Oracle Linux 8 : gnutls (ELSA-2025-20284)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20284 advisory. - Backport the fix for CVE-2024-12243 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 9 : thunderbird (ELSA-2025-4169)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4169 advisory. 128.9.0-2.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.9.0 - Add OpenELA debranding 128.9.0-2 - Update to 128.9.0 build3 128.9.0...

Oracle Linux 8 : thunderbird (ELSA-2025-4170)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4170 advisory. 128.9.0-2.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.9.0 - Add OpenELA debranding 128.9.0-2 - Update to 128.9.0 build3...

Oracle Linux 8 : gnutls (ELSA-2025-4051)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4051 advisory. 3.6.16-8.3 - Backport the fix for CVE-2024-12243 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle Linux 8 : libtasn1 (ELSA-2025-4049)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4049 advisory. 4.13.0-5 - Backport the fix for CVE-2024-12133 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : xmlrpc-c (ELSA-2025-4048)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4048 advisory. 1.51.0-11 - Restrict XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2025-3997)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3997 advisory. cjose modauthopenidc 2.4.9.4-7 - Resolves: RHEL-86218 - modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data CVE-2025-31492 Tenable...

Oracle Linux 8 : bluez (ELSA-2025-4043)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4043 advisory. - Fixing CVE-2023-27349 - Fixing CVE-2023-51589 + bluez-5.63-4 - Fixing CVE-2023-50230 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : ruby:3.1 (ELSA-2025-4063)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4063 advisory. - Fix DoS vulnerability in REXML. CVE-2024-39908 Resolves: RHEL-57051 - Fix DoS vulnerability in REXML. CVE-2024-43398 Resolves: RHEL-56002 - Fix REXML...

Oracle Linux 9 : libxslt (ELSA-2025-4025)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4025 advisory. - Fix CVE-2024-55549 RHEL-83515 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

kernel security update

5.14.0-503.38.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 7 : libreoffice (ELSA-2025-3390)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3390 advisory. 5.3.6.1-26.0.3 - Fix CVE-2025-1080, do not process macros in exotic uri schemes Orabug: 37770225 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : webkit2gtk3 (ELSA-2025-3974)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3974 advisory. 2.48.1-1 - Update to 2.48.1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

Oracle Linux 9 : kernel (ELSA-2025-3937)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3937 advisory. - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CKI Backport Bot RHEL-86726 CVE-2024-53150 - gve: guard XSK operations on the existence of...

Oracle Linux 8 / 9 : java-21-openjdk (ELSA-2025-3855)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3855 advisory. 1:21.0.7.0.6-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.7.0.6-1 - Update to jdk-21.0.7+6 GA - Update release notes to 21.0.7+6 -...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2025-3852)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3852 advisory. 1:17.0.15.0.6-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.15.0.6-2 - Update to jdk-17.0.15+6 GA - Add to .gitignore...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-3845)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3845 advisory. 1:1.8.0.452.b09-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.452.b09-1 - Update to 8u452-b09 GA - Update release notes for 8u452-b09....

Oracle Linux 8 : kernel (ELSA-2025-3893)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3893 advisory. - ALSA: usb-audio: Fix out of bounds reads when finding clock sources Jarod Wilson RHEL-86737 CVE-2024-53150 - x86/xen: remove hypercall page Vitaly...

Oracle Linux 8 : expat (ELSA-2025-3913)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3913 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 - Fix CVE-2024-8176 Tenable has extracted the preceding description block directly fr...

Oracle Linux 8 : glibc (ELSA-2025-3828)

"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3828 advisory. 2.28-251.0.3.16 - Forward port of Oracle patches Reviewed-by: Elena Zannoni Oracle history: March-26-2025 Cupertino Miranda - 2.28-251.0.3.14 - OraBug: 3662568...