Oracle Linux 9 : buildah (ELSA-2026-10135)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10135 advisory. - rebuild for CVE-2026-34986 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 10 : golang (ELSA-2026-10217)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10217 advisory. 1.25.9-3 - Do not ignore any tests in check 1.25.9-2 - Skip terminal test in container 1.25.9-1 - Update to Go 1.25.9 fips-2 Tenable has extracted th...

Oracle Linux 10 : wireshark (ELSA-2026-9666)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9666 advisory. - Resolves: RHEL-152921 - CVE-2026-3203 Buffer Over-read - Resolves: RHEL-152912 - CVE-2026-3201 Improperly Controlled Sequential Memory Allocation -...

Oracle Linux 10 / 9 : java-25-openjdk (ELSA-2026-9693)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9693 advisory. 1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 -...

Oracle Linux 10 : thunderbird (ELSA-2026-9638)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-9638 advisory. 140.9.1-1.0.1 - Add Oracle prefs 140.9.1-1 - Update to 140.9.1 ESR Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 9 : webkit2gtk3 (ELSA-2026-9692)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9692 advisory. 2.52.3-0.1 - Update to 2.52.1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

kernel security update

6.12.0-124.52.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Oracle Linux 8 : thunderbird (ELSA-2026-9345)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-9345 advisory. 140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR Tenab...

Oracle Linux 9 : osbuild-composer (ELSA-2026-9044)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9044 advisory. 149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Ad...

Oracle Linux 8 : osbuild-composer (ELSA-2026-8456)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8456 advisory. 101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types...

kernel security update

4.18.0-553.120.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 9 : giflib (ELSA-2026-8859)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8859 advisory. 5.2.1-9.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154863 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 8 : OpenEXR (ELSA-2026-8863)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8863 advisory. 2.2.0-12.1 - fix CVE-2026-27622 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : kernel (ELSA-2026-8921)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8921 advisory. - rtnetlink: Allocate vfinfo size for VF GUIDs when supported Kamal Heib RHEL-149469 CVE-2025-22075 - scsi: qla2xxx: Fix improper freeing of purex item...

osbuild-composer security update

101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...

osbuild-composer security update

149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...

Oracle Linux 8 : giflib (ELSA-2026-8861)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8861 advisory. 5.1.4-4 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154853 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 10 : giflib (ELSA-2026-8858)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8858 advisory. 5.2.1-22.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154849 Tenable has extracted the preceding description block directly from the Oracle...

.NET 8.0 security update

8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163416...

.NET 8.0 security update

8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163413...