Scientific Linux Security Update : yum-autoupdate update on SL5.x, SL6.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing a security update.

Description :

The Scientific Linux team was made aware of a problem with the use of
temp files in the yum-autoupdate script by Elias Persson. The problem
should be corrected in these packages.

These packages also include some minor feature updates for each
release.

For SL5, the script now includes the 'PRERUN' and 'POSTRUN'
functionality first provided in SL5.8 and SL6. The script is still
configured as before, in the /etc/yum.d/ directory. The new features
were added to the /etc/yum.d/yum.cron.updateexec config file.

For SL6, the package now includes an augeas lense for possible
automated configuration. Augeas is a configuration file editing tool.
This lense allows augeas to read your configuration file so that you
can customize it through that program. Typically augeas is used for
automated configuration file edits. This lense should allow you to
script out any changes you wish to make at your site. Automated tools
such as puppet can use augeas as native tool for configuration file
edits.

These packages were placed in testing for two weeks before their
release. There were no reported problems.

See also :

http://www.nessus.org/u?c81c730c

Solution :

Update the affected yum-autoupdate package.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 62304 ()

Bugtraq ID:

CVE ID: