This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for fossil to version 2.3 fixes the following issues :
- Potential XSS vulnerability on the /help webpage
This update also contains all upstream improvements and fixes in
version 2.3 :
- Update internal Unicode character tables, used in
regular expression handling, from version 9.0 to 10.0.
- Show the last-sync-URL on the /urllist page
- Added the 'Event Summary' activity report
- Added the 'Security Audit' page, available to
- Added the Last Login time to the user list page, for
- Added the --numstat option to the fossil diff command
- Limit the size of the heap and stack on unix systems, as
a proactive defense against the Stack Clash attack
- Fix 'database locked' warnings caused by 'PRAGMA
- Documentation updates
See also :
Update the affected fossil packages.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now