Hello, The OpenVAS developers have just released an important security release for the Open Vulnerability Assessment System release series 8 (OpenVAS-8).
The following package was released: - Greenbone Security Assistant 6.0.9. We highly recommend to update your OpenVAS installation to the version listed above as soon as possible. It has been identified that Greenbone Security Assistant (GSA) is vulnerable to a denial-of-service attack due to a improper handling of UTF-8 in GET and POST requests. Given the attacker has access to a GSA web interface, a respective HTTP request can crash gsad. For details and current information on this vulnerability please refer to the following page on the OpenVAS website: http://openvas.org/OVSA20160202.html The source tarballs for the releases are available for download from the OpenVAS website at: https://wald.intevation.org/frs/?group_id=29 This page contains signatures and checksums for the source tarballs as well. You can find links to the latest source tarballs for all currently maintained releases here: http://openvas.org/install-source.html Binary packages for major GNU/Linux distributions by third parties are expected to follow soon. Regards, Michael Wiegand -- Michael Wiegand | Greenbone Networks GmbH | http://www.greenbone.net/ Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
pgpbwgxw7IcOa.pgp
Description: PGP signature
_______________________________________________ Openvas-announce mailing list Openvas-announce@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-announce
