Detections
Analytics

openSUSE Security Update : xtrabackup (openSUSE-2017-382)

medium Nessus Plugin ID 99017

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update to xtrabackup 2.3.7 fixes one security issue and bugs.

The following security issue was fixed :

 - innobackupex and xtrabackup scripts were showing the password in the ps output when it was passed as a command line argument (boo#1026729)

The following functionality was added :

 - new --remove-original option for removing the original encrypted and compressed files

 - now supports -H, -h, -u and -p shortcuts for --hostname,
 --datadir, --user and --password respectively

The following bugs were fixed :

 - Pick up username from user's configuration file correctly

 - Incremental backups did not include xtrabackup_binlog_info and xtrabackup_galera_info files

 - --move-back option did not always restore out-of-datadir tablespaces to their original directories

 - Incremental backup would fail with a path like ~/backup/inc_1

Solution

Update the affected xtrabackup packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1026729

Plugin Details

Severity: Medium

ID: 99017

File Name: openSUSE-2017-382.nasl

Version: 3.3

Type: local

Agent: unix

Published: 3/28/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:xtrabackup, p-cpe:/a:novell:opensuse:xtrabackup-debuginfo, p-cpe:/a:novell:opensuse:xtrabackup-debugsource, p-cpe:/a:novell:opensuse:xtrabackup-test, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 3/27/2017