Oracle Linux 9 : ruby (ELSA-2024-3838)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3838 advisory. - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : python-idna (ELSA-2024-3846)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3846 advisory. 2.10-7.0.1.1 - Rebuild with release bump 2.10-7.1 - Security fix for CVE-2024-3651 Resolves: RHEL-33464 Tenable has extracted the preceding description block...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12433)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12433 advisory. - x86/staticcall: Add support for Jcc tail-calls Peter Zijlstra CVE-2022-29901 CVE-2022-23816 Tenable has extracted the preceding description block directl...

Oracle Linux 9 : gvisor-tap-vsock (ELSA-2024-3830)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3830 advisory. - rebuild for CVE-2023-45290 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : containernetworking-plugins (ELSA-2024-3831)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3831 advisory. - rebuild for CVE-2023-45290 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : buildah (ELSA-2024-3827)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3827 advisory. 1.33.7-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-2 - update to the latest content of...

Oracle Linux 9 : gdk-pixbuf2 (ELSA-2024-3834)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3834 advisory. - Backport fixes for CVE-2022-48622 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 9 : rpm-ostree (ELSA-2024-3823)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3823 advisory. 2024.3-3 - Backport https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6 Resolves: RHEL-31852 2024.3-2 - Backport...

Oracle Linux 9 : c-ares (ELSA-2024-3842)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3842 advisory. 1.19.1-2 - Resolves: RHEL-26529 - Out of bounds read in aresreadline rhel-9 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : 389-ds-base (ELSA-2024-3837)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3837 advisory. 2.4.5-8 - Bump version to 2.4.5-8 - Fix License tag 2.4.5-7 - Bump version to 2.4.5-7 - Resolves: RHEL-34819 - redhat-ds:11/389-ds-base: Malformed...

Oracle Linux 9 : fence-agents (ELSA-2024-3820)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3820 advisory. - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 9 : libreoffice (ELSA-2024-3835)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3835 advisory. - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols - Resolves: rhbz2210193 CVE-2023-0950 Array Index...

Oracle Linux 9 : cockpit (ELSA-2024-3843)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3843 advisory. 311.2-1.0.1 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110...

Oracle Linux 9 : podman (ELSA-2024-3826)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3826 advisory. 4.9.4-4.0.1 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation -...

Oracle Linux 7 : bind, / bind-dyndb-ldap, / and / dhcp (ELSA-2024-3741)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3741 advisory. - Prevent increased CPU consumption in DNSSEC validator CVE-2023-50387 CVE-2023-50868 - Speed up parsing of DNS messages with many different names...

Oracle Linux 9 : ipa (ELSA-2024-3754)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3754 advisory. - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force Tenable...

Oracle Linux 8 : idm:DL1 (ELSA-2024-3755)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3755 advisory. - kdb: apply combinatorial logic for ticket flags CVE-2024-3183 Resolves: RHEL-29927 Tenable has extracted the preceding description block directly fro...

Oracle Linux 8 : firefox (ELSA-2024-3783)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3783 advisory. 115.11.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.11.0-1 - Update to 115.11.0 build1 Tenable has...

Oracle Linux 8 : ruby:3.3 (ELSA-2024-3670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3670 advisory. - Fix buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-37448 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281...

Oracle Linux 8 : thunderbird (ELSA-2024-3784)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3784 advisory. 115.11.0-1.0.1 - Add Oracle prefs file 115.11.0-1 - Update to 115.11.0 build2 Tenable has extracted the preceding description block directly from the...