Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2007-0640)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.122643

Kategorie: Oracle Linux Local Security Checks

Titel: Oracle: Security Advisory (ELSA-2007-0640)

Zusammenfassung: The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory.

Vulnerability Insight:
[0.10.0-6.el5.0.1]
- Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball.

[0.10.0-6]

- Fixed bz253783
- Fixed bz253914 (conga doesn't allow you to reuse nfs export and nfs client resources)
- Fixed bz254038 (Impossible to set many valid quorum disk configurations via conga)
- Fixed bz253994 (Cannot specify multicast address for a cluster)
- Resolves: bz253783, bz253914, bz254038, bz253994

[0.10.0-5]

- Fixed bz249291 (delete node task fails to do all items listed in the help document)
- Fixed bz253341 (failure to start cluster service which had been modified for correction)
- Related: bz253341
- Resolves: bz249291

[0.10.0-4]

- Fixed bz230451 (fence_xvm.key file is not automatically created. Should have a least a default)
- Fixed bz249097 (allow a space as a valid password char)
- Fixed bz250834 (ZeroDivisionError when attempting to click an empty lvm volume group)
- Fixed bz250443 (storage name warning utility produces a storm of warnings which can lock your browser)
- Resolves: bz249097, bz250443, bz250834
- Related: bz230451

[0.10.0-3]

- Fixed bz245947 (luci/Conga cluster configuration tool not initializing cluster node members)
- Fixed bz249641 (conga is unable to do storage operations if there is an lvm snapshot present)
- Fixed bz249342 (unknown ricci error when adding new node to cluster)
- Fixed bz249291 (delete node task fails to do all items listed in the help document)
- Fixed bz249091 (RFE: tell user they are about to kill all their nodes)
- Fixed bz249066 (AttributeError when attempting to configure a fence device)
- Fixed bz249086 (Unable to add a new fence device to cluster)
- Fixed bz249868 (Use of failover domain not correctly shown)
- Resolves bz245947, bz249641, bz249342, bz249291, bz249091,
- Resolves bz249066, bz249086, bz249868
- Related: bz249351

[0.10.0-2]

- Fixed bz245202 (Conga needs to support Internet Explorer 6.0 and later)
- Fixed bz248317 (luci sets incorrect permissions on /usr/lib64/luci and /var/lib/luci)
- Resolves: bz245202 bz248317

[0.10.0-1]
- Fixed bz238655 (conga does not set the 'nodename' attribute for manual fencing)
- Fixed bz221899 (Node log displayed in partially random order)
- Fixed bz225782 (Need more luci service information on startup - no info written to log about failed start cause)
- Fixed bz227743 (Intermittent/recurring problem - when cluster is deleted, sometimes a node is not affected)
- Fixed bz227682 (saslauthd[2274]: Deprecated pam_stack module called from service 'ricci')
- Fixed bz238726 (Conga provides no way to remove a dead node from a cluster)
- Fixed bz239389 (conga cluster: make 'enable shared storage' the default)
- Fixed bz239596
- Fixed bz240034 (rpm verify fails on luci)
- Fixed bz240361 (Conga storage UI front-end is too slow rendering storage)
- Fixed bz241415 (Installation using Conga shows 'error' in message during reboot cycle.)
- Fixed bz241418 (Conga tries ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'conga' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-4136
1018921
http://securitytracker.com/id?1018921
26393
http://www.securityfocus.com/bid/26393
27611
http://secunia.com/advisories/27611
RHSA-2007:0640
http://rhn.redhat.com/errata/RHSA-2007-0640.html
https://bugzilla.redhat.com/show_bug.cgi?id=336101
oval:org.mitre.oval:def:9871
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9871
rhel-congaricci-dos(38358)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38358

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.122643
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2007-0640)
Zusammenfassung:	The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory. Vulnerability Insight: [0.10.0-6.el5.0.1] - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. [0.10.0-6] - Fixed bz253783 - Fixed bz253914 (conga doesn't allow you to reuse nfs export and nfs client resources) - Fixed bz254038 (Impossible to set many valid quorum disk configurations via conga) - Fixed bz253994 (Cannot specify multicast address for a cluster) - Resolves: bz253783, bz253914, bz254038, bz253994 [0.10.0-5] - Fixed bz249291 (delete node task fails to do all items listed in the help document) - Fixed bz253341 (failure to start cluster service which had been modified for correction) - Related: bz253341 - Resolves: bz249291 [0.10.0-4] - Fixed bz230451 (fence_xvm.key file is not automatically created. Should have a least a default) - Fixed bz249097 (allow a space as a valid password char) - Fixed bz250834 (ZeroDivisionError when attempting to click an empty lvm volume group) - Fixed bz250443 (storage name warning utility produces a storm of warnings which can lock your browser) - Resolves: bz249097, bz250443, bz250834 - Related: bz230451 [0.10.0-3] - Fixed bz245947 (luci/Conga cluster configuration tool not initializing cluster node members) - Fixed bz249641 (conga is unable to do storage operations if there is an lvm snapshot present) - Fixed bz249342 (unknown ricci error when adding new node to cluster) - Fixed bz249291 (delete node task fails to do all items listed in the help document) - Fixed bz249091 (RFE: tell user they are about to kill all their nodes) - Fixed bz249066 (AttributeError when attempting to configure a fence device) - Fixed bz249086 (Unable to add a new fence device to cluster) - Fixed bz249868 (Use of failover domain not correctly shown) - Resolves bz245947, bz249641, bz249342, bz249291, bz249091, - Resolves bz249066, bz249086, bz249868 - Related: bz249351 [0.10.0-2] - Fixed bz245202 (Conga needs to support Internet Explorer 6.0 and later) - Fixed bz248317 (luci sets incorrect permissions on /usr/lib64/luci and /var/lib/luci) - Resolves: bz245202 bz248317 [0.10.0-1] - Fixed bz238655 (conga does not set the 'nodename' attribute for manual fencing) - Fixed bz221899 (Node log displayed in partially random order) - Fixed bz225782 (Need more luci service information on startup - no info written to log about failed start cause) - Fixed bz227743 (Intermittent/recurring problem - when cluster is deleted, sometimes a node is not affected) - Fixed bz227682 (saslauthd[2274]: Deprecated pam_stack module called from service 'ricci') - Fixed bz238726 (Conga provides no way to remove a dead node from a cluster) - Fixed bz239389 (conga cluster: make 'enable shared storage' the default) - Fixed bz239596 - Fixed bz240034 (rpm verify fails on luci) - Fixed bz240361 (Conga storage UI front-end is too slow rendering storage) - Fixed bz241415 (Installation using Conga shows 'error' in message during reboot cycle.) - Fixed bz241418 (Conga tries ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'conga' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4136 1018921 http://securitytracker.com/id?1018921 26393 http://www.securityfocus.com/bid/26393 27611 http://secunia.com/advisories/27611 RHSA-2007:0640 http://rhn.redhat.com/errata/RHSA-2007-0640.html https://bugzilla.redhat.com/show_bug.cgi?id=336101 oval:org.mitre.oval:def:9871 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9871 rhel-congaricci-dos(38358) https://exchange.xforce.ibmcloud.com/vulnerabilities/38358
Copyright	Copyright (C) 2015 Greenbone AG