Tenable.sc Patch 202109.1 Release Notes (2021-09-22)

Note: This release includes fixes for vulnerabilities. For more information, see the Tenable Product Security Advisory.

Apply this patch to Tenable.sc installations running the following versions:

Tenable.sc Version Operating Systems
Tenable.sc 5.16.0

  • CentOS 7

  • Red Hat Enterprise Linux 7 (RHEL 7)
Tenable.sc 5.16.1
Tenable.sc 5.17.0

  • CentOS 7

  • Red Hat Enterprise Linux 7 (RHEL 7)

  • CentOS 8

  • Red Hat Enterprise Linux 8 (RHEL 8)
Tenable.sc 5.18.0
Tenable.sc 5.19.0
Tenable.sc 5.19.1

  • CentOS 7

  • Red Hat Enterprise Linux 7 (RHEL 7)

  • CentOS 8

  • Red Hat Enterprise Linux 8 (RHEL 8)

  • Oracle Linux 8

This patch updates OpenSSL 1.1.1k to OpenSSL 1.1.1l to address following CVEs:

  • CVE-2021-3711 — Fixed in OpenSSL 1.1.1l (affected 1.1.1-1.1.1k)

  • CVE-2021-3712 — Fixed in OpenSSL 1.1.1l (affected 1.1.1-1.1.1k)

Steps to Apply

Apply the patch to a standalone Tenable.sc or Tenable Core + Tenable.sc:

  1. Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable.sc. You can save the files in any location (e.g., /tmp).

  2. Access the command line as a user with root-level permissions.

  3. Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:

    tar zxf [patch file name]

  4. Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:

    cd [directory]

  5. Run the following command to begin the installation:

    sh ./install.sh

    The installation begins and Tenable.sc is stopped. After the installation finishes, Tenable.sc automatically restarts.

What to do next:

  • (Optional) Confirm the patch successfully applied to Tenable.sc, as described in the knowledge base article.

Contents

  • lib/libcrypto.so.1.1

  • lib/libssl.so.1.1

  • bin/openssl

Filenames and Checksums

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.