Oracle Linux 8 : squid (ELSA-2024-9644)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9644 advisory. - Resolves: RHEL-22593 - CVE-2024-23638 squid:4/squid: vulnerable to a Denial of Service attack against Cache Manager error responses - Resolves:...

Oracle Linux 7 : cups-filters (ELSA-2024-7553)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7553 advisory. 1.0.35-29.0.3 - Unsupport cups-browsed service - CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 Orabug: 37217141 Tenable has extracted the preceding...

Oracle Linux 7 : giflib (ELSA-2024-12825)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12825 advisory. 4.1.6-9.0.1 - Fixes giflib CVE-2023-48161 issue Orabug: 37178930 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : libsoup (ELSA-2024-9573)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9573 advisory. - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Backport upstream patch...

kernel security update

5.14.0-503.11.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12815)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12815 advisory. - ice: Add a per-VF limit on number of FDIR filters Ahmed Zaki Orabug: 36964088 CVE-2024-42291 - scsi: lpfc: Fix a possible null pointer dereferen...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12813)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12813 advisory. - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37137548 CVE-2024-49863 - mm/hugetlb: fix DEBUGLOCKSWARNON1 when...

Oracle Linux 8 : expat (ELSA-2024-9502)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9502 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 - Fix CVE-2024-50602 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : tigervnc (ELSA-2024-9540)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9540 advisory. 1.13.1-14 - Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability Resolves: RHEL-61999 Tenable has extracted the...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12814)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12814 advisory. - filelock: Fix fcntl/close race recovery compat path Jann Horn Orabug: 36874759 CVE-2024-41012 CVE-2024-41020 - jfs: don't walk off the end of ealist...

Oracle Linux 8 : gstreamer1-plugins-base (ELSA-2024-9056)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9056 advisory. - CVE-2024-4453 gstreamer1: EXIF Metadata Parsing Integer Overflow Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : podman (ELSA-2024-9051)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9051 advisory. 4.9.4-16.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman...

Oracle Linux 7 : firefox (ELSA-2024-8727)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-8727 advisory. 128.4.0-1.0.1 - Update to 128.4.0 build1 Orabug: 37236498CVE-2024-10458CVE-2024-10459 CVE-2024-10460CVE-2024-10461CVE-2024-10462CVE-2024-10463...

Oracle Linux 7 : NetworkManager-libreswan (ELSA-2024-8357)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8357 advisory. 1.2.4-2.0.1 - Fix improper escaping of Libreswan configuration CVE-2024-9050Orabug: 37206712 Tenable has extracted the preceding description block directly from...

Oracle Linux 7 : python-idna (ELSA-2024-8365)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-8365 advisory. 2.4-1.0.1 - Fixed CVE 2024-3651 Orabug: 37206964 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle Linux 8 : python3.12 (ELSA-2024-8836)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8836 advisory. 3.12.6-1 - Update to 3.12.6 Resolves: RHEL-57405 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle Linux 8 : libtiff (ELSA-2024-8833)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8833 advisory. 4.0.9-33 - fix CVE-2024-7006 a null pointer dereference in tifdirinfo RHEL-52927 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 8 : python3.11 (ELSA-2024-8838)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8838 advisory. 3.11.10-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.10-1 - Update to 3.11.10 Resolves: RHEL-57400 Tenable has extracted the preceding descriptio...

Oracle Linux 8 : krb5 (ELSA-2024-8860)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8860 advisory. - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-50253 Tenable has extracted the preceding description block directly from th...

Oracle Linux 8 : xmlrpc-c (ELSA-2024-8859)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8859 advisory. 1.51.0-10 - Prevent integer overflow or wraparound, CVE-2024-4549 RHEL-57519 Tenable has extracted the preceding description block directly from the Oracle Linu...