Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0152)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.123976

Category: Oracle Linux Local Security Checks

Title: Oracle: Security Advisory (ELSA-2012-0152)

Summary: The remote host is missing an update for the 'kexec-tools' package(s) announced via the ELSA-2012-0152 advisory.

Description: Summary:
The remote host is missing an update for the 'kexec-tools' package(s) announced via the ELSA-2012-0152 advisory.

Vulnerability Insight:
[1.102pre-154.0.3]
- mkdumprd.orig get packed, remove it.

[1.102pre-154.0.2]
- fix mounting root fs on labeled disk (Maxim Uvarov) [orabug: 13709374]

[1.102pre-154.0.1]
Merge following patches from mkinitrd:
- mkinitrd-fix-san-boot.patch
- mkinitrd-fix-shared-lib-library-path.patch
- mkinitrd-5.1.19.6-libfirmware-subdir-include.patch
- mkinitrd-fix-setquiet-for-non-verbose.patch
- add-option-to-forceload-multipath.patch
- Update kexec-kdump-howto.txt with Oracle references
- Add mkdumprd load firmware support [orabug 10432768]
- Updated makedumpfile to el6 version (Herbert van den Bergh) [orabug 10088607]
- Merged UEK modification,Updated Source1 kdump.init
Added --allow-missing for rebuilding kdump_initrd
- Updated kexec-kdump-howto.txt with Oracle references

[1.102pre-154]
- Add xfs support, resolve bug 668706.

[1.102pre-153]
- Avoid recursive directory deletion when unmount failed, from Cai Qian.
Resolve bug 781907.

[1.102pre-152]
- Replace sed with awk in interface-mapping code,
resolve bug 765702.

[1.102pre-151]
- Set pipefail to catch errors in a pipe, resolve bug 761336.

[1.102pre-150]
- Remove the restriction for Xen HVM guests, resolve bug 743217.

[1.102pre-149]
- Honor the resettable flag, resolve bug 761048.

[1.102pre-148]
- Revert the patch in -144, resolve bug 755781. From Cai Qian.

[1.102pre-147]
- Poll every ifcfg file to get bridge members, resolve bug 760844.

[1.102pre-146]
- Don't add default gateway when there is none. Resolve bug 759006.

[1.102pre-145]
- Bypass blacklist option for target checking. Resolve bug 690678.

[1.102pre-144]
- Change the default core_collector for raw dump to makedumpfile.
Resolve bug 755781.

[1.102pre-143]
- Support static route. Resolve bug 715531.

[1.102pre-142]
- Fix some security flaws. Resolve bug 743163.

[1.102pre-141]
- Remove two unused patches.

[1.102pre-140]
- Fix link_delay regression since -135, resolve bug 753684.

[1.102pre-139]
- Improve debugfs mounting code, from Dave Young. Resolve bug 748749.

[1.102pre-138]
- Backport blacklist option. Resolve bug 690678.

[1.102pre-137]
- Fix link_delay handling code. Resolve bug 682359.

[1.102pre-136]
- Add /etc/fstab into initrd, resolve Bug 748319.

[1.102pre-135]
- Support dump over vlan tagged bond. Resolve bug 682359.

[1.102pre-134]
- Fix two trivial bugs, Bug 709622 and Bug 662530.

[1.102pre-133]
- Support software iscsi as dump target, from Vivek Goyal.
Resolve bug 719384.

[1.102pre-132]
- Add the missing part of the previous patch. Resolve bug 696547.

[1.102pre-131]
- Get the backup memory region dynamically. Resolve bug 678308.

[1.102pre-130]
- Add ext4 module. Resolve bug 667791.

[1.102pre-129]
- Updating release to force brew rebuild

[1.102pre-128]
- Check fsck.ext4 binary before include it. Resolve bug 667791.

[1.102pre-127]
- Add ext4 support, from Dave Maley. Resolve bug 667791.

Affected Software/OS:
'kexec-tools' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.7

CVSS Vector:
AV:A/AC:M/Au:N/C:C/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3588
RHSA-2011:1532
http://rhn.redhat.com/errata/RHSA-2011-1532.html
RHSA-2012:0152
http://rhn.redhat.com/errata/RHSA-2012-0152.html
https://bugzilla.redhat.com/show_bug.cgi?id=716439
Common Vulnerability Exposure (CVE) ID: CVE-2011-3589
Common Vulnerability Exposure (CVE) ID: CVE-2011-3590

Copyright Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.123976
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-0152)
Summary:	The remote host is missing an update for the 'kexec-tools' package(s) announced via the ELSA-2012-0152 advisory.
Description:	Summary: The remote host is missing an update for the 'kexec-tools' package(s) announced via the ELSA-2012-0152 advisory. Vulnerability Insight: [1.102pre-154.0.3] - mkdumprd.orig get packed, remove it. [1.102pre-154.0.2] - fix mounting root fs on labeled disk (Maxim Uvarov) [orabug: 13709374] [1.102pre-154.0.1] Merge following patches from mkinitrd: - mkinitrd-fix-san-boot.patch - mkinitrd-fix-shared-lib-library-path.patch - mkinitrd-5.1.19.6-libfirmware-subdir-include.patch - mkinitrd-fix-setquiet-for-non-verbose.patch - add-option-to-forceload-multipath.patch - Update kexec-kdump-howto.txt with Oracle references - Add mkdumprd load firmware support [orabug 10432768] - Updated makedumpfile to el6 version (Herbert van den Bergh) [orabug 10088607] - Merged UEK modification,Updated Source1 kdump.init Added --allow-missing for rebuilding kdump_initrd - Updated kexec-kdump-howto.txt with Oracle references [1.102pre-154] - Add xfs support, resolve bug 668706. [1.102pre-153] - Avoid recursive directory deletion when unmount failed, from Cai Qian. Resolve bug 781907. [1.102pre-152] - Replace sed with awk in interface-mapping code, resolve bug 765702. [1.102pre-151] - Set pipefail to catch errors in a pipe, resolve bug 761336. [1.102pre-150] - Remove the restriction for Xen HVM guests, resolve bug 743217. [1.102pre-149] - Honor the resettable flag, resolve bug 761048. [1.102pre-148] - Revert the patch in -144, resolve bug 755781. From Cai Qian. [1.102pre-147] - Poll every ifcfg file to get bridge members, resolve bug 760844. [1.102pre-146] - Don't add default gateway when there is none. Resolve bug 759006. [1.102pre-145] - Bypass blacklist option for target checking. Resolve bug 690678. [1.102pre-144] - Change the default core_collector for raw dump to makedumpfile. Resolve bug 755781. [1.102pre-143] - Support static route. Resolve bug 715531. [1.102pre-142] - Fix some security flaws. Resolve bug 743163. [1.102pre-141] - Remove two unused patches. [1.102pre-140] - Fix link_delay regression since -135, resolve bug 753684. [1.102pre-139] - Improve debugfs mounting code, from Dave Young. Resolve bug 748749. [1.102pre-138] - Backport blacklist option. Resolve bug 690678. [1.102pre-137] - Fix link_delay handling code. Resolve bug 682359. [1.102pre-136] - Add /etc/fstab into initrd, resolve Bug 748319. [1.102pre-135] - Support dump over vlan tagged bond. Resolve bug 682359. [1.102pre-134] - Fix two trivial bugs, Bug 709622 and Bug 662530. [1.102pre-133] - Support software iscsi as dump target, from Vivek Goyal. Resolve bug 719384. [1.102pre-132] - Add the missing part of the previous patch. Resolve bug 696547. [1.102pre-131] - Get the backup memory region dynamically. Resolve bug 678308. [1.102pre-130] - Add ext4 module. Resolve bug 667791. [1.102pre-129] - Updating release to force brew rebuild [1.102pre-128] - Check fsck.ext4 binary before include it. Resolve bug 667791. [1.102pre-127] - Add ext4 support, from Dave Maley. Resolve bug 667791. Affected Software/OS: 'kexec-tools' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.7 CVSS Vector: AV:A/AC:M/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3588 RHSA-2011:1532 http://rhn.redhat.com/errata/RHSA-2011-1532.html RHSA-2012:0152 http://rhn.redhat.com/errata/RHSA-2012-0152.html https://bugzilla.redhat.com/show_bug.cgi?id=716439 Common Vulnerability Exposure (CVE) ID: CVE-2011-3589 Common Vulnerability Exposure (CVE) ID: CVE-2011-3590
Copyright	Copyright (C) 2015 Greenbone AG