Oracle Linux Security Advisory ELSA-2026-3940 http://linux.oracle.com/errata/ELSA-2026-3940.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libnfsidmap-2.5.4-38.0.1.el9_7.3.i686.rpm libnfsidmap-2.5.4-38.0.1.el9_7.3.x86_64.rpm libnfsidmap-devel-2.5.4-38.0.1.el9_7.3.i686.rpm libnfsidmap-devel-2.5.4-38.0.1.el9_7.3.x86_64.rpm nfs-utils-2.5.4-38.0.1.el9_7.3.x86_64.rpm nfs-utils-coreos-2.5.4-38.0.1.el9_7.3.x86_64.rpm nfsv4-client-utils-2.5.4-38.0.1.el9_7.3.x86_64.rpm aarch64: libnfsidmap-2.5.4-38.0.1.el9_7.3.aarch64.rpm libnfsidmap-devel-2.5.4-38.0.1.el9_7.3.aarch64.rpm nfs-utils-2.5.4-38.0.1.el9_7.3.aarch64.rpm nfs-utils-coreos-2.5.4-38.0.1.el9_7.3.aarch64.rpm nfsv4-client-utils-2.5.4-38.0.1.el9_7.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/nfs-utils-2.5.4-38.0.1.el9_7.3.src.rpm Related CVEs: CVE-2025-12801 Description of changes: [2.5.4-38.0.1.el9_7.3] - spec: remove multiple warnings when upgrading nfs-utils with gssproxy [Orabug: 36044562] [2.5.4-38.3] - Add requires for selinux-policy (RHEL-127104) [2.5.4-38.2] - Replace statfs64 with statfs (RHEL-127104) - NFS export symlink vulnerability fix (RHEL-127104) - mountd: Minor refactor of get_rootfh() (RHEL-127104) - mountd: Separate lookup of the exported directory and the mount path (RHEL-127104) - support: Add a mini-library to extract and apply RPC credentials (RHEL-127104) - Fix access checks when mounting subdirectories in NFSv3 (RHEL-127104) Resolves: CVE-2025-12801 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
