[El-errata] ELSA-2025-22205 Important: Oracle Linux 7 bind security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Jan 8 11:37:43 UTC 2026
Oracle Linux Security Advisory ELSA-2025-22205
http://linux.oracle.com/errata/ELSA-2025-22205.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
bind-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-chroot-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-export-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-export-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-export-libs-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-export-libs-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-libs-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-libs-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-libs-lite-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-libs-lite-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-license-9.11.4-26.0.5.P2.el7_9.16.noarch.rpm
bind-lite-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-lite-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-pkcs11-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-pkcs11-devel-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-pkcs11-devel-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-pkcs11-libs-9.11.4-26.0.5.P2.el7_9.16.i686.rpm
bind-pkcs11-libs-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-pkcs11-utils-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-sdb-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-sdb-chroot-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
bind-utils-9.11.4-26.0.5.P2.el7_9.16.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/bind-9.11.4-26.0.5.P2.el7_9.16.src.rpm
Related CVEs:
CVE-2025-40778
Description of changes:
[32:9.11.4-26.0.5.P2.16]
- Resolve CVE-2025-40778 [Orabug: 38699863]
[32:9.11.4-26.0.3.P2.16]
- Resolve CVE-2024-11187 [Orabug: 37616907]
[32:9.11.4-26.0.1.P2.16]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Add ability to change runtime limits for max types and records per name
[32:9.11.4-26.P2.16]
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)
- Add missing design by contract tests to dns_catz*
- Speed up parsing of DNS messages with many different names (CVE-2023-4408)
- Do not use header_prev in expire_lru_headers
[32:9.11.4-26.P2.15]
- Limit the amount of recursion possible in control channel (CVE-2023-3341)
[32:9.11.4-26.P2.14]
- Prevent the cache going over the configured limit (CVE-2023-2828)
[32:9.11.4-26.P2.13]
- Tighten cache protection against record from forwarders (CVE-2021-25220)
[32:9.11.4-26.P2.12]
- Include test of forwarders (CVE-2021-25220)
[32:9.11.4-26.P2.11]
- Prevent excessive resource use while processing large delegations.
(CVE-2022-2795)
[32:9.11.4-26.P2.10]
- Fix memory leak in ECDSA verify processing (CVE-2022-38177)
- Fix memory leak in EdDSA verify processing (CVE-2022-38178)
More information about the El-errata
mailing list