Tenable Core 2023 Release Notes

These release notes summarize updates made to Tenable Core in 2023. Downloading and installing the most recent version of the offline ISO image initiates these updates on your Tenable Core machine.

Tip: Tenable recommends applying all offline updates, in order, to your offline Tenable Core machine. Do not skip offline updates.

To update using the Tenable Core offline ISO image, see the documentation for your application:

Note: To update Tenable Core + Tenable OT Security using the offline ISO image, contact Tenable Support.

For more information about product updates, see the release notes for your application.

Tenable Core on Oracle Linux 8

Tenable has chosen Oracle Linux 8 as our new open-source platform. This replaces Tenable Core + Nessus and Tenable Core + Security Center on CentOS 7.0. Both platforms will continue to coexist until June 2024, when CentOS 7 reaches its end of life. We encourage all customers to adopt the new OL8 version as soon as possible. The upgrade to Tenable Core from CentOS to Oracle 8 is a manual process. For more information, see the Tenable Core + Nessus and Tenable Core + Security Center migration guides.

  • Tenable Core is now based on Oracle Linux 8.

  • Tenable applications (e.g., Nessus, Security Center, etc.) are now at the top of the side navigation bar in their own section.

  • System hardening now uses the openscap tooling (and can be checked with openscap tooling).

  • Installation from ISO now presents a graphical interface when errors are encountered.

  • Tenable Core now uses python 3.

  • GPG signature checking is enabled for all package repositories.

  • Password complexity rules have been dropped in favor of NIST Special Publication 800-63B - Appendix A—Strength of Memorized Secrets recommended minimum length requirements

  • Software updates have moved from the Software Updates page to the Update Management page.

  • Migration of Tenable Security Center and Nessus from current (EL7) Tenable Core systems to new (OL8) Tenable Core systems is supported via backup and restore mechanisms.

  • Relevant documentation links are available under the Help menu in the user interface.

  • The user interface now allows for gaining and dropping admin privileges from within the user interface.

  • ISO installation user interface allows for more/better/easier network configuration.

  • System welcome banner message can now be edited from within the user interface.

Q1 2023

  • Tenable Core OVAs with Tenable.sc 6.0 or newer now contain two virtual disks. The disks are combined into a single volume group and there should be no impact to normal usage. Tenable Core + Tenable.sc ISOs format and use two disks if they are available at install time.

  • Incomplete backups no longer fill /opt/tenablecore/spool if automatic backups are enabled but remote storage is not configured.

  • Fixed problems setting alternate listening ports for Tenable.sc in the web user interface.

  • Feedback is now displayed in the web user interface if uploading a trusted CA fails.

This ISO includes the following updates:

CESA-2023:0045 Important CentOS 7 tigervnc Security Update

CESA-2023:0046 Important CentOS 7 xorg-x11-server Security Update

CESA-2023:0195 Moderate CentOS 7 java-11-openjdk Security Update

CESA-2023:0203 Moderate CentOS 7 java-1.8.0-openjdk Security Update

CESA-2023:0291 Important CentOS 7 sudo Security Update

CESA-2023:0296 Important CentOS 7 firefox Security Update

CESA-2023:0377 Important CentOS 7 libXpm Security Update

CESA-2023:0399 Important CentOS 7 kernel Security Update

CESA-2023:0402 Moderate CentOS 7 bind Security Update

CESA-2023:0403 Important CentOS 7 sssd Security Update

CESA-2023:0456 Important CentOS 7 thunderbird Security Update

CEBA-2023:0398 CentOS 7 resource-agents BugFix Update

CEBA-2023:0401 CentOS 7 httpd BugFix Update

CESA-2023:1091 Important CentOS 7 kernel Security Update

CESA-2023:1095 Moderate CentOS 7 zlib Security Update

CEBA-2023:1096 CentOS 7 autofs BugFix Update

CEBA-2023:1097 CentOS 7 pki-core BugFix Update

CEBA-2023:1098 CentOS 7 diffutils BugFix Update

CESA-2023:1332 Important CentOS 7 nss Security Update

CESA-2023:1335 Important CentOS 7 openssl Security Update

Type Reference
CentOS 7: tigervnc (CESA-2023:0045)

CVE-2022-4283
CVE-2022-46340
CVE-2022-46341
CVE-2022-46342
CVE-2022-46343
CVE-2022-46344

CentOS 7: xorg-x11-server (CESA-2023:0046)

CVE-2022-4283
CVE-2022-46340
CVE-2022-46341
CVE-2022-46342
CVE-2022-46343
CVE-2022-46344

CentOS 7: java-11-openjdk (CESA-2023:0195)

CVE-2023-21835
CVE-2023-21843
CentOS 7 : java-1.8.0-openjdk (CESA-2023:0203)

CVE-2023-21830
CVE-2023-21843
CentOS 7 : sudo (CESA-2023:0291)

CVE-2023-22809
CentOS 7 : firefox (CESA-2023:0296)

CVE-2022-46871
CVE-2022-46877
CVE-2023-23598
CVE-2023-23599
CVE-2023-23601
CVE-2023-23602
CVE-2023-23603
CVE-2023-23605
CentOS 7 : libXpm (CESA-2023:0377)

CVE-2022-4883
CentOS 7 : kernel (CESA-2023:0399)

CVE-2021-26401
CVE-2022-2964
CentOS 7 : bind (CESA-2023:0402)

CVE-2021-25220
CVE-2022-2795
CentOS 7 : sssd (CESA-2023:0403)

CVE-2022-4254
CentOS 7 : thunderbird (CESA-2023:0456)

CVE-2022-46871
CVE-2022-46877
CVE-2023-23598
CVE-2023-23599
CVE-2023-23601
CVE-2023-23602
CVE-2023-23603
CVE-2023-23605
CentOS 7 : kernel (CESA-2023:1091)

CVE-2022-42703
CVE-2022-4378
CentOS 7 : zlib (CESA-2023:1095)

CVE-2022-37434
CentOS 7 : nss (CESA-2023:1332)

CVE-2023-0767
CentOS 7 : openssl (CESA-2023:1335)

CVE-2023-0286