openSUSE Security Update : sysconfig (openSUSE-2012-74)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- Fixed to quote config / interface variables in
ifservices script and cleaned up content of the ESSID
which gets appended to them by NetworkManager dispatcher
hook (bnc#735394, CVE-2011-4182). Fixed also to return
proper exit code 0 in NM dispatcher hooks.

- Changed to call ip addr flush in ifdown, but after ip
link set down as it does not cause ipv6 sysctl tree side
effects then at least with more recent kernels
(bnc#580018,bnc#559170).

- Explicitly disabled posix mode in all bash scripts as we
are using several features not supported in posix mode
(bnc#739338).

- Fixed ipv6 dad / link ready wait time calculation (1/10
of the specified time) and replaced useless up flag
check loop with link_ready_wait to avoid send errors
from dhclient6 (bnc#697929).

- Added to require vlan, bridge-utils and tunctl packages
via spec, that are often required in base networking
configurations and are missed otherwise in 2nd
installation stage, that may be unable to install them
for some reason (bnc#733118).

- Added X-Systemd-RemainAfterExit: true LSB header
(bnc#727771)

- Do not suggest dhcp6c client from dropped dhcpv6 package
in ifup-dhcp, marked dhcp6c as deprecated in
network/dhcp and changed to use dhclient6 as first
choice (bnc#734723).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=559170
https://bugzilla.novell.com/show_bug.cgi?id=580018
https://bugzilla.novell.com/show_bug.cgi?id=697929
https://bugzilla.novell.com/show_bug.cgi?id=727771
https://bugzilla.novell.com/show_bug.cgi?id=733118
https://bugzilla.novell.com/show_bug.cgi?id=734723
https://bugzilla.novell.com/show_bug.cgi?id=735394
https://bugzilla.novell.com/show_bug.cgi?id=739338

Solution :

Update the affected sysconfig packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 74794 ()

Bugtraq ID:

CVE ID: CVE-2011-4182

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now