 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.853439 |
| Category: | SuSE Local Security Checks |
| Title: | openSUSE: Security Advisory for fossil (openSUSE-SU-2020:1478-1) |
| Summary: | The remote host is missing an update for the 'fossil'; package(s) announced via the openSUSE-SU-2020:1478-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'fossil' package(s) announced via the openSUSE-SU-2020:1478-1 advisory. Vulnerability Insight: This update for fossil fixes the following issues: - fossil 2.12.1: * CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code [boo#1175760] * Security fix in the 'fossil git export' command. New 'safety-net' features were added to prevent similar problems in the future. * Enhancements to the graph display for cases when there are many cherry-pick merges into a single check-in. Example * Enhance the fossil open command with the new --workdir option and the ability to accept a URL as the repository name, causing the remote repository to be cloned automatically. Do not allow 'fossil open' to open in a non-empty working directory unless the --keep option or the new --force option is used. * Enhance the markdown formatter to more closely follow the CommonMark specification with regard to text highlighting. Underscores in the middle of identifiers (ex: fossil_printf()) no longer need to be escaped. * The markdown-to-html translator can prevent unsafe HTML (for example: |