Fedora 25 : globus-ftp-client / globus-gass-cache-program / globus-gass-copy / etc (2017-7591a8e2c9)

high Nessus Plugin ID 101214

Language:

Synopsis

The remote Fedora host is missing one or more security updates.

Description

globus-ftp-client

- Adapt to Perl 5.26 - POSIX::tmpnam() no longer available

- Remove some redundant tests to reduce test time

globus-gass-cache-program

- GT6 update

globus-gass-copy

- Don't attempt sshftp data protection without creds (9.24)

- Checksum verification based on contribution from IBM (9.24)

- Fix uninitialized field related crash (9.25)

- Remove checksum data from public handle (9.26)

- Prevent some race conditions (9.27)

globus-gram-job-manager

- Default to running personal gatekeeper on an ephemeral port

globus-gridftp-server

- New error message format (12.0)

- Configuration database (12.0)

- Better delay for end of session ref check (12.1)

- Fix tests when getgroups() does not return effective gid (12.2)

globus-gssapi-gsi

- Don't unlock unlocked mutex (12.14)

- Remove legacy SSLv3 support (12.15)

- Test fixes (12.16)

- Drop patch globus-gssapi-gsi-mutex-unlock.patch (fixed upstream 12.14)

globus-io

- Remove legacy SSLv3 support

globus-net-manager

- Fix .pc typo

- Drop patch globus-net-manager-pkgconfig.patch (fixed upstream)

globus-xio

- Don't rely on globus_error_put(NULL) to be GLOBUS_SUCCESS (5.15)

- Fix crash in error handling in http driver (5.16)

globus-xio-gsi-driver

- Fix crash when checking for anonymous GSS name when name comparison fails

globus-xio-pipe-driver

- Fix .pc typo

globus-xio-udt-driver

- Don't force --static flag to pkg-config

- Drop some BuildRequires no longer needed with above change

- Fix undefined symbols during linking

myproxy

- Fix error check (6.1.26)

- Remove legacy SSLv3 support (6.1.27)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2017-7591a8e2c9

Plugin Details

Severity: High

ID: 101214

File Name: fedora_2017-7591a8e2c9.nasl

Version: 3.4

Type: local

Agent: unix

Published: 7/5/2017

Updated: 1/6/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:globus-ftp-client, p-cpe:/a:fedoraproject:fedora:globus-gass-cache-program, p-cpe:/a:fedoraproject:fedora:globus-gass-copy, p-cpe:/a:fedoraproject:fedora:globus-gram-job-manager, p-cpe:/a:fedoraproject:fedora:globus-gridftp-server, p-cpe:/a:fedoraproject:fedora:globus-gssapi-gsi, p-cpe:/a:fedoraproject:fedora:globus-io, p-cpe:/a:fedoraproject:fedora:globus-net-manager, p-cpe:/a:fedoraproject:fedora:globus-xio, p-cpe:/a:fedoraproject:fedora:globus-xio-gsi-driver, p-cpe:/a:fedoraproject:fedora:globus-xio-pipe-driver, p-cpe:/a:fedoraproject:fedora:globus-xio-udt-driver, p-cpe:/a:fedoraproject:fedora:myproxy, cpe:/o:fedoraproject:fedora:25

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 7/3/2017

Vulnerability Publication Date: 7/3/2017

Reference Information