Oracle Linux 8 : mingw-freetype / and / spice-client-win (ELSA-2025-8292)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8292 advisory. 2.8-3.1 - Fix CVE-2025-27363 Resolves: RHEL-83101 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

kernel security update

5.14.0-570.19.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 9 : varnish (ELSA-2025-8337)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8337 advisory. 6.6.2-6.1 - Resolves: RHEL-89700 - varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 : varnish:6 (ELSA-2025-8336)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8336 advisory. varnish 6.0.13-1.1 - Resolves: RHEL-89695 - varnish: request smuggling attacks CVE-2025-47905 varnish-modules Tenable has extracted the preceding description...

CLSA-2025-1748638011 Update of httpd

ELS-1267: merge spec for centos7, rhel7 and oracle7...

Oracle Linux 9 : pcs (ELSA-2025-8256)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8256 advisory. 0.11.9-2.el96.1 - rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser CVE-2025-46727 Tenable has extracted the preceding description block directly from...

Oracle Linux 7 : firefox (ELSA-2025-4751)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4751 advisory. - Fixes CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 and - CVE-2025-4093 - Update to 128.9.0 build2 Orabug: 37796786CVE-2025-3028CVE-2025-30...

firefox security update

128.10.0-1.0.1 - Updated to 128.10.0 build Orabug: 37924620 - Fixes CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 and - CVE-2025-4093 128.9.0-2.0.1 - Update to 128.9.0 build2 Orabug: 37796786CVE-2025-3028CVE-2025-3029 CVE-2025-3030 128.8.0-1.0.1 - Update to 128.8.0 build1 Orabug:...

Oracle Linux 8 : firefox (ELSA-2025-8308)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-8308 advisory. 128.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...

Oracle Linux 8 : systemd (ELSA-2025-20343)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20343 advisory. 239-82.0.4.5 - coredump: use %d in kernel core pattern - CVE-2025-4598 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : firefox (ELSA-2025-8293)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8293 advisory. 128.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...

Oracle Linux 8 : kernel (ELSA-2025-8246)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8246 advisory. - wifi: rtw89: Fix array index mistake in rtw89stainfogetiter CKI Backport Bot RHEL-54802 CVE-2024-43842 Tenable has extracted the preceding description block...

Oracle Linux 8 : pcs (ELSA-2025-8254)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8254 advisory. - Fixed CVE-2024-52804 by patching bundled Tornado Resolves: RHEL-93167 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 9 : systemd (ELSA-2025-20344)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20344 advisory. 252-51.0.2 - coredump: use %d in kernel core pattern - CVE-2025-4598 Tenable has extracted the preceding description block directly from the Oracle Linux...

kernel security update

4.18.0-553.54.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 9 : kernel (ELSA-2025-8142)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8142 advisory. - cifs: Fix integer overflow while processing acregmax mount option CKI Backport Bot RHEL-87921 CVE-2025-21964 Tenable has extracted the preceding description...

kernel security update

5.14.0-570.18.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 9 : unbound (ELSA-2025-8197)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8197 advisory. 1.16.2-18 - Prevent unbounded name compression CVE-2024-8508 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : gstreamer1-plugins-bad-free (ELSA-2025-8201)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8201 advisory. 1.16.1-5.0.1 - Update origin URL Orabug: 36209826 1.16.1-5 - fix for CVE-2025-3887 Resolves: RHEL-93051 Tenable has extracted the preceding description block...

Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2025-8183)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8183 advisory. 1.22.12-4 - fix for CVE-2025-3887 Resolves: RHEL-93063 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...