Fedora 9 : bugzilla-3.2.3-1.fc9 (2009-3405)

medium Nessus Plugin ID 36109

Synopsis

The remote Fedora host is missing a security update.

Description

- Mon Apr 6 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.2.3-1

- fix CVE-2009-1213

- Thu Mar 5 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.2.2-2

- fix from BZ #474250 Comment #16, from Chris Eveleigh
-->

- add python BR for contrib subpackage

- fix description

- change Requires perl-SOAP-Lite to perl(SOAP::Lite) according guidelines

- Sun Mar 1 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.2.2-1

- thanks to Chris Eveleigh <chris dot eveleigh at planningportal dot gov dot uk>

- for contributing with patches :-)

- Upgrade to upstream 3.2.2 to fix multiple security vulns

- Removed old perl_requires exclusions, added new ones for RADIUS, Oracle and sanitycheck.cgi

- Added Oracle to supported DBs in description (and moved line breaks)

- Include a patch to fix max_allowed_packet warnin when using with mysql

- Sat Feb 28 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.0.8-1

- Upgrade to 3.0.8, fix #466077 #438080

- fix macro in changelog rpmlint warning

- fix files-attr-not-set rpmlint warning for doc and contrib sub-packages

- Mon Feb 23 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.4-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

- Mon Feb 2 2009 Stepan Kasal <skasal at redhat.com> - 3.0.4-3

- do not require perl-Email-Simple, it is (no longer) in use

- remove several explicit perl-* requires; the automatic dependencies do handle them

- Mon Jul 14 2008 Tom 'spot' Callaway <tcallawa at redhat.com> - 3.0.4-2

- fix license tag

- Fri May 9 2008 John Berninger <john at ncphotography dot com> - 3.0.4-1

- Update to upstream 3.0.4 to fix multiple security vulns

- Change perms on /etc/bugzilla for bz 427981

- Sun May 4 2008 John Berninger <john at ncphotography dot com> - 3.0.3-0

- Update to upstream 3.0.3 - bz 444669

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected bugzilla package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=494398

https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

http://www.nessus.org/u?688eda58

Plugin Details

Severity: Medium

ID: 36109

File Name: fedora_2009-3405.nasl

Version: 1.16

Type: local

Agent: unix

Published: 4/8/2009

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:bugzilla, cpe:/o:fedoraproject:fedora:9

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/7/2009

Reference Information

CVE: CVE-2009-1213

BID: 34308

CWE: 352

FEDORA: 2009-3405