Test Kennung:	1.3.6.1.4.1.25623.1.0.123084
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-1210)
Zusammenfassung:	The remote host is missing an update for the 'abrt, libreport' package(s) announced via the ELSA-2015-1210 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'abrt, libreport' package(s) announced via the ELSA-2015-1210 advisory. Vulnerability Insight: abrt [2.0.8-26.0.1.el6_6.1] - Add abrt-oracle-enterprise.patch to be product neutral - Remove abrt-plugin-rhtsupport dependency for cli and desktop - Make abrt Obsoletes/Provides abrt-plugin-rhtsupprot [2.0.8-26.el6_6.1] - remove old dump directories in upgrade - remove outdated rmp scriptlets - daemon: allow only root to submit CCpp, Koops, VMCore and Xorg problems - abrt-action-install-debuginfo-to-abrt-cache: sanitize arguments and umask - make the problem directories owned by abrt and the group root - validate uploaded problem directories in abrt-handle-upload - don't override nor remove files with user core dump files - fix symbolic link and race condition flaws - Resolves: #1211966 libreport [2.0.9-21.0.1.el6_6.1] - Add oracle-enterprise.patch and oracle-enterprise-po.patch - Remove libreport-plugin-rhtsupport pkg [2.0.9-21.el6_6.1] - switch dump directory owner from 'abrt:user' to 'user:abrt' (rhbz#1212093) - harden against directory traversal, crafted symbolic links (rhbz#1212093) - avoid race-conditions in dump dir opening (rhbz#1212093) - Resolves: #1211966 Affected Software/OS: 'abrt, libreport' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1869 http://www.openwall.com/lists/oss-security/2015/04/17/5 https://bugzilla.redhat.com/show_bug.cgi?id=1212861 https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f Common Vulnerability Exposure (CVE) ID: CVE-2015-1870 75119 http://www.securityfocus.com/bid/75119 RHSA-2015:1083 http://rhn.redhat.com/errata/RHSA-2015-1083.html RHSA-2015:1210 http://rhn.redhat.com/errata/RHSA-2015-1210.html https://bugzilla.redhat.com/show_bug.cgi?id=1212868 https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1 https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c5 Common Vulnerability Exposure (CVE) ID: CVE-2015-3142 75116 http://www.securityfocus.com/bid/75116 [oss-security] 20150417 Re: Problems in automatic crash analysis frameworks https://bugzilla.redhat.com/show_bug.cgi?id=1212818 Common Vulnerability Exposure (CVE) ID: CVE-2015-3147 https://bugzilla.redhat.com/show_bug.cgi?id=1212953 https://github.com/abrt/abrt/commit/3746b7627218438ae7d781fc8b18a221454e9091 https://github.com/abrt/abrt/pull/955 Common Vulnerability Exposure (CVE) ID: CVE-2015-3159 https://bugzilla.redhat.com/show_bug.cgi?id=1216962 https://github.com/abrt/abrt/commit/9943a77bca37a0829ccd3784d1dfab37f8c24e7b https://github.com/abrt/abrt/commit/9a4100678fea4d60ec93d35f4c5de2e9ad054f3a Common Vulnerability Exposure (CVE) ID: CVE-2015-3315 BugTraq ID: 75117 http://www.securityfocus.com/bid/75117 https://www.exploit-db.com/exploits/44097/ http://www.openwall.com/lists/oss-security/2015/04/14/4 http://www.openwall.com/lists/oss-security/2015/04/16/12 RedHat Security Advisories: RHSA-2015:1083 RedHat Security Advisories: RHSA-2015:1210
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.