Is version really $revision$ ? 19.9.2015 8.12 ip. "Walter York" <[email protected]> kirjoitti:
> Possible false positive: The guidance by the OpenVAS test is to upgrade > to Pango version 1.24.0 or later yet I have 1.34 installed on the target > box. > > > *On my OpenVAS box*: > *OS Distribution*: > [root@localhost ~]# cat /etc/*elease > CentOS Linux release 7.1.1503 (Core) > > *Authenticated*? Yes > SSH Authorization Check > It was possible to login using the provided SSH credentials. > Hence authenticated checks are enabled. > > Greenbone Security Assistant > Version 6.0.5 > Using with the latest NVT, SCAP and CERT feeds > =================================================== > *On my Target box*: > root@bh01 [/]# yum list installed | grep pango > pango.x86_64 1.34.1-5.el7 > @base > > root@bh01 [/]# cat /etc/*elease > CentOS Linux release 7.1.1503 (Core) > NAME="CentOS Linux" > > =================================================== > *OpenVAS Result Details*: > OpenVAS is failing this particular test: > Vulnerability Detection Method > Details: Pango Integer Buffer Overflow Vulnerability (OID: > 1.3.6.1.4.1.25623.1.0.900644) > Version used: $Revision: 15 $ > > Solution > Upgrade to pango version 1.24.0 or later > http://ftp.acc.umu.se/pub/GNOME/sources/pango/ > > Affected Software/OS > Pango version prior to 1.24.0 > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
