Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0999)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.122119

Kategorie: Oracle Linux Local Security Checks

Titel: Oracle: Security Advisory (ELSA-2011-0999)

Zusammenfassung: The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory.

Vulnerability Insight:
[3.0.6-4]
- fix #700450 - free parsed hostnames
- fix #575022 - set TZ variable after chroot

[3.0.6-3]
- Add upstream patch to fix CVE-2011-1097 - Incremental file-list
corruption due to temporary file_extra_cnt increments
Resolves: #688923

[3.0.6-2]
- Remove BuildRequires dependency on popt-devel, until the package
is being shipped with RHEL-5 (resolve build issues)

[3.0.6-1]
- Rebase to upstream version 3.0.6
Resolves: #339971, #471182, #575022, #616093
- Make '-d, --dirs options' behaviour backward-compatible with 2.6.8
Resolves: #339971 (comment #5)
- Truncate a copied sparse file at the end of transaction (-S, --sparse option)
Resolves: #530866
- Add -fno-strict-aliasing to CFLAGS
- Remove obsolete rsync-2.6.8-xattr_bug.patch
- Switch license to GPLv3+ (upstream change beginning with 3.0.0)

Affected Software/OS:
'rsync' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-6200
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
BugTraq ID: 26639
http://www.securityfocus.com/bid/26639
Bugtraq: 20080212 FLEA-2008-0004-1 rsync (Google Search)
http://www.securityfocus.com/archive/1/487991/100/0/threaded
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011
http://www.redhat.com/support/errata/RHSA-2011-0999.html
http://securitytracker.com/id?1019012
http://secunia.com/advisories/27853
http://secunia.com/advisories/27863
http://secunia.com/advisories/28412
http://secunia.com/advisories/28457
http://secunia.com/advisories/31326
SuSE Security Announcement: SUSE-SR:2008:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
http://www.vupen.com/english/advisories/2007/4057
http://www.vupen.com/english/advisories/2008/2268

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.122119
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2011-0999)
Zusammenfassung:	The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory. Vulnerability Insight: [3.0.6-4] - fix #700450 - free parsed hostnames - fix #575022 - set TZ variable after chroot [3.0.6-3] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #688923 [3.0.6-2] - Remove BuildRequires dependency on popt-devel, until the package is being shipped with RHEL-5 (resolve build issues) [3.0.6-1] - Rebase to upstream version 3.0.6 Resolves: #339971, #471182, #575022, #616093 - Make '-d, --dirs options' behaviour backward-compatible with 2.6.8 Resolves: #339971 (comment #5) - Truncate a copied sparse file at the end of transaction (-S, --sparse option) Resolves: #530866 - Add -fno-strict-aliasing to CFLAGS - Remove obsolete rsync-2.6.8-xattr_bug.patch - Switch license to GPLv3+ (upstream change beginning with 3.0.0) Affected Software/OS: 'rsync' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6200 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html BugTraq ID: 26639 http://www.securityfocus.com/bid/26639 Bugtraq: 20080212 FLEA-2008-0004-1 rsync (Google Search) http://www.securityfocus.com/archive/1/487991/100/0/threaded http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011 http://www.redhat.com/support/errata/RHSA-2011-0999.html http://securitytracker.com/id?1019012 http://secunia.com/advisories/27853 http://secunia.com/advisories/27863 http://secunia.com/advisories/28412 http://secunia.com/advisories/28457 http://secunia.com/advisories/31326 SuSE Security Announcement: SUSE-SR:2008:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html http://www.vupen.com/english/advisories/2007/4057 http://www.vupen.com/english/advisories/2008/2268
Copyright	Copyright (C) 2015 Greenbone AG