[El-errata] ELSA-2025-23201 Important: Oracle Linux 10 keylime security update

Thu Dec 18 16:59:32 UTC 2025

Oracle Linux Security Advisory ELSA-2025-23201

http://linux.oracle.com/errata/ELSA-2025-23201.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
keylime-7.12.1-11.el10_1.3.x86_64.rpm
keylime-base-7.12.1-11.el10_1.3.x86_64.rpm
keylime-registrar-7.12.1-11.el10_1.3.x86_64.rpm
keylime-selinux-7.12.1-11.el10_1.3.noarch.rpm
keylime-tenant-7.12.1-11.el10_1.3.x86_64.rpm
keylime-tools-7.12.1-11.el10_1.3.x86_64.rpm
keylime-verifier-7.12.1-11.el10_1.3.x86_64.rpm
python3-keylime-7.12.1-11.el10_1.3.x86_64.rpm

aarch64:
keylime-7.12.1-11.el10_1.3.aarch64.rpm
keylime-base-7.12.1-11.el10_1.3.aarch64.rpm
keylime-registrar-7.12.1-11.el10_1.3.aarch64.rpm
keylime-selinux-7.12.1-11.el10_1.3.noarch.rpm
keylime-tenant-7.12.1-11.el10_1.3.aarch64.rpm
keylime-tools-7.12.1-11.el10_1.3.aarch64.rpm
keylime-verifier-7.12.1-11.el10_1.3.aarch64.rpm
python3-keylime-7.12.1-11.el10_1.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/keylime-7.12.1-11.el10_1.3.src.rpm

Related CVEs:

CVE-2025-13609

Description of changes:

[7.12.1-15]
- Registrar allows identity takeover via duplicate UUID registration

[7.12.1-14]
- Properly fix malformed TPM certificates workaround

[7.12.1-13]
- Avoid opening /dev/stdout when printing

[7.12.1-12]
- Fix malformed TPM certificates workaround