Oracle Linux 10 : image-builder (ELSA-2026-3840)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3840 advisory. 45-1.0.3 - Rebuilt to fix CVE-2025-61726, CVE-2025-61729, CVE-2025-68121 Tenable has extracted the preceding description block directly from the Oracl...

Oracle Linux 10 : postgresql16 (ELSA-2026-3887)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3887 advisory. - Fix CVE-2026-2004: PostgreSQL intarray missing validation of type of input - Fix CVE-2026-2005: PostgreSQL pgcrypto heap buffer overflow - Fix...

Oracle Linux 9 : nfs-utils (ELSA-2026-3940)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3940 advisory. 2.5.4-38.0.1.el97.3 - spec: remove multiple warnings when upgrading nfs-utils with gssproxy Orabug: 36044562 2.5.4-38.3 - Add requires for selinux-policy...

Oracle Linux 10 : delve (ELSA-2026-3864)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3864 advisory. 1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild with latest Go Tenable has extracted the preceding...

Oracle Linux 10 : libpng (ELSA-2026-3551)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3551 advisory. - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148323 - fix CVE-2026-22695: heap buffer over-read in pngimagefinishread RHEL-148818...

Oracle Linux 9 : nginx:1.24 (ELSA-2026-3638)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3638 advisory. - Resolves: RHEL-146526 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 - Resolves: RHEL-84480 -...

Oracle Linux 10 : go-rpm-macros (ELSA-2026-3669)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3669 advisory. 3.6.0-7 - Rebuild with latest Go 3.6.0-6 - Update CI support 3.6.0-5 - Add riscv64 to golangarches for RHEL 10+ Tenable has extracted the preceding description...

Oracle Linux 10 : thunderbird (ELSA-2026-3517)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3517 advisory. 140.8.0-2.0.1 - Add Oracle prefs 140.8.0-2 - Update to 140.8.0 ESR Tenable has extracted the preceding description block directly from the Oracle Linu...

osbuild-composer security update

149-4.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...

osbuild-composer security update

149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...

Oracle Linux 7 : libsoup (ELSA-2026-2628)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2628 advisory. - Fixes CVE-2026-0719 CVE-2026-1761 Orabug: 38958074 - Fix CVE-2025-14523 Orabug: 38873507 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug...

Oracle Linux 9 : valkey (ELSA-2026-3507)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3507 advisory. 8.0.7-1 - Rebase to 8.0.7 for CVE-2026-21863 CVE-2025-67733 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

Oracle Linux 10 : udisks2 (ELSA-2026-3476)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3476 advisory. - Add missing polkit check for RestoreEncryptedHeader CVE-2026-26103 RHEL-148565 Tenable has extracted the preceding description block directly from t...

Oracle Linux 8 : thunderbird (ELSA-2026-3515)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3515 advisory. 140.8.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.8.0 - Add OpenELA debranding 140.8.0-1 - Update to 140.8.0 ESR Tenab...

Oracle Linux 9 : thunderbird (ELSA-2026-3516)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3516 advisory. 140.8.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.8.0 - Add OpenELA debranding 140.8.0-1 - Update to 140.8.0 ESR Tenable ha...

Oracle Linux 8 : container-tools:ol8 (ELSA-2026-3428)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3428 advisory. - rebuild for CVE-2025-61729 - rebuild for CVE-2025-22871 - rebuild for CVE-2025-61729 - rebuild for CVE-2025-61729 Tenable has extracted the preceding...

Oracle Linux 8 : kernel (ELSA-2026-3464)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3464 advisory. - migrate: correct lock ordering for hugetlb file folios Luiz Capitulino RHEL-147261 CVE-2026-23097 Tenable has extracted the preceding description block direct...

Oracle Linux 10 : firefox (ELSA-2026-3361)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3361 advisory. 140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...

Oracle Linux 10 : python-pyasn1 (ELSA-2026-3354)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3354 advisory. 0.6.2-1 - Update to 0.6.2 - Update modules to 0.4.2 Resolves: RHEL-148142 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : python-pyasn1 (ELSA-2026-3359)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3359 advisory. 0.4.8-7 - Resolves: RHEL-148154 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...