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-30472
cpe:/a:oracle:linux:10::addons
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-10073: firefox security update (IMPORTANT)
Oracle Linux 10
[128.12.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
[128.12.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)
[128.12.0-1]
- Update to 128.12.0 build1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-6429
CVE-2025-6424
CVE-2025-6430
CVE-2025-6425
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7503: osbuild-composer security update (IMPORTANT)
Oracle Linux 10
[134.1-2.0.1]
- Add OL10 support
- Update repository URLs for baseos, appstream and UERK
- Fix the label for UEKR repository
- Simplify repository names [JIRA: OLDIS-35893]
- Ensure build on latest golang: CVE-2024-34156
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-30204
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9623: osbuild-composer security update (MODERATE)
Oracle Linux 10
[134.1-2.0.1]
- Add OL10 support
- Update repository URLs for baseos, appstream and UERK
- Fix the label for UEKR repository
- Simplify repository names [JIRA: OLDIS-35893]
- Ensure build on latest golang: CVE-2024-34156
- Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]
- Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
- Update repositories to contain OCI variables
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
- Increase default /boot size to 1GB [Orabug: 36827079]
- Add support for OCI hybrid images [JIRA: OLDIS-33593]
- enable aarch64 OCI image builds [JIRA: OLDIS-33593]
- support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]
[134.1-2]
- Rebuild for CVE-2025-22871
[134.1-1]
- Import upstream 134.1
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7601: .NET 9.0 security update (IMPORTANT)
Oracle Linux 10
[9.0.107-1.0.1]
- Add support for Oracle Linux
[9.0.107-1]
- Update to .NET SDK 9.0.107 and Runtime 9.0.6
- Resolves: RHEL-94423
[9.0.106-2]
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
- Resolves: RHEL-89452
[9.0.105-2]
- Update to .NET SDK 9.0.105 and Runtime 9.0.4
- Resolves: RHEL-85281
[9.0.104-2]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81647
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-26646
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7467: skopeo security update (MODERATE)
Oracle Linux 10
[1:1.18.1-2]
- Fix bats dep on tests subpackage
- Resolves: RHEL-58990
- Rebuild on new golang to fix CVE-2025-22871
[1:1.18.1-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.18
(https://github.com/containers/skopeo/commit/bfd0850)
- fixes 'CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-10.1]'
- Resolves: RHEL-80611
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-27144
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9149: skopeo security update (MODERATE)
Oracle Linux 10
[1:1.18.1-2]
- Fix bats dep on tests subpackage
- Resolves: RHEL-58990
- Rebuild on new golang to fix CVE-2025-22871
[1:1.18.1-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.18
(https://github.com/containers/skopeo/commit/bfd0850)
- fixes 'CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-10.1]'
- Resolves: RHEL-80611
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8816: .NET 9.0 security update (IMPORTANT)
Oracle Linux 10
[9.0.107-1.0.1]
- Add support for Oracle Linux
[9.0.107-1]
- Update to .NET SDK 9.0.107 and Runtime 9.0.6
- Resolves: RHEL-94423
[9.0.106-2]
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
- Resolves: RHEL-89452
[9.0.105-2]
- Update to .NET SDK 9.0.105 and Runtime 9.0.4
- Resolves: RHEL-85281
[9.0.104-2]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81647
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-30399
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7505: libsoup3 security update (IMPORTANT)
Oracle Linux 10
[3.6.5-3.el10_0.6]
- Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907
[3.6.5-3]
- Add patch to hopefully fix http2-body-size-test timeouts
[3.6.5-2]
- Add patch to hopefully fix server-test timeouts
[3.6.5-1]
- Update to 3.6.5 and add patches for CVEs
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-46421
CVE-2025-2784
CVE-2025-32912
CVE-2025-32914
CVE-2025-32906
CVE-2025-32908
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7493: thunderbird security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Add Oracle prefs
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-3030
CVE-2025-3028
CVE-2025-3029
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7491: firefox security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-3028
CVE-2025-3029
CVE-2025-3030
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7484: gvisor-tap-vsock security update (IMPORTANT)
Oracle Linux 10
[6:0.8.5-2]
- Rebuild on new golang to fix CVE-2025-22871
[6:0.8.5-1]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.5
- Related: RHEL-80817
[6:0.8.4-1]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.4
- Resolves: RHEL-83030
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-22869
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7475: grafana security update (IMPORTANT)
Oracle Linux 10
[10.2.6-18]
- Resolves RHEL-89943: CVE-2025-4123
[10.2.6-16]
- Resolves RHEL-85420: Move home directory of grafana to /var/lib/grafana
[10.2.6-15]
- Resolves RHEL-84627: CVE-2025-30204
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-30204
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7462: podman security update (IMPORTANT)
Oracle Linux 10
[6:5.4.0-10.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[6:5.4.0-10]
- rebuild to resolve CVE-2025-22871
- Pick latest f rom https://github.com/containers/podman/tree/v5.4-rhel
https://github.com/containers/podman/commit/0ee1d49
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-22869
CVE-2025-27144
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9940: python-setuptools security update (MODERATE)
Oracle Linux 10
[69.0.3-12]
- Security fix for CVE-2025-47273
[69.0.3-11]
- Change the test source location
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-47273
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8814: .NET 8.0 security update (IMPORTANT)
Oracle Linux 10
[8.0.117-1.0.1]
- Add support for Oracle Linux
[8.0.117-1]
- Update to .NET SDK 8.0.117 and Runtime 8.0.17
- Resolves: RHEL-94416
[8.0.116-2]
- Update to .NET SDK 8.0.116 and Runtime 8.0.16
- Resolves: RHEL-89447
[8.0.115-2]
- Update to .NET SDK 8.0.115 and Runtime 8.0.15
- Resolves: RHEL-85275
[8.0.114-2]
- Update to .NET SDK 8.0.114 and Runtime 8.0.14
- Resolves: RHEL-81643
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-30399
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8125: firefox security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-4918
CVE-2025-4919
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7599: .NET 8.0 security update (IMPORTANT)
Oracle Linux 10
[8.0.117-1.0.1]
- Add support for Oracle Linux
[8.0.117-1]
- Update to .NET SDK 8.0.117 and Runtime 8.0.17
- Resolves: RHEL-94416
[8.0.116-2]
- Update to .NET SDK 8.0.116 and Runtime 8.0.16
- Resolves: RHEL-89447
[8.0.115-2]
- Update to .NET SDK 8.0.115 and Runtime 8.0.15
- Resolves: RHEL-85275
[8.0.114-2]
- Update to .NET SDK 8.0.114 and Runtime 8.0.14
- Resolves: RHEL-81643
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-26646
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7507: thunderbird security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Add Oracle prefs
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-4083
CVE-2025-2830
CVE-2025-4087
CVE-2025-4091
CVE-2025-4093
CVE-2025-2817
CVE-2025-3522
CVE-2025-3523
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7506: firefox security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-2817
CVE-2025-4093
CVE-2025-4087
CVE-2025-4083
CVE-2025-4091
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7502: nodejs22 security update (MODERATE)
Oracle Linux 10
[1:22.16.0-1]
- Update to version 22.16.0
[1:22.15.0-3]
- Make grep Source stricter in nodejs-tarball
[1:22.15.0-2]
- Add unit-test during build for nodejs22
[1:22.15.0-1]
- Update to version 22.15.0
[1:22.13.1-6]
- Update c-ares with fix for CVE-2025-31498
[1:22.13.1-5]
- Revert 'Generate only versioned rpms'
[1:22.13.1-4]
- Use stream-specific ABI dependency generator
[1:22.13.1-3]
- Generate only versioned rpms
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-31498
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9156: golang-github-openprinting-ipp-usb security update (MODERATE)
Oracle Linux 10
[0.9.27-3]
- rebuild to fix CVE-2025-22871
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8196: thunderbird security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Add Oracle prefs
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-3877
CVE-2025-3875
CVE-2025-3909
CVE-2025-3932
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7892: grafana security update (IMPORTANT)
Oracle Linux 10
[10.2.6-18]
- Resolves RHEL-89943: CVE-2025-4123
[10.2.6-16]
- Resolves RHEL-85420: Move home directory of grafana to /var/lib/grafana
[10.2.6-15]
- Resolves RHEL-84627: CVE-2025-30204
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-4123
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7499: ghostscript security update (MODERATE)
Oracle Linux 10
[10.02.1-16]
- RHEL-88964 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow
[10.02.1-15]
- RHEL-67044 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
- RHEL-67050 CVE-2024-46952 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
- RHEL-67050 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
- RHEL-67050 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
- RHEL-67050 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-46956
CVE-2024-46954
CVE-2024-46951
CVE-2024-46952
CVE-2024-46953
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9486: qt6-qtbase security update (MODERATE)
Oracle Linux 10
[6.8.1-9]
- qt5: qt6: QtCore Assertion Failure Denial of Service (CVE-2025-5455)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-5455
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9466: mod_proxy_cluster security update (MODERATE)
Oracle Linux 10
[1.3.22-1.el10_0.2]
- Resolves: RHEL-82256 - Update deprecated misspeled EnableMCPMReceive directive
[1.3.22-1.el10_0.1]
- Resolves: RHEL-80796 - Rebase mod_proxy_cluster to upstream 1.3.22.Final release
[1.3.22-1]
- Resolves: RHEL-80480 Rebase mod_proxy_cluster to upstream 1.3.22.Final release
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-10306
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9307: freerdp security update (MODERATE)
Oracle Linux 10
[2:3.10.3-3]
- Initialize function pointers after resource allocation
- Fixes CVE-2025-4478
- Resolves: RHEL-91583
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-4478
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9151: gvisor-tap-vsock security update (MODERATE)
Oracle Linux 10
[6:0.8.5-2]
- Rebuild on new golang to fix CVE-2025-22871
[6:0.8.5-1]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.5
- Related: RHEL-80817
[6:0.8.4-1]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.4
- Resolves: RHEL-83030
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9148: buildah security update (MODERATE)
Oracle Linux 10
[2:1.39.4-2.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]
[2:1.39.4-2]
- Rebuild on new golang to fix CVE-2025-22871
[2:1.39.4-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.4
- Related: RHEL-80817
[2:1.39.3-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.3
- Related: RHEL-80817
[2:1.39.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.2
- Related: RHEL-80817
[2:1.39.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.39.1
- Resolves: RHEL-81133
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9146: podman security update (MODERATE)
Oracle Linux 10
[6:5.4.0-10.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[6:5.4.0-10]
- rebuild to resolve CVE-2025-22871
- Pick latest f rom https://github.com/containers/podman/tree/v5.4-rhel
https://github.com/containers/podman/commit/0ee1d49
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8915: grafana-pcp security update (MODERATE)
Oracle Linux 10
[5.2.2-3]
- Resolves RHEL-89218: CVE-2025-22871
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8666: grafana security update (MODERATE)
Oracle Linux 10
[10.2.6-18]
- Resolves RHEL-89943: CVE-2025-4123
[10.2.6-16]
- Resolves RHEL-85420: Move home directory of grafana to /var/lib/grafana
[10.2.6-15]
- Resolves RHEL-84627: CVE-2025-30204
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8636: perl-FCGI security update (IMPORTANT)
Oracle Linux 10
[1:0.82-13.1]
- Fix CVE-2025-40907 (integer overflow when parsing FastCGI parameters)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-40907
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7593: ghostscript security update (MODERATE)
Oracle Linux 10
[10.02.1-16]
- RHEL-88964 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow
[10.02.1-15]
- RHEL-67044 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
- RHEL-67050 CVE-2024-46952 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
- RHEL-67050 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
- RHEL-67050 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
- RHEL-67050 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-27832
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7497: tomcat security update (MODERATE)
Oracle Linux 10
[1:10.1.36-1]
- Rebase tomcat to 10.1.36
- Resolves: RHEL-82925
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
- Resolves: RHEL-87272
tomcat: DoS in examples web application (CVE-2024-54677)
- Resolves: RHEL-87273
tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316)
- Resolves: RHEL-85343 - NoClassDefFoundError when using migration tool
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-52316
CVE-2024-54677
CVE-2025-24813
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9421: iputils security update (MODERATE)
Oracle Linux 10
[20240905-2.1]
- Fix CVE-2025-47268 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping (RHEL-94582)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-47268
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-9420: libarchive security update (MODERATE)
Oracle Linux 10
[3.7.7-3]
- Resolves: CVE-2025-25724
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-25724
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-9418: krb5 security update (MODERATE)
Oracle Linux 10
[1.21.3-8.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
[1.21.3-8]
- Do not block HMAC-MD4/5 in FIPS mode
Resolves: RHEL-88705
- Don't issue RC4 session keys by default (CVE-2025-3576)
Resolves: RHEL-88047
- Add PKINIT paChecksum2 from MS-PKCA v20230920
Resolves: RHEL-74295
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-3576
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-9317: delve security update (MODERATE)
Oracle Linux 10
[1.24.1-2.0.1]
- Disable DWARF compression which has issues (Alex Burmashev)
[1.24.1-2]
- Rebuild without changes
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9121: wireshark security update (MODERATE)
Oracle Linux 10
[1:4.4.2-3.0.1]
- Fix post script to not fail during initial installation [Orabug: 37565359]
[1:4.4.2-3]
- Resolves: RHEL-80274 - Increasing NVR due to a build error
[1:4.4.2-2]
- Resolves: RHEL-80274 - Uncontrolled Recursion in Wireshark
- Resolves: RHEL-93153 - wireshark-cli's %post uses /usr/bin/udevadm but missing systemd-udev
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-1492
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8477: golang security update (MODERATE)
Oracle Linux 10
[1.23.9-1]
- Update to 1.23.9
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8131: ruby security update (MODERATE)
Oracle Linux 10
[3.3.8-10]
- Upgrade to Ruby 3.3.8.
Resolves: RHEL-87342
- Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186)
- Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219)
Resolves: RHEL-86116
- Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-27221
CVE-2025-27219
CVE-2025-25186
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7494: tomcat9 security update (MODERATE)
Oracle Linux 10
[1:9.0.87-5]
- Resolves: RHEL-82927
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-24813
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9328: libblockdev security update (IMPORTANT)
Oracle Linux 10
[3.2.0-4.0.1]
- enable btrfs support [Orabug: 30792917]
[3.2.0-4]
- Don't allow suid and dev set on fs resize - CVE-2025-6019
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-6019
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9190: ipa security update (IMPORTANT)
Oracle Linux 10
[4.12.2-15.0.1.el10_0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Add bind to ipa-server-common Requires [Orabug: 36518596]
[4.12.2-15.el10_0.1]
- Resolves: RHEL-89908
EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA
- Resolves: RHEL-89144
kdb: ipadb_get_connection() succeeds but returns null LDAP context
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-4404
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8608: thunderbird security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Add Oracle prefs
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-4919
CVE-2025-4918
CVE-2025-5266
CVE-2025-5267
CVE-2025-5263
CVE-2025-5264
CVE-2025-5268
CVE-2025-5283
CVE-2025-5269
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8493: nodejs22 security update (IMPORTANT)
Oracle Linux 10
[1:22.16.0-1]
- Update to version 22.16.0
[1:22.15.0-3]
- Make grep Source stricter in nodejs-tarball
[1:22.15.0-2]
- Add unit-test during build for nodejs22
[1:22.15.0-1]
- Update to version 22.15.0
[1:22.13.1-6]
- Update c-ares with fix for CVE-2025-31498
[1:22.13.1-5]
- Revert 'Generate only versioned rpms'
[1:22.13.1-4]
- Use stream-specific ABI dependency generator
[1:22.13.1-3]
- Generate only versioned rpms
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-23165
CVE-2025-23166
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8047: unbound security update (MODERATE)
Oracle Linux 10
[1.20.0-10]
- Prevent unbounded name compression (CVE-2024-8508)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-8508
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7592: yggdrasil security update (IMPORTANT)
Oracle Linux 10
[0.4.5-3]
- Fix CVE-2025-3931
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2024-45336
CVE-2025-3931
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7512: expat security update (MODERATE)
Oracle Linux 10
[2.7.1-1]
- Fix behavior change caused by fix for CVE-2024-8176
[2.7.0-1]
- Fix CVE-2024-8176
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-8176
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-7510: libarchive security update (MODERATE)
Oracle Linux 10
[3.7.7-2]
- Fix for CVE-2024-57970
- Resolves: RHEL-79877
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-57970
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-7508: java-21-openjdk security update (MODERATE)
Oracle Linux 10
[1:21.0.7.0.6-1.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]
[1:21.0.7.0.6-1]
- Update to jdk-21.0.7+6 (GA)
- Update release notes to 21.0.7+6
- Rebase FIPS support against 21.0.7+5
- Require tzdata 2025a due to upstream inclusion of JDK-8347965
- ** This tarball is embargoed until 2025-04-15 @ 1pm PT. **
- Resolves: RHEL-86986
- Resolves: RHEL-86636
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-30691
CVE-2025-30698
CVE-2025-21587
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7482: git security update (MODERATE)
Oracle Linux 10
[2.47.1-2]
- add the option to sanitize sideband channel messages
- Resolves: RHEL-74175
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-52005
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7476: python-jinja2 security update (IMPORTANT)
Oracle Linux 10
[3.1.6-1]
- Update to 3.1.6
- Security fix for CVE-2025-27516
Resolves: RHEL-85058
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-27516
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7466: delve and golang security update (MODERATE)
Oracle Linux 10
delve
[1.24.1-1.0.1]
- Disable DWARF compression which has issues (Alex Burmashev)
[1.24.1-1]
- Update Delve to 1.24.1
[1.22.1-6]
- plans/ci.fmf: Update repo
golang
[1.23.7-1]
- Update to 1.23.7
- golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341)
- golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
- crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22866
CVE-2024-45341
CVE-2024-45336
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7457: exiv2 security update (MODERATE)
Oracle Linux 10
[0.28.3-3.2]
- Revert: remove rpath patch
Resolves: RHEL-80106
- Fix CVE-2025-26623 exiv2: Use After Free
Resolves: RHEL-80106
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-26623
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9178: kea security update (IMPORTANT)
Oracle Linux 10
[2.6.3-1]
- New version 2.6.3
- Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803
- kea.conf: Remove /tmp/ from socket-name for existing configurations
- kea.conf: Set pseudo-random password for default config to secure fresh
install and allow CA startup without user intervention
- kea.conf: Restrict directory permissions
- Sync service files with upstream
- Fix leases ownership when switching from root to kea user
[2.6.1-9]
- Update location of fmf plans
[2.6.1-8]
- Properly check valgrind arches
[2.6.1-7]
- Use autoreconf more (fixes riscv64 build)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-32803
CVE-2025-32801
CVE-2025-32802
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9166: apache-commons-beanutils security update (IMPORTANT)
Oracle Linux 10
[1.9.4-21]
- Fix improper access control vulnerability
- Resolves: CVE-2025-48734
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-48734
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-9120: libvpx security update (IMPORTANT)
Oracle Linux 10
[1.14.1-3]
- Add patch for double free
Resolves: RHEL-93905
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-5283
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8341: firefox security update (IMPORTANT)
Oracle Linux 10
[128.11.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
[128.11.0-1]
- Update to 128.11.0
[128.10.1-1]
- Update to 128.10.1
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-5268
CVE-2025-5266
CVE-2025-5283
CVE-2025-5269
CVE-2025-5263
CVE-2025-5264
CVE-2025-5267
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8184: gstreamer1-plugins-bad-free security update (IMPORTANT)
Oracle Linux 10
[1.24.11-2]
- fix for CVE-2025-3887
Resolves: RHEL-93045
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-3887
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7524: xz security update (IMPORTANT)
Oracle Linux 10
[1:5.6.2-4]
- Fix: heap-use-after-free bug in threaded .xz decoder (CVE-2025-31115)
- Resolves: RHEL-86029
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-31115
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-7517: sqlite security update (IMPORTANT)
Oracle Linux 10
[3.46.1-4]
- Fix for CVE-2025-3277
- Resolves: RHEL-87295
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-3277
cpe:/o:oracle:linux:10::u0_baseos_patch
cpe:/a:oracle:linux:10::appstream
cpe:/o:oracle:linux:10::baseos_latest
ELSA-2025-7490: mod_auth_openidc security update (IMPORTANT)
Oracle Linux 10
[2.4.15-4.el10_0.1]
- Fix CVE-2025-31492
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-31492
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9304: xorg-x11-server-Xwayland security update (IMPORTANT)
Oracle Linux 10
[24.1.5-4]
- CVE fix for: CVE-2025-49175 (RHEL-97129), CVE-2025-49176 (RHEL-97135),
CVE-2025-49177 (RHEL-97141), CVE-2025-49178 (RHEL-97147),
CVE-2025-49179 (RHEL-97153), CVE-2025-49180 (RHEL-97159)
[24.1.5-3]
Rebuild for 10.0.z required due to issue when releasing original erratum.
- CVE fix for: CVE-2025-26594 (RHEL-80504), CVE-2025-26595 (RHEL-80505),
CVE-2025-26596 (RHEL-80510), CVE-2025-26597 (RHEL-80511),
CVE-2025-26598 (RHEL-80513), CVE-2025-26599 (RHEL-80512),
CVE-2025-26600 (RHEL-80517), CVE-2025-26601 (RHEL-80516)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-49178
CVE-2025-49175
CVE-2025-49180
CVE-2025-49176
CVE-2025-49179
CVE-2025-49177
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8550: varnish security update (IMPORTANT)
Oracle Linux 10
[7.6.1-2.el10_0.1]
- Resolves: RHEL-89691 - varnish: request smuggling attacks (CVE-2025-47905)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-47905
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-8128: libsoup3 security update (IMPORTANT)
Oracle Linux 10
[3.6.5-3.el10_0.6]
- Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907
[3.6.5-3]
- Add patch to hopefully fix http2-body-size-test timeouts
[3.6.5-2]
- Add patch to hopefully fix server-test timeouts
[3.6.5-1]
- Update to 3.6.5 and add patches for CVEs
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-32049
CVE-2025-32907
CVE-2025-4035
CVE-2025-4948
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::codeready_builder
ELSA-2025-7509: valkey security update (IMPORTANT)
Oracle Linux 10
[8.0.3.1]
- rebase to 8.0.3
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-21605
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7500: perl security update (IMPORTANT)
Oracle Linux 10
[4:5.40.2-512.1]
- 5.40.2 bump (see <https://metacpan.org/release/SHAY/perl-5.40.2/view/pod/perldelta.pod>)
- Resolves: RHEL-87186
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2024-56406
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7489: php security update (IMPORTANT)
Oracle Linux 10
[8.3.19-1]
- rebase to 8.3.19
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2024-11235
CVE-2025-1219
CVE-2025-1217
CVE-2025-1736
CVE-2025-1861
CVE-2025-1734
cpe:/a:oracle:linux:10::appstream
ELSA-2025-8135: python-tornado security update (IMPORTANT)
Oracle Linux 10
[6.4.2-1.el10_0.1]
- httputil: Raise errors instead of logging in multipart/form-data parsing
Resolves: RHEL-91992
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-47287
cpe:/a:oracle:linux:10::appstream
ELSA-2025-7496: libxslt security update (IMPORTANT)
Oracle Linux 10
[1.1.39-7]
- Fix CVE-2024-55549 (RHEL-83503)
- Fix CVE-2025-24855 (RHEL-83489)
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-24855
CVE-2024-55549
cpe:/a:oracle:linux:10::appstream
ELSA-2025-9063: git-lfs security update (MODERATE)
Oracle Linux 10
[3.6.1-2]
- Rebuild with new Golang
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2025-22871
cpe:/a:oracle:linux:10::appstream
ELSA-2025-20371: Unbreakable Enterprise kernel security update (IMPORTANT)
Oracle Linux 10
[6.12.0-100.28.2.el10uek]
- sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash (Omar Sandoval)
- certs: Add new Oracle Linux Driver Signing (key 1) certificate (Sherry Yang) [Orabug: 37967533]
- Revert 'block: sysfs option to change ioticks granularity' (Gulam Mohamed) [Orabug: 37921776]
- RDS: use pin_user_pages_fast() (Stephen Brennan) [Orabug: 37968545]
[6.12.0-100.28.1.el10uek]
- KVM: SEV: Add KVM_SEV_SNP_ENABLE_REQ_CERTS command (Michael Roth) [Orabug: 37894105]
- KVM: Introduce KVM_EXIT_SNP_REQ_CERTS for SNP certificate-fetching (Michael Roth) [Orabug: 37894105]
- Revert 'KVM: Introduce KVM_EXIT_SNP_REQ_CERTS for SNP certificate-fetching' (Liam Merwick) [Orabug: 37894105]
- uek-rpm: Enable SECURITY_DMESG_RESTRICT in UEK8 (Harshit Mogalapalli) [Orabug: 37867042]
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2025-37821
cpe:/a:oracle:linux:10::UEKR8
ELBA-2025-6631: libndp bug fix and enhancement update (IMPORTANT)
Oracle Linux 10
[1.9-2]
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
[1.9-1]
- Update to libndp 1.9
[1.8-10]
- Bump release for June 2024 mass rebuild
[1.8-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[1.8-8]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[1.8-7]
- migrated to SPDX license
[1.8-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
[1.8-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
IMPORTANT
Copyright 2025 Oracle, Inc.
CVE-2024-5564
cpe:/a:oracle:linux:10::distro_builder
cpe:/o:oracle:linux:10::u0_baseos_base
cpe:/o:oracle:linux:10::baseos_latest
ELBA-2025-6597: libxml2 bug fix and enhancement update (CRITICAL)
Oracle Linux 10
[2.12.5-5]
- Fix CVE-2024-56171 (RHEL-80119)
- Fix CVE-2025-24928 (RHEL-80134)
[2.12.5-4]
- Fix CVE-2024-40896 (RHEL-72060)
[2.12.5-3]
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
[2.12.5-2]
- Bump release for June 2024 mass rebuild
[2.12.5-1]
- Update to 2.12.5 (#2262648)
[2.12.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[2.12.4-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[2.12.4-1]
- Update to 2.12.4 (#2258493)
[2.12.3-1]
- Update to 2.12.3 (#2254194)
[2.12.2-2]
- Upstream patch to add extra includes
[2.12.2-1]
- Update to 2.12.2 (#2137281)
- Enable W3C XML Conformance and Schema test suites
[2.12.1-1]
- Update to 2.12.1 (#2250062)
[2.12.0-1]
- Update to 2.12.0 (#2250062)
[2.11.6-1]
- Update to 2.11.6
[2.11.5-1]
- Update to 2.11.5 (#2190441)
[2.10.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
[2.10.4-2]
- Rebuilt for Python 3.12
[2.10.4-1]
- Update to 2.10.4 (#2185870)
[2.10.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
[2.10.3-2]
- Set build options to maintain (most) symbols from 2.9.14 (#2139546)
[2.10.3-1]
- Update to 2.10.3 (#2119077)
[2.10.2-1]
- Update to 2.10.2 (#2119077)
[2.9.14-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
[2.9.14-2]
- Rebuilt for Python 3.11
[2.9.14-1]
- Update to 2.9.14 (#2080961)
[2.9.13-1]
- Update to 2.9.13
[2.9.12-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
[2.9.12-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
[2.9.12-5]
- Rebuilt for Python 3.10
[2.9.12-4]
- Fix xmlNodeDumpOutputInternal regression (#1965662)
[2.9.12-3]
- Fix multiarch conflict in devel subpackage
[2.9.12-2]
- Fix python-lxml regression with 2.9.12
[2.9.12-1]
- Update to 2.9.12 (#1960153)
[2.9.10-12]
- Fix CVE-2021-3537 (#1956524)
[2.9.10-11]
- Fix CVE-2021-3516 (#1954227)
- Fix CVE-2021-3517 (#1954234)
- Fix CVE-2021-3518 (#1954243)
[2.9.10-10]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
[2.9.10-9]
- Build the Python extension with the PY_SSIZE_T_CLEAN macro to make it
compatible with Python 3.10.
- Fixes: rhbz#1890878.
[2.9.10-8]
- Add correct fix for CVE-2020-24977 (RHBZ#1877788), thanks: Jan de Groot.
[2.9.10-7]
- Add fix for CVE-2020-24977 (RHBZ#1877788).
[2.9.10-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
[2.9.10-5]
- Rebuilt for Python 3.9
[2.9.10-4]
- Fix CVE-2019-20388 (#1799736)
- Fix CVE-2020-7595 (#1799786)
[2.9.10-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
[2.9.10-2]
- Fix relaxed approach to nested documents on object disposal (#1780573)
[2.9.10-1]
- Update to 2.9.10 (#1767151)
[2.9.9-7]
- Subpackage python2-libxml2 has been removed
See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
[2.9.9-6]
- Rebuilt for Python 3.8.0rc1 (#1748018)
[2.9.9-5]
- Rebuild to fix corrupted libxml2-static package on aarch64 (#1745020)
[2.9.9-4]
- Rebuilt for Python 3.8
[2.9.9-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
[2.9.9-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
[2.9.9-1]
- Update to 2.9.9
[2.9.8-5]
- Add patch to fix crash: xmlParserPrintFileContextInternal mangles utf8
[2.9.8-4]
- Backport patches from upstream
[2.9.8-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[2.9.8-2]
- Rebuilt for Python 3.7
[2.9.8-1]
- Update to 2.9.8
[2.9.7-4]
- Rebuild with new LDFLAGS from redhat-rpm-config
[2.9.7-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[2.9.7-2]
- Switch to %ldconfig_scriptlets
[2.9.7-1]
- Update to 2.9.7
- Cleanups in packaging
[2.9.5-3]
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
[2.9.5-2]
- Fix reporting error about undefined XPath variables (bug #1493613)
[2.9.5-1]
- update to 2.9.5
[2.9.4-5]
- Python 2 binary package renamed to python2-libxml2
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
[2.9.4-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[2.9.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[2.9.4-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[2.9.4-1]
- Update to 2.9.4.
- Apply very hacky patch that removes the no longer in python-3.6 PyVerify_fd symbol.
[2.9.3-5]
- Rebuild for Python 3.6
[2.9.3-4]
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
[2.9.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[2.9.3-2]
- Fix obsoletes versions now that F22 has libxml2 2.9.3 (#1287262)
[2.9.2-1]
- upstream release of 2.9.3
- Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941, CVE-2015-1819
CVE-2015-7497, CVE-2015-7498, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500
and CVE-2015-8242
- many other bug fixes
[2.9.2-9]
- Rebuilt for Python3.5 rebuild
- Python3.5 has new naming convention for byte compiled files
[2.9.2-8]
- Remove executable permissions from documentation. Complies with packaging
guidelines and solves issue of libxml2-python3 package depending on python2
[2.9.2-7]
- Remove dependency on python2 from python3 subpackage, rhbz#1250940
[2.9.2-6]
- Rename the Python 3 subpackage to python3-libxml2 as per guidelines
[2.9.2-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[2.9.2-4]
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
[2.9.2-3]
- Added Python 3 subpackage
[2.9.2-2]
- Avoid corrupting the xml catalogs
[2.9.2-1]
- upstream release of 2.9.2
- Fix for CVE-214-3660 billion laugh DOS
- many other bug fixes
[2.9.1-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[2.9.1-4]
- fix license handling
[2.9.1-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[2.9.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
[2.9.1-1]
- upstream release of 2.9.1
- a couple more API entry point
- compatibility with python3
- a lot of bug fixes
[2.9.0-4]
- fix --nocheck build which I broke in october rhbz#909767
[2.9.0-3]
- workaround for crc/len check failure, rhbz#877567
[2.9.0-2]
- remaining cleanups from merge bug rhbz#226079
- do not put the docs in the main package, only in -devel rhbz#864731
[2.9.0-1]
- upstream release of 2.9.0
- A few new API entry points
- More resilient push parser mode
- A lot of portability improvement
- Faster XPath evaluation
- a lot of bug fixes and smaller improvement
[2.9.0-0rc1]
- upstream release candidate 1 of 2.9.0
- introduce a small API change, but ABI compatible, see
https://mail.gnome.org/archives/xml/2012-August/msg00005.html
patches for php, gcc/libjava and evolution-data-connector are upstream
Grab me in cases of problems veillard@redhat.com
- many bug fixes including security aspects and small improvements
[2.8.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
[2.8.0-1]
- upstream release of 2.8.0
- add lzma compression support
- many bug fixes and small improvements
[2.7.8-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
[2.7.8-6]
- fix a double free in XPath CVE-2010-4494 bug 665965
[2.7.8-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
[2.7.8-4]
- reactivate shared libs versionning script
[2.7.8-1]
- Upstream release of 2.7.8
- various bug fixes, including potential crashes
- new non-destructive formatting option
- date parsing updated to RFC 5646
[2.7.7-2]
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
[2.7.7-1]
- Upstream release of 2.7.7
- fix serious trouble with zlib >= 1.2.4
- xmllint new option --xpath
- various HTML parser improvements
- includes a number of nug fixes
[2.7.6-1]
- Upstream release of 2.7.6
- restore thread support off by default in 2.7.5
[2.7.5-1]
- Upstream release of 2.7.5
- fix a couple of Relax-NG validation problems
- couple more fixes
[2.7.4-2]
- fix a problem with little data at startup affecting inkscape #523002
[2.7.4-1]
- upstream release 2.7.4
- symbol versioning of libxml2 shared libs
- very large number of bug fixes
[2.7.3-4]
- two patches for parsing problems CVE-2009-2414 and CVE-2009-2416
[2.7.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
[2.7.3-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
[2.7.3-1]
- new release 2.7.3
- limit default max size of text nodes
- special parser mode for PHP
- bug fixes and more compiler checks
[2.7.2-7]
- Pull back into Python 2.6
[2.7.2-6]
- AutoProvides requires BuildRequires pkgconfig
[2.7.2-5]
- rebuild to get provides(libxml-2.0) into HEAD rawhide
[2.7.2-4]
- Rebuild for pkgconfig logic
[2.7.2-3]
- Rebuild for Python 2.6
[2.7.2-2.fc11]
- two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226
[2.7.2-1.fc10]
- new release 2.7.2
- Fixes the known problems in 2.7.1
- increase the set of options when saving documents
[2.7.1-2.fc10]
- fix a nasty bug in 2.7.x, http://bugzilla.gnome.org/show_bug.cgi?id=554660
[2.7.1-1.fc10]
- fix python serialization which was broken in 2.7.0
- Resolve: rhbz#460774
[2.7.0-1.fc10]
- upstream release of 2.7.0
- switch to XML 1.0 5th edition
- switch to RFC 3986 for URI parsing
- better entity handling
- option to remove hardcoded limitations in the parser
- more testing
- a new API to allocate entity nodes
- and lot of fixes and clanups
[2.6.32-4.fc10]
- fix for entities recursion problem
- Resolve: rhbz#459714
[2.6.32-3.fc10]
- cleanup based on Fedora packaging guidelines, should fix #226079
- separate a -static package
[2.6.32-2.fc10]
- try to fix multiarch problems like #440206
[2.6.32-1.fc9]
- upstream release 2.6.32 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.31-2]
- Autorebuild for GCC 4.3
[2.6.31-1.fc9]
- upstream release 2.6.31 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.30-1]
- upstream release 2.6.30 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.29-1]
- upstream release 2.6.29 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.28-2]
- Bump revision to fix N-V-R problem
[2.6.28-1]
- upstream release 2.6.28 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.27-2]
- rebuild against python 2.5
[2.6.27-1]
- upstream release 2.6.27 see http://xmlsoft.org/news.html
- very large amount of bug fixes reported upstream
[2.6.26-2.1.1]
- rebuild
[2.6.26-2.1]
- rebuild
[2.6.26-2]
- fix bug #192873
[2.6.26-1]
- upstream release 2.6.26 see http://xmlsoft.org/news.html
* Tue Jun 06 2006 Daniel Veillard <veillard@redhat.com>
- upstream release 2.6.25 broken, do not ship !
CRITICAL
Copyright 2025 Oracle, Inc.
CVE-2024-40896
cpe:/a:oracle:linux:10::u0_appstream_base
cpe:/o:oracle:linux:10::u0_baseos_base
cpe:/o:oracle:linux:10::baseos_latest
cpe:/a:oracle:linux:10::codeready_builder
cpe:/a:oracle:linux:10::appstream
ELBA-2025-5309: mod_proxy_cluster bug fix and enhancement update (MODERATE)
Oracle Linux 10
[1.3.21-1]
- Resolves: RHEL-76000 Rebase mod_proxy_cluster to upstream 1.3.21.Final release
[0:1.3.20-1.1]
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
[1.3.20-1]
- Rebase mod_proxy_cluster to upstream 1.3.20.Final tag
- Related: RHEL-55407 - Rebase mod_proxy_cluster to upstream 1.3.20.Final release
[1.3.19-1.2]
- Bump release for June 2024 mass rebuild
[1.3.19-1.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[1.3.19-1]
- First build
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-10306
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::u0_appstream_base
ELBA-2025-4872: rpm-ostree bug fix and enhancement update (MODERATE)
Oracle Linux 10
[2025.5-1]
- Rebase to rpm-ostree 2025.5
[2025.4-1]
- Rebase to rpm-ostree 2025.4
[2025.3-1]
- Rebase to rpm-ostree 2025.3
[2025.2-1]
- Rebase to rpm-ostree 2025.2
[2025.1-1]
- Rebase to rpm-ostree 2025.1
[2024.9-5]
- Reapply 'Flip bcond for ostree_ext off'
[2024.9-4]
- Revert 'Flip bcond for ostree_ext off'
[2024.9-3]
- Flip bcond for ostree_ext off
[2024.9-2]
- Add a bcond for ostree_ext
[2024.9-1]
- Release 2024.9
[2024.8-3]
- Bump release for October 2024 mass rebuild:
[2024.8-2]
- Backport https://github.com/coreos/rpm-ostree/pull/5114
[2024.8-1]
- Rebase to 2024.8
[2024.7-2]
- Backport https://github.com/coreos/rpm-ostree/pull/5051
[2024.7-1]
- Release 2024.7
[2024.6-2]
- Bump release for June 2024 mass rebuild
[2024.6-1]
- Release 2024.6
[2024.5-1]
- Resolves #RHEL-30414
[2024.2-2]
- Add gating yaml
[2024.2-1]
- Release 2024.2
[2024.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[2024.1-2]
- https://github.com/coreos/rpm-ostree/releases/tag/v2024.1
[2023.12-1]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.12
[2023.11-1]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.11
[2023.10-4]
- Setup rpm-ostree-countme.timer according to presets
[2023.10-3]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.10
[2023.8-3]
- Update python3 macros and dependency.
[2023.8-2]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.8
[2023.6-2]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.7
[2023.5-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
[2023.5-1]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.5
[2023.4-5]
- Switch License tags to SPDX
[2023.4-4]
- Backport libdnf patches to work with rpm-4.19
[2023.4-3]
- Rebuild against rpm-4.19 (https://fedoraproject.org/wiki/Changes/RPM-4.19)
[2023.4-2]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.4
[2023.3-1]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.3
[2023.2-1]
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.2
[2023.1-4]
- Cherry pick
https://github.com/coreos/rpm-ostree/pull/4308/commits/476afb1d08513cb74cd1d28490c5e028c70f67c2
MODERATE
Copyright 2025 Oracle, Inc.
CVE-2024-2905
cpe:/a:oracle:linux:10::appstream
cpe:/a:oracle:linux:10::u0_appstream_base
golang-misc
golang-tests
golang-docs
oraclelinux-release
golang-bin
golang-race
golang
golang-src
go-toolset
python3-libxml2
libxml2
libxml2-devel
libxml2-static
oraclelinux-release
gnome-remote-desktop
oraclelinux-release
podman
podman-tests
podman-remote
podman-docker
oraclelinux-release
kernel-uek64k-modules-core
kernel-uek-debug-modules-extra-netfilter
kernel-uek64k
kernel-uek-devel
kernel-uek-debug-modules
kernel-uek-modules-core
kernel-uek64k-modules
kernel-uek-debug-modules-extra
kernel-uek-debug-modules-desktop
kernel-uek-debug-modules-wireless
kernel-uek-core
kernel-uek64k-modules-wireless
kernel-uek-modules-usb
kernel-uek
kernel-uek-modules
kernel-uek64k-modules-desktop
kernel-uek64k-modules-usb
kernel-uek64k-core
kernel-uek-modules-desktop
kernel-uek-debug-core
kernel-uek64k-modules-extra
kernel-uek-debug-modules-usb
kernel-uek-modules-extra
kernel-uek-modules-deprecated
kernel-uek-tools
kernel-uek64k-modules-deprecated
kernel-uek-modules-wireless
kernel-uek-doc
oraclelinux-release
kernel-uek-debug-devel
kernel-uek64k-modules-extra-netfilter
kernel-uek-debug-modules-core
kernel-uek-debug
kernel-uek64k-devel
kernel-uek-debug-modules-deprecated
kernel-uek-modules-extra-netfilter
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-devel-matched
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-debug-devel-matched
kernel-modules-extra
python3-perf
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel-modules
buildah
buildah-tests
oraclelinux-release
xorg-x11-server-Xwayland-devel
xorg-x11-server-Xwayland
oraclelinux-release
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
kernel
kernel-tools-libs-devel
kernel-uki-virt
kernel-modules-core
kernel-devel
kernel-modules
rv
kernel-uki-virt-addons
perf
kernel-debug-modules-core
kernel-debug
kernel-devel-matched
kernel-modules-extra
python3-perf
kernel-debug-devel-matched
kernel-abi-stablelists
kernel-doc
kernel-debug-core
kernel-debug-modules-extra
kernel-cross-headers
kernel-tools
kernel-headers
kernel-debug-modules
kernel-core
oraclelinux-release
kernel-debug-uki-virt
kernel-tools-libs
libperf
kernel-debug-devel
rtla
python3-devel
oraclelinux-release
python3-libs
python-unversioned-command
python3-idle
python3-tkinter
python3-debug
python3-test
python3
thunderbird
oraclelinux-release
pcs
pcs-snmp
cockpit-ha-cluster
oraclelinux-release
corosynclib
corosync-vqsim
corosync
oraclelinux-release
firefox
oraclelinux-release
osbuild-composer
osbuild-composer-core
osbuild-composer-worker
oraclelinux-release
osbuild-composer
osbuild-composer-core
osbuild-composer-worker
oraclelinux-release
dotnet-runtime-dbg-9.0
netstandard-targeting-pack-2.1
oraclelinux-release
dotnet-hostfxr-9.0
aspnetcore-targeting-pack-9.0
dotnet-sdk-dbg-9.0
dotnet-apphost-pack-9.0
dotnet-templates-9.0
dotnet-sdk-9.0
dotnet-sdk-aot-9.0
aspnetcore-runtime-9.0
aspnetcore-runtime-dbg-9.0
dotnet-targeting-pack-9.0
dotnet-sdk-9.0-source-built-artifacts
dotnet-host
dotnet-runtime-9.0
skopeo-tests
skopeo
oraclelinux-release
skopeo-tests
skopeo
oraclelinux-release
dotnet-runtime-dbg-9.0
netstandard-targeting-pack-2.1
oraclelinux-release
dotnet-hostfxr-9.0
aspnetcore-targeting-pack-9.0
dotnet-sdk-dbg-9.0
dotnet-apphost-pack-9.0
dotnet-templates-9.0
dotnet-sdk-9.0
dotnet-sdk-aot-9.0
aspnetcore-runtime-9.0
aspnetcore-runtime-dbg-9.0
dotnet-targeting-pack-9.0
dotnet-sdk-9.0-source-built-artifacts
dotnet-host
dotnet-runtime-9.0
libsoup3
libsoup3-devel
libsoup3-doc
oraclelinux-release
thunderbird
oraclelinux-release
firefox
oraclelinux-release
gvisor-tap-vsock-gvforwarder
gvisor-tap-vsock
oraclelinux-release
grafana
grafana-selinux
oraclelinux-release
podman
podman-tests
podman-remote
podman-docker
oraclelinux-release
python3-setuptools
python3-setuptools-wheel
oraclelinux-release
aspnetcore-targeting-pack-8.0
dotnet-apphost-pack-8.0
oraclelinux-release
dotnet-runtime-dbg-8.0
aspnetcore-runtime-dbg-8.0
dotnet-hostfxr-8.0
dotnet-runtime-8.0
dotnet-sdk-8.0
aspnetcore-runtime-8.0
dotnet-sdk-8.0-source-built-artifacts
dotnet-sdk-dbg-8.0
dotnet-targeting-pack-8.0
dotnet-templates-8.0
firefox
oraclelinux-release
aspnetcore-targeting-pack-8.0
dotnet-apphost-pack-8.0
oraclelinux-release
dotnet-runtime-dbg-8.0
aspnetcore-runtime-dbg-8.0
dotnet-hostfxr-8.0
dotnet-runtime-8.0
dotnet-sdk-8.0
aspnetcore-runtime-8.0
dotnet-templates-8.0
dotnet-sdk-dbg-8.0
dotnet-sdk-8.0-source-built-artifacts
dotnet-targeting-pack-8.0
thunderbird
oraclelinux-release
firefox
oraclelinux-release
nodejs-libs
nodejs
nodejs-devel
oraclelinux-release
nodejs-npm
nodejs-docs
nodejs-full-i18n
ipp-usb
oraclelinux-release
thunderbird
oraclelinux-release
grafana
grafana-selinux
oraclelinux-release
ghostscript-tools-fonts
ghostscript
ghostscript-tools-dvipdf
ghostscript-tools-printing
oraclelinux-release
libgs-devel
libgs
ghostscript-doc
qt6-qtbase-odbc
oraclelinux-release
qt6-qtbase-mysql
qt6-qtbase-static
qt6-qtbase-examples
qt6-qtbase-common
qt6-qtbase-devel
qt6-qtbase-private-devel
qt6-qtbase-gui
qt6-qtbase
qt6-qtbase-postgresql
mod_proxy_cluster
oraclelinux-release
freerdp-libs
oraclelinux-release
freerdp-devel
freerdp
freerdp-server
libwinpr-devel
libwinpr
gvisor-tap-vsock-gvforwarder
gvisor-tap-vsock
oraclelinux-release
buildah
buildah-tests
oraclelinux-release
podman
podman-tests
podman-remote
podman-docker
oraclelinux-release
grafana-pcp
oraclelinux-release
grafana
grafana-selinux
oraclelinux-release
perl-FCGI
oraclelinux-release
ghostscript-tools-fonts
ghostscript
ghostscript-tools-dvipdf
ghostscript-tools-printing
oraclelinux-release
libgs-devel
libgs
ghostscript-doc
tomcat-servlet-6.0-api
tomcat
oraclelinux-release
tomcat-admin-webapps
tomcat-jsp-3.1-api
tomcat-webapps
tomcat-lib
tomcat-docs-webapp
tomcat-el-5.0-api
iputils
oraclelinux-release
libarchive
libarchive-devel
bsdtar
oraclelinux-release
krb5-devel
oraclelinux-release
krb5-pkinit
krb5-libs
libkadm5
krb5-workstation
krb5-server-ldap
krb5-server
delve
oraclelinux-release
wireshark-devel
wireshark
wireshark-cli
oraclelinux-release
golang-misc
golang-tests
golang-docs
oraclelinux-release
golang-bin
golang
golang-src
go-toolset
ruby-doc
rubygem-minitest
rubygem-rss
rubygem-power_assert
rubygem-racc
rubygem-io-console
rubygem-irb
rubygem-bundler
rubygem-json
ruby-libs
rubygems
ruby-devel
rubygem-rexml
rubygem-test-unit
ruby-bundled-gems
rubygem-bigdecimal
ruby
rubygem-typeprof
rubygem-psych
oraclelinux-release
ruby-default-gems
rubygem-rdoc
rubygem-rake
rubygem-rbs
rubygems-devel
tomcat9-webapps
tomcat9-admin-webapps
tomcat9-jsp-2.3-api
oraclelinux-release
tomcat9-lib
tomcat9-el-3.0-api
tomcat9-docs-webapp
tomcat9-servlet-4.0-api
tomcat9
libblockdev-utils
libblockdev-btrfs
libblockdev-nvdimm
libblockdev-lvm-dbus
libblockdev-fs
oraclelinux-release
python3-blockdev
libblockdev-crypto
libblockdev-mpath
libblockdev-part
libblockdev-mdraid
libblockdev-smart
libblockdev-lvm
libblockdev-swap
libblockdev-plugins-all
libblockdev
libblockdev-nvme
libblockdev-tools
libblockdev-smartmontools
libblockdev-loop
libblockdev-dm
ipa-common
ipa-client
python3-ipaclient
oraclelinux-release
ipa-selinux-luna
ipa-server-encrypted-dns
python3-ipaserver
ipa-server-common
ipa-server-dns
ipa-selinux
ipa-server
python3-ipatests
ipa-client-common
ipa-client-encrypted-dns
ipa-selinux-nfast
python3-ipalib
ipa-client-epn
ipa-client-samba
ipa-server-trust-ad
thunderbird
oraclelinux-release
nodejs-libs
nodejs
nodejs-devel
oraclelinux-release
nodejs-npm
nodejs-docs
nodejs-full-i18n
unbound
oraclelinux-release
python3-unbound
unbound-anchor
unbound-devel
unbound-libs
unbound-dracut
yggdrasil
yggdrasil-devel
oraclelinux-release
expat
expat-devel
oraclelinux-release
libarchive
libarchive-devel
bsdtar
oraclelinux-release
java-21-openjdk-demo
java-21-openjdk-static-libs-slowdebug
java-21-openjdk-demo-fastdebug
java-21-openjdk-headless
java-21-openjdk-slowdebug
java-21-openjdk-jmods
java-21-openjdk-javadoc
java-21-openjdk-src-fastdebug
java-21-openjdk-javadoc-zip
java-21-openjdk-jmods-fastdebug
java-21-openjdk-devel-fastdebug
java-21-openjdk-jmods-slowdebug
java-21-openjdk-devel-slowdebug
java-21-openjdk-headless-slowdebug
java-21-openjdk-static-libs-fastdebug
java-21-openjdk-devel
java-21-openjdk-demo-slowdebug
java-21-openjdk-src-slowdebug
oraclelinux-release
java-21-openjdk-static-libs
java-21-openjdk-fastdebug
java-21-openjdk
java-21-openjdk-headless-fastdebug
java-21-openjdk-src
perl-Git-SVN
git
git-instaweb
git-core-doc
git-daemon
perl-Git
oraclelinux-release
git-credential-libsecret
gitk
git-all
git-gui
git-subtree
git-svn
gitweb
git-core
git-email
python3-jinja2+i18n
python3-jinja2
oraclelinux-release
golang-misc
golang-tests
golang-docs
oraclelinux-release
golang-bin
golang
golang-src
go-toolset
delve
exiv2
exiv2-devel
exiv2-libs
exiv2-doc
oraclelinux-release
kea-hooks
kea-libs
kea-doc
kea-keama
oraclelinux-release
kea
apache-commons-beanutils-javadoc
apache-commons-beanutils
oraclelinux-release
libvpx
libvpx-devel
oraclelinux-release
firefox
oraclelinux-release
gstreamer1-plugins-bad-free-devel
gstreamer1-plugins-bad-free
gstreamer1-plugins-bad-free-libs
oraclelinux-release
xz
xz-lzma-compat
xz-devel
xz-libs
oraclelinux-release
sqlite
sqlite-libs
sqlite-devel
oraclelinux-release
mod_auth_openidc
oraclelinux-release
xorg-x11-server-Xwayland-devel
xorg-x11-server-Xwayland
oraclelinux-release
varnish-devel
varnish
varnish-docs
oraclelinux-release
libsoup3
libsoup3-devel
libsoup3-doc
oraclelinux-release
valkey-devel
valkey
oraclelinux-release
perl-B
perl-Term-ReadLine
perl-libs
perl-ExtUtils-Constant
perl-English
perl-lib
perl-ExtUtils-Miniperl
perl-macros
perl-Dumpvalue
perl-Term-Complete
perl-Errno
perl-Hash-Util-FieldHash
perl-File-stat
perl-devel
perl-libnetcfg
perl-POSIX
perl-vmsish
perl-IPC-Open3
oraclelinux-release
perl-FileCache
perl-Thread
perl-Thread-Semaphore
perl-Config-Extensions
perl-vars
perl-Getopt-Std
perl-ExtUtils-Embed
perl-Opcode
perl-File-DosGlob
perl-FileHandle
perl-Benchmark
perl-utils
perl-DBM_Filter
perl-Math-Complex
perl-GDBM_File
perl-Time
perl-User-pwent
perl-diagnostics
perl-FindBin
perl-ODBM_File
perl-sigtrap
perl-Tie-Memoize
perl-Class-Struct
perl-open
perl-Search-Dict
perl-less
perl-Symbol
perl-fields
perl-Text-Abbrev
perl-filetest
perl-mro
perl-NEXT
perl-subs
perl-Devel-Peek
perl-Attribute-Handlers
perl
perl-File-Copy
perl-File-Basename
perl-SelfLoader
perl-Tie
perl-Safe
perl-IO
perl-blib
perl-encoding-warnings
perl-overload
perl-locale
perl-Memoize
perl-Locale-Maketext-Simple
perl-Pod-Html
perl-overloading
perl-AutoLoader
perl-Unicode-UCD
perl-Module-Loaded
perl-deprecate
perl-meta-notation
perl-Hash-Util
perl-Fcntl
perl-doc
perl-I18N-LangTags
perl-I18N-Collate
perl-debugger
perl-interpreter
perl-File-Find
perl-Test
perl-AutoSplit
perl-if
perl-Devel-SelfStubber
perl-DynaLoader
perl-sort
perl-I18N-Langinfo
perl-Time-Piece
perl-Net
perl-NDBM_File
perl-Pod-Functions
perl-autouse
perl-Tie-File
perl-DirHandle
perl-SelectSaver
perl-base
perl-ph
perl-File-Compare
perl-Sys-Hostname
php-pdo
php-soap
php-mbstring
php-pgsql
php-process
php-intl
php-gmp
php-snmp
php-opcache
php-common
php-gd
php-odbc
php-devel
php-ldap
php-embedded
php-enchant
php-ffi
php
php-mysqlnd
oraclelinux-release
php-dbg
php-fpm
php-dba
php-xml
php-bcmath
php-cli
python3-tornado
oraclelinux-release
libxslt
libxslt-devel
oraclelinux-release
git-lfs
oraclelinux-release
kernel-uek64k-modules-core
kernel-uek-debug-modules-extra-netfilter
kernel-uek64k
kernel-uek-devel
kernel-uek-debug-modules
kernel-uek-modules-core
kernel-uek64k-modules
kernel-uek-debug-modules-extra
kernel-uek-debug-modules-desktop
kernel-uek-debug-modules-wireless
kernel-uek-core
kernel-uek64k-modules-wireless
kernel-uek-modules-usb
kernel-uek
kernel-uek-modules
kernel-uek64k-modules-desktop
kernel-uek64k-modules-usb
kernel-uek64k-core
kernel-uek-modules-desktop
kernel-uek-debug-core
kernel-uek64k-modules-extra
kernel-uek-debug-modules-usb
kernel-uek-modules-extra
kernel-uek-modules-deprecated
kernel-uek-tools
kernel-uek64k-modules-deprecated
kernel-uek-modules-wireless
kernel-uek-doc
oraclelinux-release
kernel-uek-debug-devel
kernel-uek64k-modules-extra-netfilter
kernel-uek-debug-modules-core
kernel-uek-debug
kernel-uek64k-devel
kernel-uek-debug-modules-deprecated
kernel-uek-modules-extra-netfilter
libndp
oraclelinux-release
python3-libxml2
libxml2
libxml2-devel
libxml2-static
oraclelinux-release
mod_proxy_cluster
oraclelinux-release
rpm-ostree
rpm-ostree-libs
oraclelinux-release
bc4d06a08d8b756f
^10
aarch64
0:1.24.4-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2.12.5-7.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:47.3-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6:5.4.0-12.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6.12.0
0:6.12.0-100.28.2.2.el10uek
x86_64
^9
6.12.0
0:6.12.0-100.28.2.2.el9uek
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.20.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
2:1.39.4-2.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:24.1.5-4.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.12.0-55.19.1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.12.9-2.0.1.el10_0.2
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.12.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:0.12.0-3.el10_0.2
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.1.9-1.el10_0.1
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.12.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:134.1-2.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:134.1-2.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:9.0.6-1.0.1.el10_0
0:9.0.107-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
2:1.18.1-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
2:1.18.1-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:9.0.6-1.0.1.el10_0
0:9.0.107-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.6.5-3.el10_0.6
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6:0.8.5-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:10.2.6-18.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6:5.4.0-10.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:69.0.3-12.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:8.0.17-1.0.1.el10_0
0:8.0.117-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:8.0.17-1.0.1.el10_0
0:8.0.117-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:22.16.0-1.el10_0
1:10.9.2-1.22.16.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:0.9.27-3.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:10.2.6-18.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:10.02.1-16.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.8.1-9.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.3.22-1.el10_0.2
x86_64
bc4d06a08d8b756f
^10
aarch64
2:3.10.3-3.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6:0.8.5-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
2:1.39.4-2.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6:5.4.0-10.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:5.2.2-3.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:10.2.6-18.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:0.82-13.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:10.02.1-16.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:10.1.36-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:20240905-2.el10_0.1
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.7.7-3.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.21.3-8.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.24.1-2.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:4.4.2-3.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.23.9-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.3.8-10.el10_0
0:3.1.5-10.el10_0
0:2.5.22-10.el10_0
0:0.7.1-10.el10_0
0:1.13.1-10.el10_0
0:2.7.2-10.el10_0
0:5.20.0-10.el10_0
0:2.0.3-10.el10_0
0:5.1.2-10.el10_0
0:1.7.3-10.el10_0
0:13.1.0-10.el10_0
0:3.4.0-10.el10_0
0:6.6.3.1-10.el10_0
0:3.3.9-10.el10_0
0:0.3.1-10.el10_0
0:3.6.1-10.el10_0
0:0.21.9-10.el10_0
0:3.5.22-10.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:9.0.87-5.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.2.0-4.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:4.12.2-15.0.1.el10_0.1
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:22.16.0-1.el10_0
1:10.9.2-1.22.16.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.20.0-10.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:0.4.5-3.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2.7.1-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.7.7-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:21.0.7.0.6-1.0.1.el10
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2.47.1-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.1.6-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.24.1-1.0.1.el10_0
0:1.23.7-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:0.28.3-3.el10_0.2
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2.6.3-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.9.4-21.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.14.1-3.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:128.11.0-1.0.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.24.11-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
1:5.6.2-4.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.46.1-4.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2.4.15-4.el10_0.1
x86_64
bc4d06a08d8b756f
^10
aarch64
0:24.1.5-4.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:7.6.1-2.el10_0.1
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.6.5-3.el10_0.6
x86_64
bc4d06a08d8b756f
^10
aarch64
0:8.0.3-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
4:5.40.2-512.1.el10_0
0:1.03-512.1.el10_0
0:5.74-512.1.el10_0
0:1.89-512.1.el10_0
0:1.25-512.1.el10_0
0:0.68-512.1.el10_0
0:0.03-512.1.el10_0
0:0.06-512.1.el10_0
0:1.34-512.1.el10_0
0:1.06-512.1.el10_0
0:1.05-512.1.el10_0
0:2.27-512.1.el10_0
0:1.56-512.1.el10_0
0:1.11-512.1.el10_0
0:1.38-512.1.el10_0
0:0.25-512.1.el10_0
0:1.35-512.1.el10_0
0:1.14-512.1.el10_0
0:1.18-512.1.el10_0
0:2.86-512.1.el10_0
0:1.100.800-512.1.el10_0
0:2.41-512.1.el10_0
0:1.12-512.1.el10_0
0:1.44-512.1.el10_0
0:1.10-512.1.el10_0
0:2.05-512.1.el10_0
0:1.54-512.1.el10_0
1:1.24-512.1.el10_0
0:0.32-512.1.el10_0
0:1.27-512.1.el10_0
0:1.02-512.1.el10_0
0:0.45-512.1.el10_0
0:0.24-512.1.el10_0
0:1.55-512.1.el10_0
0:1.22-512.1.el10_0
1:0.21-512.1.el10_0
0:1.62-512.1.el10_0
0:1.16-512.1.el10_0
1:0.08-512.1.el10_0
0:1.17-512.1.el10_0
0:0.69-512.1.el10_0
0:1.04-512.1.el10_0
0:1.65-512.1.el10_0
0:2.20-512.1.el10_0
0:2.46-512.1.el10_0
0:1.07-512.1.el10_0
0:1.09-512.1.el10_0
0:1.403-512.1.el10_0
0:1.31-512.1.el10_0
0:3.05-512.1.el10_0
0:2.13-512.1.el10_0
0:4.6-512.1.el10_0
0:1.1-512.1.el10_0
0:1.3401-512.1.el10_0
0:0.78-512.1.el10_0
0:1.60-512.1.el10_0
0:0.04-512.1.el10_0
0:1.40-512.1.el10_0
0:5.40.2-512.1.el10_0
0:0.14-512.1.el10_0
0:0.61.000-512.1.el10_0
0:0.65-512.1.el10_0
0:1.29-512.1.el10_0
0:1.13-512.1.el10_0
0:1.37-512.1.el10_0
0:0.02-512.1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:8.3.19-1.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:6.4.2-1.el10_0.1
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.1.39-7.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:3.6.1-2.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
6.12.0
0:6.12.0-100.28.2.el10uek
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.9-2.el10
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2.12.5-5.el10_0
x86_64
bc4d06a08d8b756f
^10
aarch64
0:1.3.21-1.el10
x86_64
bc4d06a08d8b756f
^10
aarch64
0:2025.5-1.el10
x86_64