Scientific Linux Security Update : yum-conf on SL3.x i386/x86_64
High Nessus Plugin ID 60331
SynopsisThe remote Scientific Linux host is missing a security update.
Descriptionyum-conf changes are needed for the transition of SL 3 into legacy mode.
Changes from the old yum-conf
* The files /etc/yum.conf and /etc/cron.daily/yum.cron are not marked as 'noreplace'. This means that if you have modified /etc/yum.conf or /etc/cron.daily/yum.cron, your version will be saved as *.rpmsave and the new version will be put in it's place.
* All the /etc/yum.conf.* files have been removed except yum.conf.309, yum.conf.30x, and yum.conf.flash
* The yum.conf entries are pointing at /linux/scientific/obsolete/30*, except for the errata area of /linux/scientific/309/ .
* The yum.cron (/etc/cron.daily/yum.cron) is the yum.cron from yum-conf-309. It does not point to 309, but has the following changes.
- The yum.cron uses your /etc/yum.conf. If your /etc/yum.conf has an excludes line already in it, it adds the entries in /etc/yum.d/yum.cron.excludes. If your /etc/yum.conf does not have an excludes line, it adds one, with the entries from /etc/yum.cron.excludes - It does not use /etc/yum.d/yum.cron.primary or /etc/yum.d/yum.cron.secondary. You need to put the list of yum repositories you want yum to go to in /etc/yum.conf
SolutionUpdate the affected yum-conf package.