Tenable.sc Patch 201911.2 Release Notes (2019-11-12)

Tip: Tenable rebranded SecurityCenter as Tenable.sc. For more information, see the announcement.

Apply this patch to Tenable.sc installations running version 5.7.x, 5.8.x, 5.9.x, 5.10.x or 5.11.x. This patch updates PHP to version 7.1.33 to address CVE-2019-13224 and resolves issues with the SC-201911.1 patch.

For more information, see the Security Advisory.

Contents

  • libphp7.so
  • php

Steps to Apply

Apply the patch to your Tenable.sc or Tenable Appliance deployment.

Apply the patch to a standalone Tenable.sc:

  1. Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable.sc. You can save the files in any location (e.g., /tmp).
  2. Access the command line as a user with root-level permissions.

    Note: If your organization does not have root-level users, contact Tenable Support for assistance.

  3. Run the following command to untar the patch file:

    tar zxf filename.tgz

  4. Run the following command to change the directory to the extracted directory:

    cd directory

  5. Run the following command to begin the installation:

    sh ./install.sh

    The installation begins and Tenable.sc is stopped. After the installation finishes, Tenable.sc automatically restarts.

Apply the patch to a Tenable Appliance:

  1. Enable SSH access, as described in SSH User Access in the Tenable Appliance User Guide. If you are running a Tenable Appliance version earlier than 4.4.0, contact Tenable Support for assistance.
  2. Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable.sc. You can save the files in any location (e.g., /tmp).
  3. Stop the Tenable.sc instance from Appliance, as described in Manage Tenable.sc in the Tenable Appliance User Guide.

  4. Run the following command to untar the patch file:

    tar zxf filename.tgz

  5. Run the following command to change the directory to the extracted directory:

    cd directory

  6. Run the following command to begin the installation:

    sh ./install.sh

    The installation runs and finishes.

  7. Start Tenable.sc from Appliance, as described in Manage Tenable.sc in the Tenable Appliance User Guide.

Filenames and MD5 Checksums

File Product MD5

SC-201911.2-5.x-rh6-64.tgz

Tenable.sc 5.7.x, 5.8.x, 5.9.x, 5.10.x or 5.11.x on CentOS 6

Tenable.sc 5.7.x, 5.8.x, 5.9.x, 5.10.x or 5.11.x on Red Hat Enterprise Linux 6.0

Tenable Appliance 4.x

aef50c6f103418f77d0bfef93f9aaf2d

SC-201911.2-5.x-rh7-64.tgz

Tenable.sc 5.7.x, 5.8.x, 5.9.x, 5.10.x or 5.11.x on CentOS 7

Tenable.sc 5.7.x, 5.8.x, 5.9.x, 5.10.x or 5.11.x on Red Hat Enterprise Linux 7.0

df168e632f6fd35ecfd4852b0e16a464