Fedora 9 : bugzilla-3.2.2-2.fc9 (2009-2418)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Thu Mar 5 2009 Itamar Reis Peixoto <itamar at
ispbrasil.com.br> 3.2.2-2

- fix from BZ #474250 Comment #16, from Chris Eveleigh
-->

- add python BR for contrib subpackage

- fix description

- change Requires perl-SOAP-Lite to perl(SOAP::Lite)
according guidelines

- Sun Mar 1 2009 Itamar Reis Peixoto <itamar at
ispbrasil.com.br> 3.2.2-1

- thanks to Chris Eveleigh <chris dot eveleigh at
planningportal dot gov dot uk>

- for contributing with patches :-)

- Upgrade to upstream 3.2.2 to fix multiple security
vulns

- Removed old perl_requires exclusions, added new ones
for RADIUS, Oracle and sanitycheck.cgi

- Added Oracle to supported DBs in description (and
moved line breaks)

- Include a patch to fix max_allowed_packet warnin when
using with mysql

- Sat Feb 28 2009 Itamar Reis Peixoto <itamar at
ispbrasil.com.br> 3.0.8-1

- Upgrade to 3.0.8, fix #466077 #438080

- fix macro in changelog rpmlint warning

- fix files-attr-not-set rpmlint warning for doc and
contrib sub-packages

- Mon Feb 23 2009 Fedora Release Engineering <rel-eng at
lists.fedoraproject.org> - 3.0.4-4

- Rebuilt for
https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

- Mon Feb 2 2009 Stepan Kasal <skasal at redhat.com> -
3.0.4-3

- do not require perl-Email-Simple, it is (no longer) in
use

- remove several explicit perl-* requires; the automatic
dependencies do handle them

- Mon Jul 14 2008 Tom 'spot' Callaway <tcallawa at
redhat.com> - 3.0.4-2

- fix license tag

- Fri May 9 2008 John Berninger <john at ncphotography
dot com> - 3.0.4-1

- Update to upstream 3.0.4 to fix multiple security
vulns

- Change perms on /etc/bugzilla for bz 427981

- Sun May 4 2008 John Berninger <john at ncphotography
dot com> - 3.0.3-0

- Update to upstream 3.0.3 - bz 444669

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=465956
https://bugzilla.redhat.com/show_bug.cgi?id=484755
https://bugzilla.redhat.com/show_bug.cgi?id=484805
https://bugzilla.redhat.com/show_bug.cgi?id=484806
https://bugzilla.redhat.com/show_bug.cgi?id=484807
https://bugzilla.redhat.com/show_bug.cgi?id=484811
https://bugzilla.redhat.com/show_bug.cgi?id=484812
https://bugzilla.redhat.com/show_bug.cgi?id=484813
https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
http://www.nessus.org/u?580d7913

Solution :

Update the affected bugzilla package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 35960 (fedora_2009-2418.nasl)

Bugtraq ID: 30661
32178

CVE ID: CVE-2008-4437
CVE-2008-6098
CVE-2009-0481
CVE-2009-0482
CVE-2009-0483
CVE-2009-0484
CVE-2009-0485
CVE-2009-0486

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now