Oracle Linux has released several important security updates and bug fixes across various packages, including receptor, Apache Beanutils, shim, Gimp, container tools, PostgreSQL, and perl-FCGI. The updates are aimed at addressing vulnerabilities and improving system stability.
Key updates include:
1. Receptor Update:
- Oracle Linux 8 receptor received a bug fix (OLAMBA-2025-0008) that reverts changes in the quic-go version and enhances the cleanup of timed-out connections.
2. Apache Commons Beanutils:
- An important security update (ELSA-2025-9114) for Oracle Linux 9 addressed improper access control vulnerabilities (CVE-2025-48734).
3. Shim Update:
- A bug fix for the shim package (ELBA-2025-20376) which includes updates to vendor shim binaries signed with Oracle Secure Boot Signing.
4. Gimp Security Update:
- Oracle Linux 8 Gimp received a significant security update (ELSA-2025-9165) to address multiple vulnerabilities (CVE-2025-5473, CVE-2025-48797, CVE-2025-48798).
5. Container Tools Update:
- The container-tools package for Oracle Linux 8 was updated (ELSA-2025-9142) to fix vulnerabilities, including one related to request smuggling in the buildah tool (CVE-2025-22871).
6. PostgreSQL Security Update:
- An important update for PostgreSQL (ELSA-2025-3978) on Oracle Linux 7 resolved a vulnerability (CVE-2025-1094) regarding improper handling of quoting syntax.
7. Perl-FCGI Update:
- An update for perl-FCGI (ELSA-2025-8696) was released to fix an integer overflow issue when parsing FastCGI parameters (CVE-2025-40907).
These updates are crucial for maintaining system security and reliability, and users are encouraged to apply them promptly to mitigate potential risks. The updates are available on the Unbreakable Linux Network for both x86_64 and aarch64 architectures. It's also recommended to check for additional related advisories and CVEs to ensure comprehensive system protection
Key updates include:
1. Receptor Update:
- Oracle Linux 8 receptor received a bug fix (OLAMBA-2025-0008) that reverts changes in the quic-go version and enhances the cleanup of timed-out connections.
2. Apache Commons Beanutils:
- An important security update (ELSA-2025-9114) for Oracle Linux 9 addressed improper access control vulnerabilities (CVE-2025-48734).
3. Shim Update:
- A bug fix for the shim package (ELBA-2025-20376) which includes updates to vendor shim binaries signed with Oracle Secure Boot Signing.
4. Gimp Security Update:
- Oracle Linux 8 Gimp received a significant security update (ELSA-2025-9165) to address multiple vulnerabilities (CVE-2025-5473, CVE-2025-48797, CVE-2025-48798).
5. Container Tools Update:
- The container-tools package for Oracle Linux 8 was updated (ELSA-2025-9142) to fix vulnerabilities, including one related to request smuggling in the buildah tool (CVE-2025-22871).
6. PostgreSQL Security Update:
- An important update for PostgreSQL (ELSA-2025-3978) on Oracle Linux 7 resolved a vulnerability (CVE-2025-1094) regarding improper handling of quoting syntax.
7. Perl-FCGI Update:
- An update for perl-FCGI (ELSA-2025-8696) was released to fix an integer overflow issue when parsing FastCGI parameters (CVE-2025-40907).
These updates are crucial for maintaining system security and reliability, and users are encouraged to apply them promptly to mitigate potential risks. The updates are available on the Unbreakable Linux Network for both x86_64 and aarch64 architectures. It's also recommended to check for additional related advisories and CVEs to ensure comprehensive system protection
Receptor, Beanutils, Shim, Gimp, Container Tools, PostgreSQL, perl-FCGI updates for Oracle Linux
Oracle Linux has been updated with multiple security updates, including a bug fix for the 8 receptor, an update for Apache Beanutils and shim, as well as security updates for gimp and perl-FCGI:
OLAMBA-2025-0008 Oracle Linux 8 receptor bug fix update
ELSA-2025-9114 Important: Oracle Linux 9 apache-commons-beanutils security update
ELBA-2025-20376 Oracle Linux 8 shim bug fix update
ELSA-2025-9188 Important: Oracle Linux 8 idm:DL1 security update
ELSA-2025-9165 Important: Oracle Linux 8 gimp:2.8 security update
ELSA-2025-9142 Moderate: Oracle Linux 8 container-tools:ol8 security update
ELSA-2025-3978 Important: Oracle Linux 7 postgresql security update
ELSA-2025-8696 Important: Oracle Linux 8 perl-FCGI:0.78 security update
