Detections
Analytics

Scientific Linux Security Update : yum-autoupdate update on SL5.x, SL6.x i386/x86_64 (20120925)

high Nessus Plugin ID 62304

Language:

Synopsis

The remote Scientific Linux host is missing a security update.

Description

The Scientific Linux team was made aware of a problem with the use of temp files in the yum-autoupdate script by Elias Persson. The problem should be corrected in these packages.

These packages also include some minor feature updates for each release.

For SL5, the script now includes the 'PRERUN' and 'POSTRUN' functionality first provided in SL5.8 and SL6. The script is still configured as before, in the /etc/yum.d/ directory. The new features were added to the /etc/yum.d/yum.cron.updateexec config file.

For SL6, the package now includes an augeas lense for possible automated configuration. Augeas is a configuration file editing tool.
This lense allows augeas to read your configuration file so that you can customize it through that program. Typically augeas is used for automated configuration file edits. This lense should allow you to script out any changes you wish to make at your site. Automated tools such as puppet can use augeas as native tool for configuration file edits.

These packages were placed in testing for two weeks before their release. There were no reported problems.

Solution

Update the affected yum-autoupdate package.

See Also

http://www.nessus.org/u?d4bb0a8b

Plugin Details

Severity: High

ID: 62304

File Name: sl_20120925_yum_autoupdate_update_on_SL5_x.nasl

Version: 1.5

Type: local

Agent: unix

Published: 9/26/2012

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:fermilab:scientific_linux:yum-autoupdate, x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 9/25/2012

Vulnerability Publication Date: 9/25/2012