Oracle Linux 8 : python3 (ELSA-2024-4245)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4245 advisory. 1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38366 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : iperf3 (ELSA-2024-4241)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4241 advisory. 3.5-10 - Resolves: RHEL-29578 - vulnerable to marvin attack if the authentication option is used 3.5-9 - Resolves: RHEL-17069 - possible denial of...

Oracle Linux 8 : go-toolset (ELSA-2024-4237)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4237 advisory. - Update to Go1.21.11 to address CVE-2024-24789 and CVE-2024-24790 - Rebase to Go1.21.11 that includes fixes for CVE-2024-24789 and CVE-2024-24790...

Oracle Linux 8 : 389-ds (ELSA-2024-4235)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4235 advisory. 1.4.3.39-7 - Bump version to 1.4.3.39-7 - Resolves: RHEL-16277 - LDAP connections are closed with code T2 before the IO block timeout is reached...

Oracle Linux 8 : container-tools (ELSA-2024-4246)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4246 advisory. aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to...

Oracle Linux 8 : python-jinja2 (ELSA-2024-4231)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4231 advisory. 2.10.1-5 - Security fix for CVE-2024-34064 Resolves: RHEL-35651 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : c-ares (ELSA-2024-4249)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4249 advisory. 1.13.0-11 - Resolves: RHEL-26525 - c-ares: Out of bounds read in aresreadline rhel-8 Tenable has extracted the preceding description block directly from the...

Oracle Linux 9 : qemu-kvm (ELSA-2024-4278)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4278 advisory. - Fixing CVE-2024-4467 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested f...

Oracle Linux 9 : glibc (ELSA-2024-12472)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12472 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache RHEL-34318 - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache -...

kernel security and bug fix update

4.18.0-553.8.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 7 : pki-core (ELSA-2024-4222)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4222 advisory. - RHEL-9917 - EMBARGOED CVE-2023-4727 pki-core: dogtag ca: token authentication bypass vulnerability rhel-7.9.z jmagne - RHEL-9917 - EMBARGOED CVE-2023-4727...

Oracle Linux 8 : httpd:2.4/httpd (ELSA-2024-4197)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4197 advisory. httpd 2.4.37-65.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65 - Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting...

Oracle Linux 9 : openssh (ELSA-2024-12468)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12468 advisory. 8.7p1-38.0.2 - Restore dropped earlier ifdef condition for safe exit1 call in sshsigdie Orabug: 36783468 Resolves CVE-2024-6387 Tenable has extracted the...

Oracle Linux 9 : pki-core (ELSA-2024-4165)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4165 advisory. 11.5.0-2.0.1 - Replaced upstream graphical references Orabug: 33952704 11.5.0-2 - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass...

Oracle Linux 9 : python3.9 (ELSA-2024-4078)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4078 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : git (ELSA-2024-4083)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4083 advisory. 2.43.5-1 - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36402, RHEL-36414 Tenable has extracted the...

Oracle Linux 8 : git (ELSA-2024-4084)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4084 advisory. 2.43.5-1 - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36399, RHEL-36411 Tenable has extracted the...

Oracle Linux 9 : python3.11 (ELSA-2024-4077)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4077 advisory. - Security fix for CVE-2023-6597 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...

libreswan security update

4.12-2.0.1.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.1 - Fix CVE-2024-3652 RHEL-40102...

Oracle Linux 8 : python3.11 (ELSA-2024-4058)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4058 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...