Tenable Core Offline ISO Updates (Q1 2022)

These release notes summarize updates made to Tenable Core in Q1 2022. Downloading and installing the most recent version of the offline ISO image initiates these updates on your Tenable Core machine.

Tip: Tenable recommends applying all offline updates, in order, to your offline Tenable Core machine. Do not skip offline updates.

To update using the Tenable Core offline ISO image, see the documentation for your application:

Note: To update Tenable Core + Tenable OT Security using the offline ISO image, contact Tenable Support.

For more information about product updates, see the release notes for your application.

New Features and Changed Functionality

January 2022

  • Tenable.ot migrations to Tenable Core + Tenable.ot preserve the network port assignments of the old system

February 2022

  • Tenable Core Images built after March 1st, 2022 have:

    • an updated hardened list of allowed SSH Ciphers
    • a hardened list of allowed SSH MACs
    • a hardened list of allowed SSH Key Exchange Algorithms

March 2022

  • Tenable.ot SNMP is now managed from the SNMP page in the Tenable Core web-ui (similar to other Tenable Core installations).

  • The Tenable Core installer ISO will now install on systems with NVME disks.

  • Tenable Core + Tenable.ot images now include SNMP browsing utilities (net-snmp-util).

  • UpdatedPackages.txt, included in the Quarterly Offline ISO, contains a summary of the package changes.

  • AllPackages.txt, included in the Quarterly Offline ISO, contains a list of all the packages on the ISO.

Bug Fixes

  • N/A

Application Updates

Package Updates

This ISO includes the following updates:

January 2022

CEBA-2022:0061 CentOS 7 unzip BugFix Update

CEBA-2022:0066 CentOS 7 systemd BugFix Update

CEBA-2022:0067 CentOS 7 cronie BugFix Update

CEBA-2022:0068 CentOS 7 python-virtualenv BugFix Update

CEBA-2022:0070 CentOS 7 pki-core BugFix Update

CEBA-2022:0156 CentOS 7 openssl BugFix Update

CESA-2022:0063 Moderate CentOS 7 kernel Security Update

CESA-2022:0124 Important CentOS 7 Firefox Security Update

CESA-2022:0143 Important CentOS 7 httpd Security Update

CESA-2022:0204 Moderate CentOS 7 java-11-openjdk Security Update

CESA-2022:0274 Important CentOS 7 polkit Security Update

February 2022

CEBA-2022:0518 CentOS 7 java-11-openjdk BugFix Update

CEBA-2022:0616 CentOS 7 sos BugFix Update

CEBA-2022:0624 CentOS 7 bind BugFix Update

CEBA-2022:0626 CentOS 7 cloud-init BugFix Update

CEBA-2022:0617 CentOS 7 mdadm BugFix Update

CESA-2022:0628 Low CentOS 7 389-ds-base Security Update

CESA-2022:0621 Moderate CentOS 7 openldap Security Update

CESA-2022:0620 Important CentOS 7 kernel Security Update

CESA-2022:0666 Important CentOS 7 cyrus-sasl Security Update

March 2022

CEBA-2022:1032 CentOS 7 tzdata BugFix Update

CESA-2022:1066 Important CentOS 7 openssl Security Update

CESA-2022:1069 Important CentOS 7 expat Security Update

CESA-2022:1198 Important: kernel security, bug fix, and enhancement update

CESA-2022:1284 Important: Firefox security update

CVE References

Type Reference
kernel (CESA-2022:0063)
  • CVE-2020-25704
  • CVE-2020-36322
  • CVE-2021-42739

firefox (CESA-2022:0124)

  • CVE-2021-4140
  • CVE-2022-22737
  • CVE-2022-22738
  • CVE-2022-22739
  • CVE-2022-22740
  • CVE-2022-22741
  • CVE-2022-22742
  • CVE-2022-22743
  • CVE-2022-22745
  • CVE-2022-22747
  • CVE-2022-22748
  • CVE-2022-22751

httpd (CESA-2022:0143)

  • CVE-2021-26691
  • CVE-2021-34798
  • CVE-2021-39275
  • CVE-2021-44790
java-11-openjdk (CESA-2022:0204)

  • CVE-2022-21248
  • CVE-2022-21277
  • CVE-2022-21282
  • CVE-2022-21283
  • CVE-2022-21291
  • CVE-2022-21293
  • CVE-2022-21294
  • CVE-2022-21296
  • CVE-2022-21299
  • CVE-2022-21305
  • CVE-2022-21340
  • CVE-2022-21341
  • CVE-2022-21360
  • CVE-2022-21365
  • CVE-2022-21366

polkit (CESA-2022:0274)
  • CVE-2021-4034
kernel (CESA-2022:0620)
  • CVE-2020-0465
  • CVE-2020-0466
  • CVE-2021-0920
  • CVE-2021-3564
  • CVE-2021-3573
  • CVE-2021-3752
  • CVE-2021-4155
  • CVE-2022-0330
  • CVE-2022-22942
openldap (CESA-2022:0621)
  • CVE-2020-25709
  • CVE-2020-25710

389-ds-base (CESA-2022:0628)

  • CVE-2021-4091

cyrus-sasl (CESA-2022:0666)

  • CVE-2022-24407
kernel (CESA-2022:1198)
  • CVE-2021-4028
  • CVE-2021-4083
firefox (CESA-2022:1284)
  • CVE-2022-1097
  • CVE-2022-1196
  • CVE-2022-24713
  • CVE-2022-28281
  • CVE-2022-28282
  • CVE-2022-28285
  • CVE-2022-28286
  • CVE-2022-28289