Login
Newsletter
Werbung

Sicherheit: Cross-Site Scripting in ocsinventory
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in ocsinventory
ID: FEDORA-2011-14963
Distribution: Fedora
Plattformen: Fedora 14
Datum: Mo, 14. November 2011, 07:26
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4024
Applikationen: ocsinventory

Originalnachricht

Name        : ocsinventory
Product : Fedora 14
Version : 1.3.3
Release : 5.fc14
URL : http://www.ocsinventory-ng.org/
Summary : Open Computer and Software Inventory Next Generation
Description :
Open Computer and Software Inventory Next Generation is an application
designed to help a network or system administrator keep track of the
computers configuration and software that are installed on the network.

OCS Inventory is also able to detect all active devices on your network,
such as switch, router, network printer and unattended devices.

OCS Inventory NG includes package deployment feature on client computers.

ocsinventory is a metapackage that will install the communication server,
the administration console and the database server (MySQL).

---------------------------------------------------------------------------=
-----
Update Information:

Fix a XSS vulnerability
---------------------------------------------------------------------------=
-----
ChangeLog:

* Tue Oct 25 2011 Remi Collet <Fedora@famillecollet.com> - 1.3.3-5
- fix XSS vulnerabity (Bug #748072, CVE-2011-4024)
- Don't require php-zip for F16 and up.
* Wed Nov 24 2010 Remi Collet <Fedora@famillecollet.com> - 1.3.3-1
- update to 1.3.3 (bugfix)
- clean applied patches
- requires nbmlookup instead of samba-client, fix #654252
---------------------------------------------------------------------------=
-----
References:

[ 1 ] Bug #748072 - CVE-2011-4024 ocsinventory: XSS flaw
https://bugzilla.redhat.com/show_bug.cgi?id=3D748072
---------------------------------------------------------------------------=
-----

This update can be installed with the "yum" update program. Use =

su -c 'yum update ocsinventory' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on t=
he
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
---------------------------------------------------------------------------=
-----
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung