[El-errata] ELSA-2026-26455 Important: Oracle Linux 9 389-ds-base security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jun 26 05:00:56 UTC 2026


Oracle Linux Security Advisory ELSA-2026-26455

http://linux.oracle.com/errata/ELSA-2026-26455.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
389-ds-base-2.8.0-7.el9_8.x86_64.rpm
389-ds-base-devel-2.8.0-7.el9_8.x86_64.rpm
389-ds-base-libs-2.8.0-7.el9_8.x86_64.rpm
389-ds-base-snmp-2.8.0-7.el9_8.x86_64.rpm
python3-lib389-2.8.0-7.el9_8.noarch.rpm

aarch64:
389-ds-base-2.8.0-7.el9_8.aarch64.rpm
389-ds-base-devel-2.8.0-7.el9_8.aarch64.rpm
389-ds-base-libs-2.8.0-7.el9_8.aarch64.rpm
389-ds-base-snmp-2.8.0-7.el9_8.aarch64.rpm
python3-lib389-2.8.0-7.el9_8.noarch.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/389-ds-base-2.8.0-7.el9_8.src.rpm

Related CVEs:

CVE-2026-9064




Description of changes:

[2.8.0-7]
- Resolves: RHEL-152356 - Getting "build_candidate_list - Database error 11" messages after migrating to LMDB. [rhel-9.8.z]
- Resolves: RHEL-168967 - Web console doesn't show the sub suffix of ou=foo,ou=people,dc=example,dc=com. [rhel-9.8.z]
- Resolves: RHEL-170269 - DS 12 does not handle escape char in bind user [rhel-9.8.z]
- Resolves: RHEL-174524 - [RFE] Add OS-level thread names to all server threads [rhel-9.8.z]
- Resolves: RHEL-178086 - CVE-2026-9064 389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS) [rhel-9.8]
- Resolves: RHEL-180716 - Online export is failing when using the option "-s" [rhel-9.8.z]
- Resolves: RHEL-183895 - Server shutdown during online reindex may lead to data loss [rhel-9.8.z]




More information about the El-errata mailing list