Oracle Linux 8 : libreswan (ELSA-2024-4376)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4376 advisory. 4.12-2.0.1.4 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.4 - Fix CVE-2024-3652 RHEL-32482 Tenable has extracted the preceding description...

libreswan security update

4.12-2.0.1.4 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.4 - Fix CVE-2024-3652 RHEL-32482...

kernel security and bug fix update

5.14.0-427.24.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 9 : gvisor-tap-vsock (ELSA-2024-4379)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4379 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : buildah (ELSA-2024-4371)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4371 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : podman (ELSA-2024-4378)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4378 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 8 : python3 (ELSA-2024-4243)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4243 advisory. 3.12.3-2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40776 3.12.3-1 - Update to 3.12.3 Related: RHEL-33685 3.12.2-3 - Move all te...

Oracle Linux 9 : openssh (ELSA-2024-4312)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4312 advisory. 8.7p1-38.0.2.1 - Update upstream references Orabug: 36564626 8.7p1-38.1 - Possible remote code execution due to a race condition CVE-2024-6387 Resolves:...

Oracle Linux 9 : glibc (ELSA-2024-12472)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12472 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache RHEL-34318 - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache -...

Oracle Linux 8 : python-idna (ELSA-2024-4260)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4260 advisory. - Fix patch application for security fix for CVE-2024-3651 Resolves: RHEL-32703 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 8 : python-pillow (ELSA-2024-4227)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4227 advisory. 5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : python3 (ELSA-2024-4245)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4245 advisory. 1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38366 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : cups (ELSA-2024-4265)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4265 advisory. - 1:2.2.6-60 - RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777 - Delete the domain socket file after stopping the cups.socket service - Fix cupsd Listener...

Oracle Linux 8 : less (ELSA-2024-4256)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4256 advisory. - Fix CVE-2024-32487 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 8 : nghttp2 (ELSA-2024-4252)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4252 advisory. - fix CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 9 : golang (ELSA-2024-4212)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4212 advisory. - Update to Go 1.21.11 that fixes CVE-2024-24789 and CVE-2024-24790 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 8 : xmlrpc-c (ELSA-2024-4259)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4259 advisory. 1.51.0-9 - Address segfault found in CVE-2023-52425 RHEL-24226 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : kernel (ELSA-2024-4211)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4211 advisory. - udf: Fix NULL pointer dereference in udfsymlink function Pavel Reichl RHEL-37769 CVE-2021-47353 - net: ti: fix UAF in tlanremoveone Jose Ignacio Torn...

Oracle Linux 8 : openldap (ELSA-2024-4264)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4264 advisory. 2.4.46-19 - Bump version to 2.4.46-19 - Resolves: RHEL-34283 - openldap: null pointer dereference in bermemallocx function Tenable has extracted the preceding...

Oracle Linux 8 : libuv (ELSA-2024-4247)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4247 advisory. 1:1.41.1-2 - Backport fixes for CVE-2024-24806 Resolves: RHEL-24790 Tenable has extracted the preceding description block directly from the Oracle Linux securit...