Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2007-0640)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122643

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2007-0640)

Resumen: The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory.

Descripción: Summary:
The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory.

Vulnerability Insight:
[0.10.0-6.el5.0.1]
- Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball.

[0.10.0-6]

- Fixed bz253783
- Fixed bz253914 (conga doesn't allow you to reuse nfs export and nfs client resources)
- Fixed bz254038 (Impossible to set many valid quorum disk configurations via conga)
- Fixed bz253994 (Cannot specify multicast address for a cluster)
- Resolves: bz253783, bz253914, bz254038, bz253994

[0.10.0-5]

- Fixed bz249291 (delete node task fails to do all items listed in the help document)
- Fixed bz253341 (failure to start cluster service which had been modified for correction)
- Related: bz253341
- Resolves: bz249291

[0.10.0-4]

- Fixed bz230451 (fence_xvm.key file is not automatically created. Should have a least a default)
- Fixed bz249097 (allow a space as a valid password char)
- Fixed bz250834 (ZeroDivisionError when attempting to click an empty lvm volume group)
- Fixed bz250443 (storage name warning utility produces a storm of warnings which can lock your browser)
- Resolves: bz249097, bz250443, bz250834
- Related: bz230451

[0.10.0-3]

- Fixed bz245947 (luci/Conga cluster configuration tool not initializing cluster node members)
- Fixed bz249641 (conga is unable to do storage operations if there is an lvm snapshot present)
- Fixed bz249342 (unknown ricci error when adding new node to cluster)
- Fixed bz249291 (delete node task fails to do all items listed in the help document)
- Fixed bz249091 (RFE: tell user they are about to kill all their nodes)
- Fixed bz249066 (AttributeError when attempting to configure a fence device)
- Fixed bz249086 (Unable to add a new fence device to cluster)
- Fixed bz249868 (Use of failover domain not correctly shown)
- Resolves bz245947, bz249641, bz249342, bz249291, bz249091,
- Resolves bz249066, bz249086, bz249868
- Related: bz249351

[0.10.0-2]

- Fixed bz245202 (Conga needs to support Internet Explorer 6.0 and later)
- Fixed bz248317 (luci sets incorrect permissions on /usr/lib64/luci and /var/lib/luci)
- Resolves: bz245202 bz248317

[0.10.0-1]
- Fixed bz238655 (conga does not set the 'nodename' attribute for manual fencing)
- Fixed bz221899 (Node log displayed in partially random order)
- Fixed bz225782 (Need more luci service information on startup - no info written to log about failed start cause)
- Fixed bz227743 (Intermittent/recurring problem - when cluster is deleted, sometimes a node is not affected)
- Fixed bz227682 (saslauthd[2274]: Deprecated pam_stack module called from service 'ricci')
- Fixed bz238726 (Conga provides no way to remove a dead node from a cluster)
- Fixed bz239389 (conga cluster: make 'enable shared storage' the default)
- Fixed bz239596
- Fixed bz240034 (rpm verify fails on luci)
- Fixed bz240361 (Conga storage UI front-end is too slow rendering storage)
- Fixed bz241415 (Installation using Conga shows 'error' in message during reboot cycle.)
- Fixed bz241418 (Conga tries ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'conga' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4136
1018921
http://securitytracker.com/id?1018921
26393
http://www.securityfocus.com/bid/26393
27611
http://secunia.com/advisories/27611
RHSA-2007:0640
http://rhn.redhat.com/errata/RHSA-2007-0640.html
https://bugzilla.redhat.com/show_bug.cgi?id=336101
oval:org.mitre.oval:def:9871
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9871
rhel-congaricci-dos(38358)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38358

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122643
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2007-0640)
Resumen:	The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory.
Descripción:	Summary: The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2007-0640 advisory. Vulnerability Insight: [0.10.0-6.el5.0.1] - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. [0.10.0-6] - Fixed bz253783 - Fixed bz253914 (conga doesn't allow you to reuse nfs export and nfs client resources) - Fixed bz254038 (Impossible to set many valid quorum disk configurations via conga) - Fixed bz253994 (Cannot specify multicast address for a cluster) - Resolves: bz253783, bz253914, bz254038, bz253994 [0.10.0-5] - Fixed bz249291 (delete node task fails to do all items listed in the help document) - Fixed bz253341 (failure to start cluster service which had been modified for correction) - Related: bz253341 - Resolves: bz249291 [0.10.0-4] - Fixed bz230451 (fence_xvm.key file is not automatically created. Should have a least a default) - Fixed bz249097 (allow a space as a valid password char) - Fixed bz250834 (ZeroDivisionError when attempting to click an empty lvm volume group) - Fixed bz250443 (storage name warning utility produces a storm of warnings which can lock your browser) - Resolves: bz249097, bz250443, bz250834 - Related: bz230451 [0.10.0-3] - Fixed bz245947 (luci/Conga cluster configuration tool not initializing cluster node members) - Fixed bz249641 (conga is unable to do storage operations if there is an lvm snapshot present) - Fixed bz249342 (unknown ricci error when adding new node to cluster) - Fixed bz249291 (delete node task fails to do all items listed in the help document) - Fixed bz249091 (RFE: tell user they are about to kill all their nodes) - Fixed bz249066 (AttributeError when attempting to configure a fence device) - Fixed bz249086 (Unable to add a new fence device to cluster) - Fixed bz249868 (Use of failover domain not correctly shown) - Resolves bz245947, bz249641, bz249342, bz249291, bz249091, - Resolves bz249066, bz249086, bz249868 - Related: bz249351 [0.10.0-2] - Fixed bz245202 (Conga needs to support Internet Explorer 6.0 and later) - Fixed bz248317 (luci sets incorrect permissions on /usr/lib64/luci and /var/lib/luci) - Resolves: bz245202 bz248317 [0.10.0-1] - Fixed bz238655 (conga does not set the 'nodename' attribute for manual fencing) - Fixed bz221899 (Node log displayed in partially random order) - Fixed bz225782 (Need more luci service information on startup - no info written to log about failed start cause) - Fixed bz227743 (Intermittent/recurring problem - when cluster is deleted, sometimes a node is not affected) - Fixed bz227682 (saslauthd[2274]: Deprecated pam_stack module called from service 'ricci') - Fixed bz238726 (Conga provides no way to remove a dead node from a cluster) - Fixed bz239389 (conga cluster: make 'enable shared storage' the default) - Fixed bz239596 - Fixed bz240034 (rpm verify fails on luci) - Fixed bz240361 (Conga storage UI front-end is too slow rendering storage) - Fixed bz241415 (Installation using Conga shows 'error' in message during reboot cycle.) - Fixed bz241418 (Conga tries ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'conga' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4136 1018921 http://securitytracker.com/id?1018921 26393 http://www.securityfocus.com/bid/26393 27611 http://secunia.com/advisories/27611 RHSA-2007:0640 http://rhn.redhat.com/errata/RHSA-2007-0640.html https://bugzilla.redhat.com/show_bug.cgi?id=336101 oval:org.mitre.oval:def:9871 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9871 rhel-congaricci-dos(38358) https://exchange.xforce.ibmcloud.com/vulnerabilities/38358
Copyright	Copyright (C) 2015 Greenbone AG