Tenable Core 2024 Release Notes
These release notes summarize updates made to Tenable Core in 2024. Downloading and installing the most recent version of the offline ISO image initiates these updates on your Tenable Core machine.
Tip: Tenable recommends applying all offline updates, in order, to your offline Tenable Core machine. Do not skip offline updates.
To update using the Tenable Core offline ISO image, see the documentation for your application:
- Tenable Core + Tenable Nessus
- Tenable Core + Tenable Nessus Network Monitor
- Tenable Core + Tenable Security Center
- Tenable Core + Tenable Web App Scanning
For more information about product updates, see the release notes for your application.
These release notes are listed in reverse chronological order.
Q1 2024
-
Tenable Core systems based on Oracle Linux 8 now supports selecting stronger hash functions (up to SHA-512) on the SNMP page of the user interface.
-
Tenable Core + Tenable OT Security supports backup and restore in the Tenable Core user interface. Only backups taken from that user interface can be restored there (backups taken within Tenable OT Security cannot be restored here).
-
New Tenable OT Security Enterprise Manager instances no longer rename network interfaces to the nicX convention. Enterprise Manager is available on the network interface chosen at install-time in the user interface. Existing EM instances continue to listen on nic0.
-
Tenable Core now examines the checksum baked into offline update ISOs and logs a message if a corrupt ISO is placed in the offline iso location under /srv.
-
SensorProxy application update to 1.0.9
Oracle 8 security updates:
ELSA-2024-0266 Important java-11-openjdk security update
ELSA-2024-12079 Important python-cryptography security update
ELSA-2024-0155 Moderate gnutls security update
ELSA-2024-0253 Moderate sqlite security update
ELSA-2024-0256 Moderate python3 security update
ELSA-2024-0748 Important container-tools:4.0 security update
ELSA-2024-0752 Important container-tools:ol8 security update
ELSA-2024-0627 Moderate gnutls security update
ELSA-2024-0628 Moderate libssh security update
ELSA-2024-0647 Moderate rpm security update
ELSA-2024-0768 Moderate libmaxminddb security update
ELSA-2024-0769 Moderate tcpdump security update
ELSA-2024-0786 Moderate nss security update
ELSA-2024-0811 Moderate sudo security update
ELSA-2024-12135 Moderate gnutls security update
ELSA-2024-12164 Moderate openssh security update
ELSA-2024-0965 Important unbound security update
ELSA-2024-12187 Important kernel security update
ELSA-2024-0889 Moderate oniguruma security update
ELSA-2024-12191 Moderate podman security update
ELSA-2024-12266 Important kernel security update
ELSA-2024-1607 Important kernel security, bug fix, and enhancement update
ELSA-2024-1751 Important unbound security update
ELSA-2024-1782 Important bind and dhcp security update
ELSA-2024-1601 Moderate curl security and bug fix update
ELSA-2024-1610 Moderate less security update
ELSA-2024-1615 Moderate expat security update
ELSA-2024-1784 Moderate gnutls security update
Oracle 8 updates:
ELBA-2024-0111 selinux-policy bug fix update
ELBA-2024-0112 NetworkManager bug fix update
ELBA-2024-0117 libcap bug fix update
ELBA-2024-0124 cloud-init bug fix update
ELBA-2024-12074 gnutls bug fix update
ELBA-2024-12081 gcc bug fix update
ELBA-2024-12090 cloud-init bug fix update
ELBA-2024-0721 sos bugfix and enhancement update
ELBA-2024-0762 tzdata bug fix and enhancement update
ELBA-2024-12091 rpm bug fix update
ELBA-2024-12142 nfs-utils bug fix update
ELBA-2024-12145 kexec-tools bug fix update
ELBA-2024-12161 linux-firmware bug fix update
ELBA-2024-0898 python-cryptography bug fix update
ELBA-2024-0899 sssd bug fix update
ELBA-2024-12168 gcc bug fix update
ELBA-2024-12178 mdadm bug fix update
ELBA-2024-12179 bcache-tools bug fix update
ELBA-2024-12181 systemd bug fix update
ELBA-2024-12183 sos bug fix update
ELBA-2024-12184 binutils bug fix update
ELBA-2024-12231 selinux-policy bug fix updateS
ELBA-2024-12241 cloud-init bug fix update
ELBA-2024-12242 pam bug fix update
ELBA-2024-12244 sos bug fix update
ELBA-2024-19555 tcpreplay Bug Fix update
ELBA-2024-19558 tcpreplay Bug Fix update
ELBA-2024-12322 shim bug fix update
ELBA-2024-1596 python3.11-pip bug fix and enhancement update
ELBA-2024-1599 container-tools:ol8 bug fix update
ELBA-2024-1602 nftables bug fix update
ELBA-2024-1603 iptables bug fix update
ELBA-2024-1604 NetworkManager bug fix update
ELBA-2024-1605 perl-HTTP-Tiny bug fix update
ELBA-2024-1606 util-linux bug fix update
ELBA-2024-1609 python-pip bug fix update
ELBA-2024-1739 sos bugfix and enhancement update
ELBA-2024-20140 libbsd Bug Fix update
CentOS7 security updates
CESA-2024:0232 Important CentOS 7 java-11-openjdk Security update
CESA-2024:0346 Important CentOS 7 kernel Security update
CESA-2024:0753 Moderate CentOS 7 linux-firmware update
CESA-2024:1249 Important CentOS 7 kernel update
CentOS7 updates:
CEBA-2024:0350 CentOS 7 net-snmp BugFix update
CEBA-2024:0762 CentOS 7 tzdata update
CEBA-2024:1275 CentOS 7 lm_sensors update
CEBA-2024:1277 CentOS 7 libX11 update
CEBA-2024:0721 CentOS 7 sos BugFix update
Type | Reference |
---|---|
CentOS 7 : java-11-openjdk (RHSA-2024:0232) |
CVE-2024-20918 |
CentOS 7 : kernel (RHSA-2024:0346) |
CVE-2023-42753 |
CentOS 7 : kernel (RHSA-2024:1249) |
CVE-2022-42896 |
CentOS 7 : linux-firmware (RHSA-2024:0753) |
CVE-2023-20592 |
RHEL 7 : java-11-openjdk (RHSA-2024:0232) |
CVE-2024-20918 |
RHEL 7 : kernel (RHSA-2024:0346) |
CVE-2023-42753 |
RHEL 7 : kernel (RHSA-2024:1249) |
CVE-2022-42896 |
Type | Reference |
---|---|
Oracle Linux 8 : gnutls (ELSA-2024-0155) |
CVE-2023-5981 |
Oracle Linux 8 : sqlite (ELSA-2024-0253) |
CVE-2023-7104 |
Oracle Linux 8 : python3 (ELSA-2024-0256) |
CVE-2023-27043 |
Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-0266) |
CVE-2024-20918 |
Oracle Linux 8 : gnutls (ELSA-2024-0627) |
CVE-2024-0553 |
Oracle Linux 8 : libssh (ELSA-2024-0628) |
CVE-2023-48795 |
Oracle Linux 8 : rpm (ELSA-2024-0647) |
CVE-2021-35937 |
Oracle Linux 8 : container-tools:4.0 (ELSA-2024-0748) |
CVE-2023-45287 |
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-0752) |
CVE-2024-21626 |
Oracle Linux 8 : libmaxminddb (ELSA-2024-0768) |
CVE-2020-28241 |
Oracle Linux 8 : tcpdump (ELSA-2024-0769) |
CVE-2021-41043 |
Oracle Linux 8 : nss (ELSA-2024-0786) |
CVE-2023-6135 |
Oracle Linux 8 / 9 : sudo (ELSA-2024-0811) |
CVE-2023-28486 |
Oracle Linux 8 : oniguruma (ELSA-2024-0889) |
CVE-2019-13224 |
Oracle Linux 8 : unbound (ELSA-2024-0965) |
CVE-2023-50387 |
Oracle Linux 8 / 9 : python-cryptography (ELSA-2024-12079) |
CVE-2023-49083 |
Oracle Linux 8 : gnutls (ELSA-2024-12135) |
CVE-2024-0553 |
Oracle Linux 8 : openssh (ELSA-2024-12164) |
CVE-2023-48795 |
Oracle Linux 8 : kernel (ELSA-2024-12187) |
CVE-2023-2176 |
Oracle Linux 8 : podman (ELSA-2024-12191) | CVE-2023-39326 |
Oracle Linux 8 : kernel (ELSA-2024-12266) | CVE-2024-1086 |
Oracle Linux 8 : curl (ELSA-2024-1601) | CVE-2023-28322 CVE-2023-38546 CVE-2023-46218 |
Oracle Linux 8 : kernel (ELSA-2024-1607) | CVE-2021-33631 CVE-2022-38096 CVE-2023-51042 CVE-2023-6546 CVE-2023-6931 CVE-2024-0565 CVE-2024-1086 |
Oracle Linux 8 : less (ELSA-2024-1610) | CVE-2022-48624 |
Oracle Linux 8 : expat (ELSA-2024-1615) | CVE-2023-52425 |
Oracle Linux 8 : unbound (ELSA-2024-1751) | CVE-2024-1488 |
Oracle Linux 8 : bind / and / dhcp (ELSA-2024-1782) | CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 |
Oracle Linux 8 : gnutls (ELSA-2024-1784) | CVE-2024-28834 |
Tenable Core + Sensor Proxy
Adding to Tenable's portfolio of Tenable Core-enabled applications, now customers can quickly deploy Sensor Proxy with the ease of functionality that comes with Tenable Core. This general availability release includes the latest version of Sensor Proxy. For more information, refer to the Tenable Core + Sensor Proxy documentation.
-
Sensor Proxy Server Certificates are not available for editing on the "SSL/TLS Certificates" page within the Tenable Core user interface.
Q4 2023
-
Tenable Core systems based on Oracle Linux 8 will no longer automatically mount Tenable Core Offline Updates for systems based on CentOS 7 and Tenable Core systems based on CentOS 7 will no longer automatically mount Offline Updates for systems based on Oracle Linux 8.
-
It is now possible to choose local storage rather than remote storage for storing any backups taken on Tenable Core. If local backups are stored on the system, they can be listed and downloaded on the Backup/Restore page.
-
It is now possible to restore backups stored in local-backup storage using the "Restore from local backup storage" button in the Backup/Restore page of the Tenable Core webui.
-
The Tenable Core installer now works in cases where the installer drive is found before the intended destination drive. It is also now possible to override the destination drive by specifying it on the GRUB command line (tc.destdisk=sdd).
Oracle 8 security updates:
ELSA-2023-12851 Important glibc security update
ELSA-2023-5474 Important bind security update
ELSA-2023-5683 Important mariadb:10.5 security update
ELSA-2023-5997 Important python3 security update
ELSA-2023-5742 Moderate java-11-openjdk security and bug fix update
ELSA-2023-6236 Moderate binutils security update
ELSA-2023-5455 Important glibc security update
ELSA-2023-5837 Important nghttp2 security update
ELSA-2023-12988 Important microcode_ctl security update
ELSA-2023-7265 important open-vm-tools security update
ELSA-2023-7207 moderate c-ares security update
ELSA-2023-7549 important kernel security and bug fix update
ELSA-2023-7836 Moderate avahi security update
ELSA-2023-7877 Low openssl security update
CESA-2023:5691 Important CentOS 7 bind update
CESA-2023:6823 Important CentOS 7 python3 update
CESA-2023:6885 Important CentOS 7 python update
CESA-2023:7279 Important CentOS 7 open-vm-tools update
CESA-2023:7423 Important CentOS 7 kernel update
CESA-2023:5615 Moderate CentOS 7 libssh2 update
CESA-2023:5736 Moderate CentOS 7 java-11-openjdk update
CESA-2023:7513 Moderate CentOS 7 linux-firmware update
CESA-2023:7743 Low CentOS 7 curl update
ELSA-2024-12069 Important kernel security update
ELSA-2024-0105 Moderate nss security update
ELSA-2024-0114 Moderate python3 security update
ELSA-2024-0116 Moderate python-urllib3 security update
ELSA-2024-0119 Moderate libxml2 security update
ELSA-2024-0131 Moderate pixman security update
Oracle 8 updates:
ELBA-2023-12847 linux-firmware bug fix update
ELBA-2023-12849 gcc bug fix update
ELBA-2023-12927 procps-ng bug fix update
ELBA-2023-12949 systemd bug fix update
ELBA-2023-12951 kexec-tools bug fix update
ELBA-2023-5247 systemd bug fix and enhancement update
ELBA-2023-12856 dnf-plugins-core bug fix update
ELBA-2023-12947 pcp bug fix update
ELEA-2023-7117 microcode_ctl bug fix and enhancement update
ELBA-2023-6792 net-snmp bug fix update
ELBA-2023-6293 sos bugfix update
ELBA-2023-7210 sssd bug fix update
ELBA-2023-13006 linux-firmware bug fix update
ELBA-2023-13007 util-linux bug fix update
ELBA-2023-7211 krb5 bug fix update
ELBA-2023-13030 mdadm bug fix update
ELBA-2023-13031 jq bug fix update
ELBA-2023-13032 systemd bug fix update
ELBA-2023-13035 mdadm bug fix update
ELBA-2023-13036 bcache-tools bug fix update
ELBA-2023-13037 systemd bug fix update
ELBA-2023-13038 lvm2 bug fix update
ELBA-2023-7838 python36:3.6 bug fix update
ELEA-2023-7250 microcode_ctl bug fix and enhancement update
CEBA-2023:5478 CentOS 7 nss bugfix update
CEBA-2023:5623 CentOS 7 ca-certificates bugfix update
CEBA-2023:7426 CentOS 7 xmlsec1 bugfix update
CEBA-2023:7468 CentOS 7 systemd bugfix update
ELBA-2024-0076 tzdata bug fix and enhancement update
CentOS7 security updates
CESA-2023:5691 Important CentOS 7 bind update
CESA-2023:6823 Important CentOS 7 python3 update
CESA-2023:6885 Important CentOS 7 python update
CESA-2023:7279 Important CentOS 7 open-vm-tools update
CESA-2023:7423 Important CentOS 7 kernel update
CESA-2023:5615 Moderate CentOS 7 libssh2 update
CESA-2023:5736 Moderate CentOS 7 java-11-openjdk update
CESA-2023:7513 Moderate CentOS 7 linux-firmware update
CESA-2023:7743 Low CentOS 7 curl update
CentOS7 updates:
CEBA-2023:5478 CentOS 7 nss bugfix update
CEBA-2023:5623 CentOS 7 ca-certificates bugfix update
CEBA-2023:7426 CentOS 7 xmlsec1 bugfix update
CEBA-2023:7468 CentOS 7 systemd bugfix update
Type | Reference |
---|---|
CentOS 7 : libssh2 (RHSA-2023:5615) |
CVE-2020-22218 |
CentOS 7 : bind (RHSA-2023:5691) |
CVE-2023-3341 |
CentOS 7 : java-11-openjdk (RHSA-2023:5736) |
CVE-2023-22081 |
CentOS 7 : python3 (RHSA-2023:6823) |
CVE-2023-40217 |
CentOS 7 : python (RHSA-2023:6885) |
CVE-2023-40217 |
CentOS 7 : open-vm-tools (RHSA-2023:7279) |
CVE-2023-34058 CVE-2023-34059 |
CentOS 7 : kernel (RHSA-2023:7423) |
CVE-2022-40982 CVE-2023-4208 |
CentOS 7 : linux-firmware (RHSA-2023:7513) |
CVE-2023-20569 CVE-2023-20593 |
CentOS 7 : curl (RHSA-2023:7743) |
CVE-2022-43552 |
RHEL 7 : libssh2 (RHSA-2023:5615) |
CVE-2020-22218 |
RHEL 7 : bind (RHSA-2023:5691) |
CVE-2023-3341 |
RHEL 7 : java-11-openjdk (RHSA-2023:5736) |
CVE-2023-22081 |
RHEL 7 : python3 (RHSA-2023:6823) |
CVE-2023-40217 |
RHEL 7 : python (RHSA-2023:6885) |
CVE-2023-40217 |
RHEL 7 : open-vm-tools (RHSA-2023:7279) |
CVE-2023-34058 |
RHEL 7 : kernel (RHSA-2023:7423) |
CVE-2022-40982 |
RHEL 7 : linux-firmware (RHSA-2023:7513) |
CVE-2023-20569 |
RHEL 7 : curl (RHSA-2023:7743) |
CVE-2022-43552 |
Type | Reference |
---|---|
Oracle Linux 8 : glibc (ELSA-2023-12851) |
CVE-2023-4911 |
Oracle Linux 8 : microcode_ctl (ELSA-2023-12988) |
CVE-2023-23583 |
Oracle Linux 8 : glibc (ELSA-2023-5455) |
CVE-2023-4527 |
Oracle Linux 8 : bind (ELSA-2023-5474) |
CVE-2023-3341 |
Oracle Linux 8 : mariadb:10.5 (ELSA-2023-5683) |
CVE-2022-32081 |
Oracle Linux 8 : java-11-openjdk (ELSA-2023-5742) |
CVE-2023-22081 |
Oracle Linux 8 : nghttp2 (ELSA-2023-5837) |
CVE-2023-44487 |
Oracle Linux 8 : python3 (ELSA-2023-5997) |
CVE-2023-40217 |
Oracle Linux 8 : binutils (ELSA-2023-6236) |
CVE-2022-4285 |
Oracle Linux 8 : c-ares (ELSA-2023-7207) |
CVE-2020-22217 |
Oracle Linux 8 : open-vm-tools (ELSA-2023-7265) |
CVE-2023-34058 |
Oracle Linux 8 : kernel (ELSA-2023-7549) |
CVE-2022-45884 |
Oracle Linux 8 : avahi (ELSA-2023-7836) |
CVE-2021-3468 |
Oracle Linux 8 : openssl (ELSA-2023-7877) |
CVE-2023-3446 |
Oracle Linux 8 : nss (ELSA-2024-0105) |
CVE-2023-5388 |
Oracle Linux 8 : python3 (ELSA-2024-0114) |
CVE-2022-48560 |
Oracle Linux 8 : python-urllib3 (ELSA-2024-0116) |
CVE-2023-43804 |
Oracle Linux 8 : libxml2 (ELSA-2024-0119) |
CVE-2023-39615 |
Oracle Linux 8 : kernel (ELSA-2024-12069) |
CVE-2023-2162 |