Scientific Linux Security Update : yum-conf on SL3.x i386/x86_64

High Nessus Plugin ID 60331


The remote Scientific Linux host is missing a security update.


yum-conf changes are needed for the transition of SL 3 into legacy mode.

Changes from the old yum-conf

* The files /etc/yum.conf and /etc/cron.daily/yum.cron are not marked as 'noreplace'. This means that if you have modified /etc/yum.conf or /etc/cron.daily/yum.cron, your version will be saved as *.rpmsave and the new version will be put in it's place.

* All the /etc/yum.conf.* files have been removed except yum.conf.309, yum.conf.30x, and yum.conf.flash

* The yum.conf entries are pointing at /linux/scientific/obsolete/30*, except for the errata area of /linux/scientific/309/ .

* The yum.cron (/etc/cron.daily/yum.cron) is the yum.cron from yum-conf-309. It does not point to 309, but has the following changes.

- The yum.cron uses your /etc/yum.conf. If your /etc/yum.conf has an excludes line already in it, it adds the entries in /etc/yum.d/yum.cron.excludes. If your /etc/yum.conf does not have an excludes line, it adds one, with the entries from /etc/yum.cron.excludes - It does not use /etc/yum.d/yum.cron.primary or /etc/yum.d/yum.cron.secondary. You need to put the list of yum repositories you want yum to go to in /etc/yum.conf

SL 3.0.1


Update the affected yum-conf package.

See Also

Plugin Details

Severity: High

ID: 60331

File Name: sl_20071213_yum_conf_on_SL3.nasl

Version: $Revision: 1.2 $

Type: local

Agent: unix

Published: 2012/08/01

Modified: 2013/03/06

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2007/12/13