RHEL 7 : ostree (RHSA-2017:0444)

Low Nessus Plugin ID 97548


The remote Red Hat host is missing one or more security updates.


Updated ostree and rpm-ostree packages are now available for Red Hat Enterprise Linux Atomic Host 7.

OSTree is a tool for managing bootable, immutable, versioned filesystem trees.

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands which can be used both on client systems as well as server-side composes.

Security Fix(es) :

* CVE-2017-2623

The ostree and rpm-ostree packages have been upgraded to upstream versions 2017.1-5 and 2017.1-6 respectively, which provide a number of bug fixes and enhancements over the previous versions. (BZ#1416089)

Users of Red Hat Enterprise Linux Atomic Host are advised to upgrade to these updated packages, which fixes these bugs and adds these enhancements.


Update the affected packages.

See Also



Plugin Details

Severity: Low

ID: 97548

File Name: redhat-RHSA-2017-0444.nasl

Version: $Revision: 3.1 $

Type: local

Agent: unix

Published: 2017/03/06

Modified: 2017/03/06

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 2.2

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:ND/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:rpm-ostree, p-cpe:/a:redhat:enterprise_linux:rpm-ostree-client, p-cpe:/a:redhat:enterprise_linux:rpm-ostree-client-debuginfo, p-cpe:/a:redhat:enterprise_linux:rpm-ostree-debuginfo, cpe:/o:redhat:enterprise_linux:7

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2017/03/02

Reference Information

CVE: CVE-2017-2623

OSVDB: 152901

RHSA: 2017:0444