Tenable.sc Patch 202102.2 Release Notes (2021-03-02)
Tip: Tenable rebranded SecurityCenter as Tenable.sc. For more information, see the announcement.
Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
Apply this patch to Tenable.sc installations running the following versions:
-
Tenable.sc 5.16.0 (CentOS 7 or RHEL 7 only)
-
Tenable.sc 5.17.0 (CentOS 7, RHEL 7, CentOS 8, or RHEL 8)
This patch updates OpenSSL 1.1.1i to OpenSSL 1.1.1j to address the following CVEs: CVE-2021-23840 and CVE-2021-23841.
Steps to Apply
Apply the patch to a standalone Tenable.sc or Tenable Core + Tenable.sc:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable.sc. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file:
tar zxf filename.tgz
-
Run the following command to change the directory to the extracted directory:
cd directory
-
Run the following command to begin the installation:
sh ./install.sh
The installation runs and finishes.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable.sc, as described in the knowledge base article.
Contents
-
lib/libcrypto.so.1.1
-
lib/libssl.so.1.1
-
bin/openssl
Filenames and Checksums
Filenames and checksums are located on the Tenable Downloads page.