[El-errata] ELSA-2025-9190 Important: Oracle Linux 10 ipa security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Jun 30 01:12:06 UTC 2025 

Oracle Linux Security Advisory ELSA-2025-9190

http://linux.oracle.com/errata/ELSA-2025-9190.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ipa-client-4.12.2-15.0.1.el10_0.1.x86_64.rpm
ipa-client-common-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-client-encrypted-dns-4.12.2-15.0.1.el10_0.1.x86_64.rpm
ipa-client-epn-4.12.2-15.0.1.el10_0.1.x86_64.rpm
ipa-client-samba-4.12.2-15.0.1.el10_0.1.x86_64.rpm
ipa-common-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-selinux-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-selinux-luna-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-selinux-nfast-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-server-4.12.2-15.0.1.el10_0.1.x86_64.rpm
ipa-server-common-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-server-dns-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-server-encrypted-dns-4.12.2-15.0.1.el10_0.1.x86_64.rpm
ipa-server-trust-ad-4.12.2-15.0.1.el10_0.1.x86_64.rpm
python3-ipaclient-4.12.2-15.0.1.el10_0.1.noarch.rpm
python3-ipalib-4.12.2-15.0.1.el10_0.1.noarch.rpm
python3-ipaserver-4.12.2-15.0.1.el10_0.1.noarch.rpm
python3-ipatests-4.12.2-15.0.1.el10_0.1.noarch.rpm

aarch64:
ipa-client-4.12.2-15.0.1.el10_0.1.aarch64.rpm
ipa-client-common-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-client-encrypted-dns-4.12.2-15.0.1.el10_0.1.aarch64.rpm
ipa-client-epn-4.12.2-15.0.1.el10_0.1.aarch64.rpm
ipa-client-samba-4.12.2-15.0.1.el10_0.1.aarch64.rpm
ipa-common-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-selinux-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-selinux-luna-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-selinux-nfast-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-server-4.12.2-15.0.1.el10_0.1.aarch64.rpm
ipa-server-common-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-server-dns-4.12.2-15.0.1.el10_0.1.noarch.rpm
ipa-server-encrypted-dns-4.12.2-15.0.1.el10_0.1.aarch64.rpm
ipa-server-trust-ad-4.12.2-15.0.1.el10_0.1.aarch64.rpm
python3-ipaclient-4.12.2-15.0.1.el10_0.1.noarch.rpm
python3-ipalib-4.12.2-15.0.1.el10_0.1.noarch.rpm
python3-ipaserver-4.12.2-15.0.1.el10_0.1.noarch.rpm
python3-ipatests-4.12.2-15.0.1.el10_0.1.noarch.rpm


SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/ipa-4.12.2-15.0.1.el10_0.1.src.rpm

Related CVEs:

CVE-2025-4404




Description of changes:

[4.12.2-15.0.1.el10_0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Add bind to ipa-server-common Requires [Orabug: 36518596]

[4.12.2-15.el10_0.1]
- Resolves: RHEL-89908
  EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA
- Resolves: RHEL-89144
  kdb: ipadb_get_connection() succeeds but returns null LDAP context

More information about the El-errata mailing list