Search...

Debian DSA-2134-1 : upcoming changes in advisory format

2011-01-03T00:00:00

ID DEBIAN_DSA-2134.NASL
Type nessus
Reporter Tenable
Modified 2012-01-21T00:00:00

Description

Traditionally Debian Security Advisories have included MD5 check sums of the updated packages. This was introduced at a time when apt didn't exist yet and BIND was at version 4.

Since apt cryptographically enforces the integrity of the archive for quite some time now, we've decided to finally drop the hash values from our advisory mails.

We'll also change some details of the advisory format in the upcoming months.

                                        
                                            # @DEPRECATED@
#
# This script has been deprecated as the associated advisory does not 
# have any package tests.
#
# Disabled on 2012/01/20.
#

# This script was automatically generated from Debian Security 
# Advisory DSA-2133. It is released under the Nessus Script 
# Licence.
#
# Debian Security Advisory DSA-2133 is (C) Software in the Public
# Interest, Inc; see http://www.debian.org/license for details.
#

include("compat.inc");

if (description)
{
  script_id(51396);
  script_version("$Revision: 1.3 $");
  script_cvs_date("$Date: 2012/01/21 02:41:31 $");

  script_xref(name:"DSA", value:"2134");

  script_name(english:"Debian DSA-2134-1 : upcoming changes in advisory format");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Traditionally Debian Security Advisories have included MD5 check sums
of the updated packages.  This was introduced at a time when apt
didn't exist yet and BIND was at version 4. 

Since apt cryptographically enforces the integrity of the archive for
quite some time now, we've decided to finally drop the hash values
from our advisory mails. 

We'll also change some details of the advisory format in the upcoming
months."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2010/dsa-2134"
  );
  script_set_attribute(attribute:"solution", value:"n/a");
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux");

  script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/03");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is (C) 2011-2012 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


# Deprecated.
exit(0, "The associated advisory does not have any package tests.");

JSON Vulners Source

Initial Source

{"naslFamily": "Debian Local Security Checks", "id": "DEBIAN_DSA-2134.NASL", "lastseen": "2017-10-29T13:37:29", "viewCount": 1, "bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux"], "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 4.1, "vector": "NONE", "modified": "2017-10-29T13:37:29", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["UBUNTU_USN-4165-1.NASL", "OPENSUSE-2019-559.NASL", "MOZILLA_FIREFOX_70_0.NASL"]}, {"type": "cve", "idList": ["CVE-2018-6157", "CVE-2018-6161", "CVE-2018-6177", "CVE-2018-6154", "CVE-2018-6176", "CVE-2018-6168", "CVE-2018-6159", "CVE-2018-6156", "CVE-2018-6171", "CVE-2018-6155"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/ASAN_SUID_EXECUTABLE_PRIV_ESC"]}], "modified": "2017-10-29T13:37:29", "rev": 2}, "vulnersScore": 4.1}, "type": "nessus", "description": "Traditionally Debian Security Advisories have included MD5 check sums of the updated packages. This was introduced at a time when apt didn't exist yet and BIND was at version 4. \n\nSince apt cryptographically enforces the integrity of the archive for quite some time now, we've decided to finally drop the hash values from our advisory mails. \n\nWe'll also change some details of the advisory format in the upcoming months.", "title": "Debian DSA-2134-1 : upcoming changes in advisory format", "cvelist": [], "sourceData": "# @DEPRECATED@\n#\n# This script has been deprecated as the associated advisory does not \n# have any package tests.\n#\n# Disabled on 2012/01/20.\n#\n\n# This script was automatically generated from Debian Security \n# Advisory DSA-2133. It is released under the Nessus Script \n# Licence.\n#\n# Debian Security Advisory DSA-2133 is (C) Software in the Public\n# Interest, Inc; see http://www.debian.org/license for details.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51396);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2012/01/21 02:41:31 $\");\n\n script_xref(name:\"DSA\", value:\"2134\");\n\n script_name(english:\"Debian DSA-2134-1 : upcoming changes in advisory format\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Traditionally Debian Security Advisories have included MD5 check sums\nof the updated packages. This was introduced at a time when apt\ndidn't exist yet and BIND was at version 4. \n\nSince apt cryptographically enforces the integrity of the archive for\nquite some time now, we've decided to finally drop the hash values\nfrom our advisory mails. \n\nWe'll also change some details of the advisory format in the upcoming\nmonths.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2134\"\n );\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is (C) 2011-2012 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\n# Deprecated.\nexit(0, \"The associated advisory does not have any package tests.\");\n", "published": "2011-01-03T00:00:00", "pluginID": "51396", "references": ["http://www.debian.org/security/2010/dsa-2134"], "reporter": "Tenable", "modified": "2012-01-21T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51396", "immutableFields": []}