drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in openvas-manager
| Name: |
Ausführen beliebiger Kommandos in openvas-manager |
|
| ID: |
FEDORA-2015-10514 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 21 |
|
| Datum: |
Di, 30. Juni 2015, 07:25 |
|
| Referenzen: |
https://bugzilla.redhat.com/show_bug.cgi?id=1169170 |
|
| Applikationen: |
OpenVAS |
|
Originalnachricht |
Name : openvas-manager
Product : Fedora 21
Version : 6.0.3
Release : 3.fc21
URL : http://www.openvas.org
Summary : Manager Module for the Open Vulnerability Assessment System
(OpenVAS)
Description :
The OpenVAS Manager is the central service that consolidates plain
vulnerability
scanning into a full vulnerability management solution. The Manager controls
the
Scanner via OTP and itself offers the XML-based, stateless OpenVAS Management
Protocol (OMP). All intelligence is implemented in the Manager so that it is
possible to implement various lean clients that will behave consistently e.g.
with regard to filtering or sorting scan results. The Manager also controls
a SQL database (sqlite-based) where all configuration and scan result data is
centrally stored.
-------------------------------------------------------------------------------
-
Update Information:
Bump to openvas8 because of the issues found in previous versions.
This should be the first version with scanner really working on Fedora.
-------------------------------------------------------------------------------
-
ChangeLog:
* Sat Jun 20 2015 Michal Ambroz <rebus at, seznam.cz> - 6.0.3-3
- fix the options in the /etc/sysconfig
* Thu Jun 18 2015 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 6.0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat May 23 2015 Michal Ambroz <rebus at, seznam.cz> - 6.0.3-1
- bump to OpenVas-8 version 6.0.3
* Sat Apr 4 2015 Michal Ambroz <rebus at, seznam.cz> - 5.0.9-1
- bump to OpenVas-7 version 5.0.9
* Sat Dec 6 2014 Michal Ambroz <rebus at, seznam.cz> - 5.0.7-1
- bump to OpenVas-7 version 5.0.7
* Fri Nov 7 2014 Michal Ambroz <rebus at, seznam.cz> - 5.0.5-2
- remove sysvinit subpackage as it is not needed anymore
- call setgroups before giving up rights with setuid
* Tue Nov 4 2014 Michal Ambroz <rebus at, seznam.cz> - 5.0.5-1
- bump to OpenVas-7 version 5.0.5
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1169170 - openvas-manager: SQL injection related to the timezone
parameter [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1169170
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update openvas-manager' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
