Scientific Linux Security Update : yum-updatesd on SL5.x (noarch)
Medium Nessus Plugin ID 77018
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionIt was discovered that yum-updatesd did not properly perform RPM package signature checks. When yum-updatesd was configured to automatically install updates, a remote attacker could use this flaw to install a malicious update on the target system using an unsigned RPM or an RPM signed with an untrusted key. (CVE-2014-0022)
After installing this update, the yum-updatesd service will be restarted automatically.
SolutionUpdate the affected yum-updatesd package.