Fedora 11 : moin-1.8.7-2.fc11 (2010-6012)

low Nessus Plugin ID 47409

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

- Sat Apr 3 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.7-2

- Fixes CVE-2010-0828 (rhbz#578801)

- Thu Feb 18 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.7-1

- Fixed major security issues in miscellaneous parts of moin

- http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANG ES

- http://secunia.com/advisories/38444/

- Fixes rhbz#565604

- Mon Dec 28 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.6-1

- 1.8.6, mostly bug fixes

- http://hg.moinmo.in/moin/1.8/raw-file/1.8.6/docs/CHANG ES

- Tue Sep 15 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.5-1

- 1.8.5

- Includes multiple bug fixes, a new FCKeditor version and some new features

- http://hg.moinmo.in/moin/1.8/raw-file/1.8.5/docs/CHANG ES

- Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.8.4-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

- Sun Jul 12 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> 1.8.4-2

- Remove the filemanager directory from the embedded FCKeditor, it contains code with know security vulnerabilities, even though that code couldn't be invoked when moin was used with the default settings.

- Fixes rhbz #509924, related to CVE-2009-2265

- Sat Jun 13 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> 1.8.4-1

- Update to 1.8.4, http://moinmo.in/MoinMoinRelease1.8 has a list of changes.

- Includes a security fix for hierarchical ACL (not the default mode), http://moinmo.in/SecurityFixes has the details.

- Drop previous security patches, those are not needed anymore.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected moin package.

See Also

http://hg.moinmo.in/moin/1.8/raw-file/1.8.5/docs/CHANGES

http://hg.moinmo.in/moin/1.8/raw-file/1.8.6/docs/CHANGES

http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES

http://moinmo.in/MoinMoinRelease1.8

http://moinmo.in/SecurityFixes

https://bugzilla.redhat.com/show_bug.cgi?id=578801

https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

http://www.nessus.org/u?b1ebc367

Plugin Details

Severity: Low

ID: 47409

File Name: fedora_2010-6012.nasl

Version: 1.16

Type: local

Agent: unix

Published: 7/1/2010

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.6

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:moin, cpe:/o:fedoraproject:fedora:11

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/9/2010

Reference Information

CVE: CVE-2010-0828

BID: 39110

FEDORA: 2010-6012

Secunia: 38444