Búsqueda de    
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2019:1220-1)
Resumen:The remote host is missing an update for the 'cf-cli' package(s) announced via the SUSE-SU-2019:1220-1 advisory.
The remote host is missing an update for the 'cf-cli' package(s) announced via the SUSE-SU-2019:1220-1 advisory.

Vulnerability Insight:
This update for cf-cli fixes the following issues:

cf-cli was updated: to version 6.43.0 (bsc#1132242)

Enhancements :
`cf curl` supports a new `--fail` flag (primarily for scripting
purposes) which returns exit code `22` for server errors
[story]([link moved to references])

Improves `cf delete-orphaned-routes` such that it uses a different
endpoint, reducing the chance of a race condition when two users are
simultaneously deleting orphaned routes and associating routes with
applications [story]([link moved to references])

we've improved the speed of cf services - it now hits a single endpoint
instead of making individual API calls

CVE-2019-3781: CF CLI does not sanitize userAC/AEURA(tm)s password in

Fixes issue with running cf login in verbose mode whereby passwords
which contains regex were not completely redacted

Fixes issue whilst running commands in verbose mode refresh tokens were
not completely redacted

Other Bug Fixes:
Updates help text for cf curlstory

Now refresh tokens work properly whilst using cf curl with V3 CC API
endpoints story

Fixes performance degradation for cf services story

cf delete-service requires that you are targeting a space story

cf enable-service access for a service in an org will succeed if you
have already enabled access for that service in that org story

cf-cli was updated to version 6.42.0:

Minor Enhancements:
updated `cf restage` help text and the first line in the command's
output to indicate that using this command will cause app downtime
[story]([link moved to references])

updated the `cf bind-route-service` help text to clarify usage
instructions [story]([link moved to references])

improved an error message for `cf create-service-boker` to be more
helpful when the CC API returns a `502` due to an invalid service broker

upgraded to Golang 1.11.4
[story]([link moved to references])

added a short name `ue` for `cf unset-env`
[story]([link moved to references])

updated `cf marketplace` command to include a new `broker` column to
prepare for a upcoming services-related feature which will allow
services to have the same name as long as they are associated with
different service brokers
[story]([link moved to references])

fix for `cf enable-service-access -p plan` whereby when we refactored
the code in CLI `v6.41.0` it created service plan visibilities as part
of a subsequent run of the command (the unrefactored code skipped
creating the service plan visibilities), now the command will skip
creating service plan visibilities as it did prior to the refactor
[story]([link moved to references])

updated the `cf rename-buildpack` help text which was missing ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'cf-cli' package(s) on SUSE Linux Enterprise Module for CAP 15.

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-3781
BugTraq ID: 107365
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

© 1998-2021 E-Soft Inc. Todos los derechos reservados.