[El-errata] ELSA-2025-23306 Moderate: Oracle Linux 10 binutils security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Sat Dec 20 22:26:05 UTC 2025
Oracle Linux Security Advisory ELSA-2025-23306
http://linux.oracle.com/errata/ELSA-2025-23306.html
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:
x86_64:
binutils-2.41-58.0.1.el10_1.2.x86_64.rpm
binutils-devel-2.41-58.0.1.el10_1.2.x86_64.rpm
binutils-gold-2.41-58.0.1.el10_1.2.x86_64.rpm
aarch64:
binutils-2.41-58.0.1.el10_1.2.aarch64.rpm
binutils-devel-2.41-58.0.1.el10_1.2.aarch64.rpm
binutils-gold-2.41-58.0.1.el10_1.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/binutils-2.41-58.0.1.el10_1.2.src.rpm
Related CVEs:
CVE-2025-11082
CVE-2025-11083
Description of changes:
[2.41-58.0.1.2]
- Forward-port Oracle patches to 2.41-58.2
- CVE-2025-11082
- CVE-2025-11083
Reviewed-by: David Faust <david.faust at oracle.com>
Oracle history:
September-29-2025 David Faust <david.faust at oracle.com> - 2.41-58.0.1
- Forward-port Oracle patches to 2.41-58.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
August-29-2025 Bruce McCulloch <bruce.mcculloch at oracle.com> - 2.41-57.0.1
- Forward-port Oracle patches to 2.41-57.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
Jun-04-2025 Bruce McCulloch <bruce.mcculloch at oracle.com> - 2.41-53.0.3
- Add binutils-orabug-38018827.patch.
- Fix ctf_dict_open clobbering errno.
- Backport of upstream commit:
- 14303d6295e libctf: archive, open: when opening, always set errp to
something.
- [Orabug: 38018827]
- Add binutils-orabug-38018828.patch.
- In kernel links, properly hide CTF types only if conflicting.
- Backport of upstream commits:
- 75e514cfa56 Revert "libctf: fix linking of non-root-visible types"
- 002957be18e libctf: dedup: improve hiding of conflicting types in the
same dict
- [Orabug: 38018828]
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
Reviewed-by: Nick Alcock <nick.alcock at oracle.com>
Reviewed-by: Elena Zannoni <elena.zannoni at oracle.com>
May-28-2025 Vladimir Mezentsev <vladimir.mezentsev at oracle.com> - 2.41-53.0.2
- Backported updates for gprofng.
Reviewed-by: Bruce McCulloch <bruce.mcculloch at oracle.com>
April-02-2025 Bruce McCulloch <bruce.mcculloch at oracle.com> - 2.41-53.0.1
- Merge Oracle patches to 2.41-53.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
November-28-2024 Nick Alcock <nick.alcock at oracle.com> - 2.41-45.0.1
- Latest CTF changes from upstream
- add ctf_dict_set_flag, ctf_lookup_enumerator, ctf_lookup_enumerator_next,
ctf_arc_lookup_enumerator_next; consider enums with differing enumerators
to be conflicting
- add documentation to ctf-api.h
- allow modification of ctf_opened dicts and opening of foreign-
endian older dicts
- looking up types by name prefers non-bitfields if possible
- bugfixes to parent propagation, rewriting of existing dicts,
ctf_archive_count, CU-mapped links, and dumping and linking of
non-root-visible types.
- fix a bunch of small leaks and one big one (on ctf_open error)
- fix a write into freed memory after ctf_rollback and writeout
- internal improvements to serialization, name lookup, symbol
lookup, string handling, and more
- explicitly disable zstd support (enabling requires addition of zstd to
the .so scripts)
[2.41-58.2]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-126875)
[2.41-58.1]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-125206)
More information about the El-errata
mailing list