TOC & Recently Viewed

Recently Viewed Topics

SecurityCenter OpenSSL 1.0.2o Patch Release Notes - 5/8/2018

Apply this patch to SecurityCenter installations running version 5.0 or later. This patch updates OpenSSL to version 1.0.2o-fips to address CVE-2017-3738, CVE-2018-0733, and CVE-2018-0739.

For more information, see the Security Advisory.

Contents

  • libcrypto.so.1.0.0
  • libssl.so.1.0.0
  • openssl

Steps to Apply

Apply the patch to your SecurityCenter or Tenable Appliance deployment.

Apply the patch to a standalone SecurityCenter:

Note: SecurityCenter automatically restarts during installation.

  1. Download the patch to SecurityCenter. You can save the files in any location (e.g., /tmp).
  2. Access the command line as a user with root-level permissions.

    Note: If your organization does not have root-level users, contact Tenable Support for assistance.

  3. Run the following command to untar the patch file:

    tar zxf filename.tgz

  4. Run the following command to change the directory to the extracted directory:

    cd directory

  5. Run the following command to begin the installation:

    sh ./install.sh

    The installation begins and SecurityCenter is stopped. After the installation finishes, SecurityCenter automatically restarts.

Apply the patch to a Tenable appliance:

  1. Enable SSH access, as described in SSH User Access. If you are running a Tenable Appliance version earlier than 4.4.0, contact Tenable Support for assistance.
  2. Download the patch to your Appliance. You can save the files in any location (e.g., /tmp).
  3. Stop the SecurityCenter instance from Appliance, as described in Manage SecurityCenter.
  4. Run the following command to untar the patch file:

    tar zxf filename.tgz

  5. Run the following command to change the directory to the extracted directory:

    cd directory

  6. Run the following command to begin the installation:;

    sh ./install.sh

    The installation runs and finishes.

  7. Start SecurityCenter from Appliance, as described in Manage SecurityCenter.

Filenames and MD5 Checksums

File Product MD5
SC-201805.1-5.x-rh6-64.tgz

SecurityCenter 5.0 or later on CentOS 6

Tenable appliance 4.x

60b2a98ef073a819fd33f636d786d404
SC-201805.1-5.x-rh7-64.tgz SecurityCenter 5.0 or later on CentOS 7 214c02c19c61f3166159dc0061c7be7f

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.