Scientific Linux Security Update : GPG-RPM key on SL3.x, SL4.x, SL5.x i386/x86_64

high Nessus Plugin ID 60617

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

Updating the GPG keys in the release to include a Scientific Linux RPM signing key to sign the rpm's with. We will start using this new key, and stop using Connie or Troy's personal GPG Keys for signing rpm's.

This is labeled as Moderate because those machines that have gpg checking turned on will be unable update their security errata until this update has been done.

Note1: This is not because any keys have been compromised, or a break-in. This is because we are changing the model we use for signing rpms.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?4f5d77ee

Plugin Details

Severity: High

ID: 60617

File Name: sl_20090716_GPG_RPM_key_on_SL3_x.nasl

Version: 1.6

Type: local

Agent: unix

Published: 8/1/2012

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 7/16/2009