Tracking Security Updates and Errata Releases
Oracle releases important changes to the Oracle Linux software as individual package updates, known as errata.
Errata packages can contain the following:
-
Security advisories, which have names prefixed by
ELSA-*
(for Oracle Linux) andOVMSA-*
(for Oracle VM). -
Bug fix advisories, which have names prefixed by
ELBA-*
andOVMBA-*
. -
Feature enhancement advisories, which have names prefixed by
ELEA-*
andOVMEA-*
.
To be notified when new errata packages are released, you can subscribe to the Oracle Linux and Oracle VM errata mailing lists at https://oss.oracle.com/mailman/listinfo/el-errata and https://oss.oracle.com/mailman/listinfo/oraclevm-errata.
You can track updates to Oracle Linux yum server repositories by visiting https://yum.oracle.com/whatsnew.html, where you can see which packages were updated within each repository for the previous six months.
Note:
Oracle doesn't comment on existing security vulnerabilities except through Errata announcements. To provide the best security posture to all Oracle customers, Oracle fixes significant security vulnerabilities in severity order. So, the most critical issues are always fixed first. Fixes for security vulnerabilities are produced in the following order:- Latest code line refers to the code being developed for the next major Oracle release of the product.
- Next patch set for all non terminal releases