Oracle Linux 9 : golang (ELSA-2024-1963)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1963 advisory. - Fix CVE-2023-45288 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Oracle Linux 9 : libreswan (ELSA-2024-2033)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2033 advisory. - Fix CVE-2024-2357 RHEL-29734 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Just bumping up the version to include bugs for...

Oracle Linux 9 : owO: / thunderbird (ELSA-2024-1940)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1940 advisory. 115.10.0-2.0.1 - Add Oracle prefs - Add OpenELA debranding 115.10.0-2 - Update to 115.10.0 build2 115.10.0-1 - Update to 115.10.0 build1 - Revert expat...

Oracle Linux 7 : kernel (ELSA-2024-2004)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2004 advisory. - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve Davide Caratti...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-1962)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1962 advisory. - Fix CVE-2024-1394 - Fix CVE-2023-45288 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Oracle Linux 8 : libreswan (ELSA-2024-1998)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1998 advisory. 4.12-2.0.1.2 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.2 - Fix patch application in the previous change 4.12-2.1 - Fix CVE-2024-2357...

Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-1822)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1822 advisory. 1:11.0.23.0.9-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS 1:11.0.23.0.9-1 - Update to...

Oracle Linux 8 / 9 : java-21-openjdk (ELSA-2024-1828)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1828 advisory. 1:21.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.3.0.9-1 - Update to jdk-21.0.3+9 GA - Update release notes to 21.0.3+9 -...

Oracle Linux 9 : gnutls (ELSA-2024-12336)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12336 advisory. 3.7.6-23.4fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux...

Oracle Linux 8 : thunderbird (ELSA-2024-1939)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1939 advisory. 115.10.0-2.0.1 - Add Oracle prefs 115.10.0 - Add OpenELA debranding 115.10.0-2 - Update to 115.10.0 build2 115.10.0-1 - Update to 115.10.0 build1 - Revert expat...

kernel security and bug fix update

3.10.0-1160.118.1.0.1 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.118.1 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 -...

Oracle Linux 7 : thunderbird (ELSA-2024-1935)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1935 advisory. 115.10.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.10.0-2 - Update to 115.10.0...

Oracle Linux 6 : kernel (ELSA-2024-1831)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1831 advisory. - net/sched: schqfq: account for stab overhead in qfqenqueue CVE-2023-3611 Orabug: 36517546 - net/sched: clsfw: Fix improper refcount update leads to...

Oracle Linux 9 : nss (ELSA-2024-12337)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12337 advisory. 3.90.0-6fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35862190 - Update FIPS module name for Oracle Linux Orabug:...

Oracle Linux 7 : java-11-openjdk (ELSA-2024-1821)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1821 advisory. 1:11.0.23.0.9-2.0.1 - link atomic for ix86 build 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS - Restore ppc64le --with-jobs=1 workaround to avoid...

Oracle Linux 8 : firefox (ELSA-2024-1912)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1912 advisory. 115.10.0-1.0.1 - Change default prefs file to Oracle version 115.10.0-1 - Update to 115.10.0 build1 Tenable has extracted the preceding description blo...

Oracle Linux 9 : firefox (ELSA-2024-1908)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1908 advisory. 115.10.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.10.0-1 - Update to 115.10.0 build1 Tenable has...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2024-1825)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1825 advisory. 17.0.11.0.9-2.0.1 - Add Oracle vendor bug URL 1:17.0.11.0.9-2 - Update to jdk-17.0.11+9 GA - Add openjdk-17.0.11+9.tar.xz to .gitignore - Sync...

Oracle Linux 7 : firefox (ELSA-2024-1910)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1910 advisory. 115.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...

Oracle Linux 9 : mod_http2 (ELSA-2024-1872)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1872 advisory. 1.15.19-5.1 - Resolves: RHEL-29826 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from...