Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.851925 |
Kategorie: | SuSE Local Security Checks |
Titel: | openSUSE: Security Advisory for gitolite (openSUSE-SU-2018:3035-1) |
Zusammenfassung: | The remote host is missing an update for the 'gitolite'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'gitolite' package(s) announced via the referenced advisory. Vulnerability Insight: This update for gitolite fixes the following issues: Gitolite was updated to 3.6.9: - CVE-2018-16976: prevent racy access to repos in process of migration to gitolite (boo#1108272) - 'info' learns new '-p' option to show only physical repos (as opposed to wild repos) The update to 3.6.8 contains: - fix bug when deleting *all* hooks for a repo - allow trailing slashes in repo names - make pre-receive hook driver bail on non-zero exit of a pre-receive hook - allow templates in gitolite.conf (new feature) - various optimiations The update to 3.6.7 contains: - allow repo-specific hooks to be organised into subdirectories, and allow the multi-hook driver to be placed in some other location of your choice - allow simple test code to be embedded within the gitolite.conf file see contrib/utils/testconf for how. (This goes on the client side, not on the server) - allow syslog 'facility' to be changed, from the default of 'local0' - allow syslog 'facility' to be changed, from the default of replaced with a space separated list of members The update to 3.6.6 contains: - simple but important fix for a future perl deprecation (perl will be removing '.' from @INC in 5.24) - 'perms' now requires a '-c' to activate batch mode (should not affect interactive use but check your scripts perhaps?) - gitolite setup now accepts a '-m' option to supply a custom message (useful when it is used by a script) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-1118=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-1118=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2018-1118=1 Affected Software/OS: gitolite on openSUSE Leap 42.3 Solution: Please install the updated package(s). CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-16976 |
Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |