Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-5773
2009-06-02 13:29:25
--------------------------------------------------------------------------------

Name        : ocsinventory
Product     : Fedora 10
Version     : 1.02.1
Release     : 1.fc10
URL         : http://www.ocsinventory-ng.org/
Summary     : Open Computer and Software Inventory Next Generation
Description :
Open Computer and Software Inventory Next Generation is an application
designed to help a network or system administrator keep track of the
computers configuration and software that are installed on the network.

OCS Inventory is also able to detect all active devices on your network,
such as switch, router, network printer and unattended devices.

OCS Inventory NG includes package deployment feature on client computers.

ocsinventory is a metapackage that will install the communication server,
the administration console and the database server (MySQL).

--------------------------------------------------------------------------------
Update Information:

2 Security fixes  - CVE-2009-1769 OCS Inventory NG: Authentication result varies
for existent and non-existent users  - SQL injection and Unauthenticated
Arbitrary File Read    Some Other minor bug fixes    http://www.ocsinventory-ng.
org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01returnid=64
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 30 2009 Remi Collet <Fedora@famillecollet.com> 1.02.1-1
- update to OCS Inventory NG 1.02.1 - Security Fixes (internal version 5003)
* Mon Apr 20 2009 Remi Collet <Fedora@famillecollet.com> 1.02-1
- update to OCS Inventory NG 1.02 final release (internal version 5003)
* Sun Jan 18 2009 Remi Collet <Fedora@famillecollet.com> 1.02-0.10.rc3.el4.1
- fix php-xml > php-domxml in EL-4
* Sun Jan 11 2009 Remi Collet <Fedora@famillecollet.com> 1.02-0.10.rc3
- add r1447 and r1462 patch
- change log selinux context (httpd_log_t)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #502250 - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users
        https://bugzilla.redhat.com/show_bug.cgi?id=502250
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update ocsinventory' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce