Oracle Linux 9 : squid (ELSA-2024-9625)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9625 advisory. - Resolves: RHEL-65076 - CVE-2024-45802 squid: Denial of Service processing ESI response content Tenable has extracted the preceding description block directly...

Oracle Linux 9 : iperf3 (ELSA-2024-9185)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9185 advisory. 3.9-13 - Resolves: RHEL-29579 - vulnerable to marvin attack if the authentication option is used 3.9-12 - Resolves: RHEL-39975 - possible denial of...

Oracle Linux 9 : .NET / 9.0 (ELSA-2024-9543)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9543 advisory. 9.0.100-1.0.1 - Add support for Oracle Linux 9.0.100-1 - Update to .NET SDK 9.0.100 and Runtime 9.0.0 - Resolves: RHEL-65539 9.0.100rc.2.24474.1-0.7 -...

Oracle Linux 9 : poppler (ELSA-2024-9167)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9167 advisory. 21.01.0-21 - Fix crash in broken documents when using -dests - Resolves: RHEL-44333 21.01.0-20 - Fix a crash during signing - Resolves: RHEL-31934 Tenable has...

Oracle Linux 9 : python3.11 (ELSA-2024-9450)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9450 advisory. 3.11.9-7.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57410 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : python3.11-PyMySQL (ELSA-2024-9194)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9194 advisory. 1.0.2-2 - Security fix for CVE-2024-36039 Resolves: RHEL-38370 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : python-jwcrypto (ELSA-2024-9281)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9281 advisory. 1.5.6-2 - Disable auto-generation of dependencies Related: RHEL-34809 1.5.6-1 - Rebase to version 1.5.6 Resolve: RHEL-34809 Tenable has extracted the preceding...

kernel security update

5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 9 : xorg-x11-server (ELSA-2024-9122)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9122 advisory. - Fix regression caused by the fix for CVE-2024-31083 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083 Tenable has...

Oracle Linux 9 : pcp (ELSA-2024-9452)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9452 advisory. 6.2.2-7 - Fix buffer sizing checks in pmstore PDU handling RHEL-57809 - Guard against symlink attacks in pmpost program RHEL-57814 - Fix libpcpweb...

Oracle Linux 9 : cockpit (ELSA-2024-9325)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9325 advisory. - pam-ssh-add: Fix insecure killing of session ssh-agent CVE-2024-6126 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : jose (ELSA-2024-9181)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9181 advisory. 14-1 - Rebase jose-14 upstream version Resolves: RHEL-38079 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

Oracle Linux 9 : python3.12 (ELSA-2024-9451)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9451 advisory. 3.12.5-2.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57415 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : webkit2gtk3 (ELSA-2024-9553)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9553 advisory. 2.46.3-1 - Update to 2.46.3 2.46.2-1 - Update to 2.46.2 - Add patch to disable Evolution sandbox warning 2.46.1-2 - Add patch to keep GSocketMonitor...

Oracle Linux 9 : post (ELSA-2024-9243)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9243 advisory. 2:3.5.25-1 - New version Resolves: RHEL-20023 - Dropped upstreamed patches Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : python-dns (ELSA-2024-9423)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9423 advisory. 2.6.1-3 - Ensure dns.rdtypes subpackages are available Related: RHEL-32663 2.6.1-2 - Add missing files due to build change from hatchling to setuptools Related:...

Oracle Linux 9 : mod_auth_openidc (ELSA-2024-9180)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9180 advisory. 2.4.10-1 Rebase to 2.4.10 version improves state cookies piling up problem Resolves: RHEL-32450 Race condition in modauthopenidc filecache Resolves: RHEL-25422...

Oracle Linux 9 : microcode_ctl (ELSA-2024-9401)

"The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9401 advisory. - Addresses CVE-2024-23984, CVE-2024-24853, CVE-2024-24968, CVE-2024-24980, CVE-2024-25939 RHEL-58057: - Update of 06-8c-01/0x80 TGL-UP3/UP4 B1...

Oracle Linux 9 : bpftrace (ELSA-2024-9188)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9188 advisory. - Fix CVE allowing unprivileged users loading of compromised linux headers RHEL-28765, CVE-2024-2313 - Fix CVE allowing unprivileged users loading of compromise...

Oracle Linux 9 : oci-seccomp-bpf-hook (ELSA-2024-9277)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9277 advisory. 1.2.10-2 - rebuild - Resolves: RHEL-35939 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...