10682 matches found
Oracle Linux 8 : python3.11 (ELSA-2023-7024)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7024 advisory. - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3047, RHEL-3267 - Fix symlink handling in the fix for CVE-2023-24329 Resolves:...
Oracle Linux 8 : kernel (ELSA-2023-7077)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7077 advisory. - qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQMINLMAX. CVE-2023-314...
Oracle Linux 8 : container-tools:4.0 (ELSA-2023-6938)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6938 advisory. - rebuild for CVE-2023-29406 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723...
Oracle Linux 8 : ruby:2.5 (ELSA-2023-7025)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7025 advisory. - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix Buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 - Fix ReDoS...
Oracle Linux 8 : fwupd (ELSA-2023-7189)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7189 advisory. 1.7.8-2.0.1 - Modify %prep to correctly apply downstream patches - Align sections to 512 bytes Orabug: 35265981 - Use objcopy to build arm/aarch64 binaries if...
Oracle Linux 8 : python-cryptography (ELSA-2023-7096)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7096 advisory. 3.2.1-6 - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable objects, resolves rhbz2172404 Tenable has extracted the preceding description block...
Oracle Linux 8 : bind (ELSA-2023-7177)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7177 advisory. - Prevent exahustion of memory from control channel CVE-2023-3341 - Prevent the cache going over the configured limit CVE-2023-2828 - Prevent flooding with UPDA...
Oracle Linux 8 : tomcat (ELSA-2023-7065)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7065 advisory. - Resolves: 2210630 CVE-2023-28709 tomcat - Resolves: 2181448 CVE-2023-28708 tomcat: not including the secure attribute causes information disclosure...
Oracle Linux 8 : tang (ELSA-2023-7022)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7022 advisory. 7-8 - Set correct user/group tang/tang in tangd-keygen Resolves: rhbz2188743 7-7 - Fix race condition when creating/rotating keys Resolves: rhbz2182410 Resolves...
Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2023-7034)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7034 advisory. - Fix CVE-2014-1858, CVE-2014-1859: 1062009, 1062359 - Security fix for CVE-2023-40217 Resolves: RHEL-3238 - Fix symlink handling in the fix for...
python3 security update
3.6.8-56.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-56 - Security fix for CVE-2023-40217 Resolves: RHEL-3041 3.6.8-55 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 3.6.8-54 - Bump release fo...
libreswan security update
4.12-2.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2 - Resolves: rhbz2234731 authby=rsasig fails in FIPS policy 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215955...
Oracle Linux 9 : open-vm-tools (ELSA-2023-7277)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7277 advisory. - Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass. Tenable has extracted the preceding description block directly from the Orac...
kernel security, bug fix, and enhancement update
4.18.0-513.5.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Oracle Linux 7 : open-vm-tools (ELSA-2023-7279)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7279 advisory. - Resolves: RHEL-14642 CVE-2023-34058 open-vm-tools: SAML token signature bypass rhel-7.9.z - Resolves: RHEL-14676 CVE-2023-34059 open-vm-tools: file...
Oracle Linux 9 : libX11 (ELSA-2023-6497)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6497 advisory. 1.7.0-8 - CVE fix for: CVE-2023-3138 Resolve: rhbz2213763 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Oracle Linux 9 : frr (ELSA-2023-6434)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6434 advisory. 8.3.1-11 - Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output 8.3.1-10 - Related: 2216912 - adding sysadmin ...
Oracle Linux 9 : grafana (ELSA-2023-6420)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6420 advisory. - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - resolve CVE-2023-3128 grafana: account takeover possible when...
Oracle Linux 9 : python-pip (ELSA-2023-6694)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6694 advisory. 21.2.3-7 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2207997 Tenable has extracted the preceding description block...
Oracle Linux 9 : cloud-init (ELSA-2023-6371)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6371 advisory. 23.1.1-11.0.2 - Fix Oracle Datasource network and getdata methods for OCI OL Orabug: 35950168 23.1.1-11.0.1 - Increase retry value and add timeout for OCI Orabu...