Oracle Linux Security Advisory ELSA-2025-22205 http://linux.oracle.com/errata/ELSA-2025-22205.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: bind-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-chroot-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-export-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-export-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-export-libs-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-export-libs-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-libs-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-libs-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-libs-lite-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-libs-lite-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-license-9.11.4-26.0.5.P2.el7_9.16.noarch.rpm bind-lite-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-lite-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-pkcs11-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-pkcs11-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-pkcs11-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-pkcs11-libs-9.11.4-26.0.5.P2.el7_9.16.i686.rpm bind-pkcs11-libs-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-pkcs11-utils-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-sdb-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-sdb-chroot-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm bind-utils-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/bind-9.11.4-26.0.5.P2.el7_9.16.src.rpm Related CVEs: CVE-2025-40778 Description of changes: [32:9.11.4-26.0.5.P2.16] - Resolve CVE-2025-40778 [Orabug: 38699863] [32:9.11.4-26.0.3.P2.16] - Resolve CVE-2024-11187 [Orabug: 37616907] [32:9.11.4-26.0.1.P2.16] - Resolve CVE-2024-1975 - Resolve CVE-2024-1737 - Add ability to change runtime limits for max types and records per name [32:9.11.4-26.P2.16] - Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387 CVE-2023-50868) - Add missing design by contract tests to dns_catz* - Speed up parsing of DNS messages with many different names (CVE-2023-4408) - Do not use header_prev in expire_lru_headers [32:9.11.4-26.P2.15] - Limit the amount of recursion possible in control channel (CVE-2023-3341) [32:9.11.4-26.P2.14] - Prevent the cache going over the configured limit (CVE-2023-2828) [32:9.11.4-26.P2.13] - Tighten cache protection against record from forwarders (CVE-2021-25220) [32:9.11.4-26.P2.12] - Include test of forwarders (CVE-2021-25220) [32:9.11.4-26.P2.11] - Prevent excessive resource use while processing large delegations. (CVE-2022-2795) [32:9.11.4-26.P2.10] - Fix memory leak in ECDSA verify processing (CVE-2022-38177) - Fix memory leak in EdDSA verify processing (CVE-2022-38178) _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
