Oracle Linux 9 : net-snmp (ELSA-2024-7260)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7260 advisory. 5.9.1-13.0.1 - fix error index value when snmpget is used a proxy pass Orabug: 35010262 1:5.9.1-13.3 - fix CVE-2022-24805, CVE-2022-24806,...

Oracle Linux 9 : osbuild-composer (ELSA-2024-7204)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-7204 advisory. 101-2.0.1 - Rebuild on new golang to address CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : git-lfs (ELSA-2024-7136)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-7136 advisory. 3.4.1-4 - Rebuild with new Golang - Resolves: RHEL-57920 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 8 : git-lfs (ELSA-2024-7135)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-7135 advisory. 3.4.1-3 - Rebuild with new Golang - Resolves: RHEL-57900 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 7 : firefox (ELSA-2024-5324)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-5324 advisory. 115.12.0-1.0.3 - Security fixes Orabug: 36904311Orabug: 36948200CVE-2024-6601 CVE-2024-6603CVE-2024-6604CVE-2024-7519CVE-2024-7520CVE-2024-7521...

Oracle Linux 9 : kernel (ELSA-2024-6997)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6997 advisory. - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses CKI Backport Bot RHEL-42783 CVE-2024-26947 - tty: ngsm: fix possible...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-6964)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6964 advisory. - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf...

Oracle Linux 8 : python3.11 (ELSA-2024-6962)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6962 advisory. - Security fix for CVE-2024-8088 Resolves: RHEL-55934 - Security fix for CVE-2024-6923 Resolves: RHEL-53089 Tenable has extracted the preceding...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-6969)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6969 advisory. aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp netavark...

Oracle Linux 8 : python3.12 (ELSA-2024-6961)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6961 advisory. - Security fix for CVE-2024-8088 Resolves: RHEL-55939 - Security fix for CVE-2024-6923 Resolves: RHEL-53075 Tenable has extracted the preceding...

Oracle Linux 8 : dovecot (ELSA-2024-6973)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6973 advisory. - fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message RHEL-55219 Tenable has extracted the preceding description...

Oracle Linux 7 : kernel (ELSA-2024-12684)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12684 advisory. 3.10.0-1160.119.1.0.4.el7.OL7 - fuse: fix pipe buffer lifetime for directio Miklos Szeredi 3.10.0-1160.119.1.0.4.el7.OL7 Tenable has extracted the preceding...

Oracle Linux 9 : grafana (ELSA-2024-6947)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6947 advisory. 9.2.10-17 - Resolves RHEL-57925: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Oracle Linux 9 : grafana-pcp (ELSA-2024-6946)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6946 advisory. 5.1.1-3 - Resolves RHEL-57930: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : gtk3 (ELSA-2024-6963)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6963 advisory. - Stop loading modules from cwd CVE-2024-6655 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : nano (ELSA-2024-6986)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6986 advisory. 2.9.8-3 - fix incomplete backport of the fix for the emergency file replacement vulnerability RHEL-35236 2.9.8-2 - fix emergency file replacement vulnerability...

Oracle Linux 8 : emacs (ELSA-2024-6987)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6987 advisory. - org-file-contents: Consider all remote files unsafe CVE-2024-30205 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code CVE-2024-393...

python3 security update

3.6.8-67.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-67 - Security fix for CVE-2024-6232 Resolves: RHEL-57399 3.6.8-66 - Security fix for CVE-2024-6923 Resolves: RHEL-53065 3.6.8-65 - Build Python with -O3 - https://fedoraproject.org/wiki/Changes/PythonbuiltwithgccO3...

Oracle Linux 8 : python3 (ELSA-2024-6975)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6975 advisory. - Security fix for CVE-2024-6232 Resolves: RHEL-57399 - Security fix for CVE-2024-6923 Resolves: RHEL-53065 Tenable has extracted the preceding...

kernel security update

5.14.0-427.37.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...