Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0999)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122119

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-0999)

Resumen: The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory.

Descripción: Summary:
The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory.

Vulnerability Insight:
[3.0.6-4]
- fix #700450 - free parsed hostnames
- fix #575022 - set TZ variable after chroot

[3.0.6-3]
- Add upstream patch to fix CVE-2011-1097 - Incremental file-list
corruption due to temporary file_extra_cnt increments
Resolves: #688923

[3.0.6-2]
- Remove BuildRequires dependency on popt-devel, until the package
is being shipped with RHEL-5 (resolve build issues)

[3.0.6-1]
- Rebase to upstream version 3.0.6
Resolves: #339971, #471182, #575022, #616093
- Make '-d, --dirs options' behaviour backward-compatible with 2.6.8
Resolves: #339971 (comment #5)
- Truncate a copied sparse file at the end of transaction (-S, --sparse option)
Resolves: #530866
- Add -fno-strict-aliasing to CFLAGS
- Remove obsolete rsync-2.6.8-xattr_bug.patch
- Switch license to GPLv3+ (upstream change beginning with 3.0.0)

Affected Software/OS:
'rsync' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-6200
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
BugTraq ID: 26639
http://www.securityfocus.com/bid/26639
Bugtraq: 20080212 FLEA-2008-0004-1 rsync (Google Search)
http://www.securityfocus.com/archive/1/487991/100/0/threaded
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011
http://www.redhat.com/support/errata/RHSA-2011-0999.html
http://securitytracker.com/id?1019012
http://secunia.com/advisories/27853
http://secunia.com/advisories/27863
http://secunia.com/advisories/28412
http://secunia.com/advisories/28457
http://secunia.com/advisories/31326
SuSE Security Announcement: SUSE-SR:2008:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
http://www.vupen.com/english/advisories/2007/4057
http://www.vupen.com/english/advisories/2008/2268

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122119
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0999)
Resumen:	The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory.
Descripción:	Summary: The remote host is missing an update for the 'rsync' package(s) announced via the ELSA-2011-0999 advisory. Vulnerability Insight: [3.0.6-4] - fix #700450 - free parsed hostnames - fix #575022 - set TZ variable after chroot [3.0.6-3] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #688923 [3.0.6-2] - Remove BuildRequires dependency on popt-devel, until the package is being shipped with RHEL-5 (resolve build issues) [3.0.6-1] - Rebase to upstream version 3.0.6 Resolves: #339971, #471182, #575022, #616093 - Make '-d, --dirs options' behaviour backward-compatible with 2.6.8 Resolves: #339971 (comment #5) - Truncate a copied sparse file at the end of transaction (-S, --sparse option) Resolves: #530866 - Add -fno-strict-aliasing to CFLAGS - Remove obsolete rsync-2.6.8-xattr_bug.patch - Switch license to GPLv3+ (upstream change beginning with 3.0.0) Affected Software/OS: 'rsync' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6200 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html BugTraq ID: 26639 http://www.securityfocus.com/bid/26639 Bugtraq: 20080212 FLEA-2008-0004-1 rsync (Google Search) http://www.securityfocus.com/archive/1/487991/100/0/threaded http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011 http://www.redhat.com/support/errata/RHSA-2011-0999.html http://securitytracker.com/id?1019012 http://secunia.com/advisories/27853 http://secunia.com/advisories/27863 http://secunia.com/advisories/28412 http://secunia.com/advisories/28457 http://secunia.com/advisories/31326 SuSE Security Announcement: SUSE-SR:2008:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html http://www.vupen.com/english/advisories/2007/4057 http://www.vupen.com/english/advisories/2008/2268
Copyright	Copyright (C) 2015 Greenbone AG