Oracle Linux 8 : python3.11 (ELSA-2024-4058)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4058 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : nghttp2 (ELSA-2024-3501)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3501 advisory. 1.43.0-5.2 - fix CONTINUATION frames DoS CVE-2024-28182, CVE-2024-27316 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : thunderbird (ELSA-2024-4036)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4036 advisory. 115.12.1-1.0.1 - Add Oracle prefs file 115.12.1 - Add OpenELA debranding 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2...

Oracle Linux 9 : ghostscript (ELSA-2024-3999)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3999 advisory. 9.54.0-16 - RHEL-39110 fix regression discovered in OPVP device 9.54.0-15 - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via cust...

Oracle Linux 8 : ghostscript (ELSA-2024-4000)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4000 advisory. 9.27-13 - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library Tenable has extracted the preceding description block...

Oracle Linux 9 : thunderbird (ELSA-2024-4002)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4002 advisory. 115.12.1-1.0.1 - Add Oracle prefs 115.12.1 - Add OpenELA debranding 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2...

Oracle Linux 7 : thunderbird (ELSA-2024-4016)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4016 advisory. 115.12.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.12.1-1 - Update to...

Oracle Linux 7 : glibc (ELSA-2024-12444)

"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12444 advisory. 2.17-326.0.9.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: June-22-2023 Cupertino Miranda - 2.17-326.0....

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3968)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3968 advisory. aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to...

Oracle Linux 7 : flatpak (ELSA-2024-3980)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3980 advisory. 1.0.9-13 - Fix CVE-2024-32462 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : flatpak (ELSA-2024-3959)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3959 advisory. 1.12.9-1 - Update to 1.12.9 CVE-2024-32462 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : flatpak (ELSA-2024-3961)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3961 advisory. - Update to 1.12.9 CVE-2024-32462 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

Oracle Linux 9 : firefox (ELSA-2024-3955)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3955 advisory. 115.12.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.12.0-1 - Update to 115.12.0 build1 Tenable has...

Oracle Linux 8 : glibc (ELSA-2024-12440)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12440 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache RHEL-34264 - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache RHEL-34267 -...

Oracle Linux 7 : glibc (ELSA-2024-12442)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12442 advisory. - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug...

Oracle Linux 8 : firefox (ELSA-2024-3954)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3954 advisory. 115.12.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.12.0-1 - Update to 115.12.0 build1 Tenable has...

firefox security update

115.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.12.0-1 - Update to 115.12.0 build1...

Oracle Linux 7 : firefox (ELSA-2024-3951)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3951 advisory. 115.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...

Oracle Linux 8 : ruby:3.1 (ELSA-2024-3546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3546 advisory. ruby 3.1.5-143 - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE...

Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12435)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12435 advisory. - Document CVEs as fixed Karl Heubaum CVE-2023-2700 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364474...