Oracle Linux 9 : mysql (ELSA-2024-1141)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1141 advisory. 8.0.36-1 - Update to MySQL 8.0.36 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

kernel security update

4.18.0-513.18.1.el89.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...

Oracle Linux 9 : openssh (ELSA-2024-1130)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1130 advisory. - Fix Terrapin attack CVE-2023-48795 Resolves: RHEL-19764 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : edk2 (ELSA-2024-1063)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1063 advisory. - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch RHEL-21840 RHEL-21842 - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.pat...

Oracle Linux 9 : rear (ELSA-2024-1147)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1147 advisory. 2.6-21.0.1 - rear: creates a world-readable initrd CVE-2024-23301 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : haproxy (ELSA-2024-1142)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1142 advisory. - Reject '' as part of URI path component CVE-2023-45539, RHEL-18169 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 9 : keylime (ELSA-2024-1139)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1139 advisory. 7.3.0-13 - Backport fix for CVE-2023-3674 Resolves: RHEL-21013 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : container-tools:4.0 (ELSA-2024-12191)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12191 advisory. - rebuild with golang 1.20.12 for CVE-2023-39326 python-podman runc Tenable has extracted the preceding description block directly from the Oracle Linux securi...

Oracle Linux 8 : conmon (ELSA-2024-12190)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12190 advisory. - address CVE-2023-39326 cri-o - Resolve CVE-2023-39326 flannel-cni-plugin - Resolve CVE-2023-39326 helm - address CVE-2023-39326 istio - Updated Golang to...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12193)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12193 advisory. - Input: add bounds checking to inputsetcapability Jeff LaBundy Orabug: 36192120 CVE-2022-48619 - netfilter: ctnetlink: fix possible refcount leak...

Oracle Linux 8 : kernel (ELSA-2024-12187)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12187 advisory. - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve...

conmon security update

conmon 2.1.3-8 - address CVE-2023-39326 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build 2.1.3.3 - Add OL9 support 2.1.3.2 - Update inline with Linux team building...

Oracle Linux 7 : conmon (ELSA-2024-12189)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12189 advisory. - address CVE-2023-39326 - Resolve CVE-2023-39325 - Resolve CVE-2023-39326 - Resolve CVE-2023-39325 - Resolve CVE-2023-39326 - Resolve CVE-2023-44487 and...

Oracle Linux 9 : unbound (ELSA-2024-0977)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0977 advisory. 1.16.2-3.1 - Fix DNSSEC validation vulnerabilities which can lead to DoS in trivially orchestrated attacks CVE-2023-50387 and CVE-2023-50868 Tenable ha...

Oracle Linux 8 : postgresql:12 (ELSA-2024-0974)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0974 advisory. pgaudit 1.4.0-7 - Release bump to avoid regression in nvrs - Resolves: RHEL-24969 pgrepack postgres-decoderbufs postgresql 12.18-1.0.1 - Update to version 12.18...

Oracle Linux 8 : postgresql:10 (ELSA-2024-0956)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0956 advisory. 10.23-4.0.1 - Resolves: CVE-2024-0985 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 8 : unbound (ELSA-2024-0965)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0965 advisory. - bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 : postgresql:13 (ELSA-2024-0975)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0975 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 13.14-1.0.1 - update to 13.14 - Fixes CVE-2024-0985 Tenable has extracted the preceding description block...

Oracle Linux 8 : opensc (ELSA-2024-0967)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0967 advisory. 0.20.0-8 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding Tenable has extracted the preceding description block directly from...

Oracle Linux 8 : thunderbird (ELSA-2024-0964)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0964 advisory. 115.8.0-1.0.1 - Add Oracle modifications 115.8.0-1 - Update to 115.8.0 build1 Tenable has extracted the preceding description block directly from the...