Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:1146-1)
Summary:The remote host is missing an update for the 'portus' package(s) announced via the SUSE-SU-2016:1146-1 advisory.
The remote host is missing an update for the 'portus' package(s) announced via the SUSE-SU-2016:1146-1 advisory.

Vulnerability Insight:
Portus was updated to version 2.0.3, which brings several fixes and enhancements:
- Fixed crono job when a repository could not be found.
- Fixed compatibility issues with Docker 1.10 and Distribution 2.3.
- Handle multiple scopes in token requests.
- Add optional fields to token response.
- Fixed notification events for Distribution v2.3.
- Paginate through the catalog properly.
- Do not remove all the repositories if fetching one fails.
- Fixed SMTP setup.
- Don't let crono overflow the 'log' column on the DB.
- Show the actual LDAP error on invalid login.
- Fixed the location of crono logs.
- Always use relative paths.
- Set RUBYLIB when using portusctl.
- Don't count hidden teams on the admin panel.
- Warn developers on unsupported docker-compose versions.
- Directly invalidate LDAP logins without name and password.
- Don't show the 'I forgot my password' link on LDAP.
The following Rubygems bundled within Portus have been updated to fix security issues:
- CVE-2016-2098: rubygem-actionpack (bsc#969943).
- CVE-2015-7578: rails-html-sanitizer (bsc#963326).
- CVE-2015-7579: rails-html-sanitizer (bsc#963327).
- CVE-2015-7580: rails-html-sanitizer (bsc#963328).
- CVE-2015-7576: rubygem-actionpack, rubygem-activesupport (bsc#963563).
- CVE-2015-7577: rubygem-activerecord (bsc#963604).
- CVE-2016-0751: rugygem-actionpack (bsc#963627).
- CVE-2016-0752: rubygem-actionpack, rubygem-actionview (bsc#963608).
- CVE-2016-0753: rubygem-activemodel, rubygem-activesupport,
rubygem-activerecord (bsc#963617).
- CVE-2015-7581: rubygem-actionpack (bsc#963625).

Affected Software/OS:
'portus' package(s) on SUSE Linux Enterprise Module for Containers 12

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-7576
BugTraq ID: 81803
Debian Security Information: DSA-3464 (Google Search)
RedHat Security Advisories: RHSA-2016:0296
SuSE Security Announcement: SUSE-SU-2016:1146 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0363 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0372 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-7577
BugTraq ID: 81806
Common Vulnerability Exposure (CVE) ID: CVE-2015-7578
SuSE Security Announcement: SUSE-SU-2016:0391 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0356 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-7579
Common Vulnerability Exposure (CVE) ID: CVE-2015-7580
Common Vulnerability Exposure (CVE) ID: CVE-2015-7581
BugTraq ID: 81677
Common Vulnerability Exposure (CVE) ID: CVE-2016-0751
BugTraq ID: 81800
Common Vulnerability Exposure (CVE) ID: CVE-2016-0752
BugTraq ID: 81801
Common Vulnerability Exposure (CVE) ID: CVE-2016-0753
BugTraq ID: 82247
Common Vulnerability Exposure (CVE) ID: CVE-2016-2098
BugTraq ID: 83725
Debian Security Information: DSA-3509 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0854 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0867 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0967 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0790 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0835 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.