Lucene search
K

Fedora 45 : rust-fern / rust-ifcfg-devname / rust-routinator / rust-rpki / etc (2026-188f731254)

🗓️ 03 Jul 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 4 Views

Fedora 45 update for routinator with updated dependencies, switch fern to syslog seven, and loosen ifcfg devname bound.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2026-188f731254
#

include('compat.inc');

if (description)
{
  script_id(324989);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/03");

  script_cve_id(
    "CVE-2023-39916",
    "CVE-2026-49232",
    "CVE-2026-49233",
    "CVE-2026-49234",
    "CVE-2026-49235"
  );
  script_xref(name:"FEDORA", value:"2026-188f731254");

  script_name(english:"Fedora 45 : rust-fern / rust-ifcfg-devname / rust-routinator / rust-rpki / etc (2026-188f731254)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Fedora 45 host has packages installed that are affected by multiple vulnerabilities as referenced in the
FEDORA-2026-188f731254 advisory.

    Update `routinator` to the latest, pulling in updated dependencies (`rpki` and `syslog`), and switch
    `fern` to using `syslog` 7 instead of 6 for this update, and loosen the `syslog` version bound for `ifcfg-
    devname`.


    # v0.15.2
    This release fixes a number of vulnerabilities and security issues identified by a security audit
    performed by [X41 D-Sec] and financed by [Sovereign Tech Agency].

    **We advise all users to upgrade at their earliest convenience.**

    ## Security fixes

    * Changed how transient errors when accepting incoming HTTP and RTR connections are handled: instead of
    exiting, a warning is printed and the error is ignored. ([#1099])

      This issue was assigned [CVE-2026-49232].

    * Extended the check for illegal path components in rsync URIs to also include the authority and module
    parts. (via [rpki-rs#370])

      This fixes a path traversal vulnerability that has been assigned [CVE-2026-49233].

    * Fixed a panic when parsing certain AS numbers from strings. (via [rpki-rs#373])

      This fixes a vulnerability that has been assigned [CVE-2026-49234].

    * Upgraded quick-xml to at least 0.39.4 to fix a regression in XML parsing that may lead a panic on
    certain crated XML files. (via [rpki-rs#372])

      This fixes a vulnerability that has been assigned [CVE-2026-49235].

    ## Improvements

    * Restricted trust anchor certificates downloaded via HTTP to the size given via the `max_object_size`
    config option. ([#1090])
    * The `-e` and `--rsh` options will now be rejected in the `rsync-args` config option. Similarly,
    Routinator will not start if the equivalent evironment variable `RSYNC_RSH` is set. ([#1091])

    ## Bug fixes

    * Set an RTR listener socket received via systemd to non-blocking. This fixes a panic in Tokio. ([#1081]
    by [@MaxHearnden])
    * Fixed the `--rrdp-tcp-keepalive` to be a command line option rather than a command line argument.
    ([1085])

    ## Other changes

    * Support for Ubuntu Resolute Raccoon (26.04). ([#1095])

    [#1090]: https://github.com/NLnetLabs/routinator/pull/1090
    [#1091]: https://github.com/NLnetLabs/routinator/pull/1091
    [#1081]: https://github.com/NLnetLabs/routinator/pull/1081
    [#1085]: https://github.com/NLnetLabs/routinator/pull/1085
    [#1095]: https://github.com/NLnetLabs/routinator/pull/1095
    [@MaxHearnden]: https://github.com/MaxHearnden
    [rpki-rs#370]: https://github.com/NLnetLabs/rpki-rs/pull/370
    [rpki-rs#372]: https://github.com/NLnetLabs/rpki-rs/pull/372
    [rpki-rs#373]: https://github.com/NLnetLabs/rpki-rs/pull/373
    [CVE-2026-49232]: https://nlnetlabs.nl/downloads/routinator/CVE-2026-49232.txt
    [CVE-2026-49233]: https://nlnetlabs.nl/downloads/routinator/CVE-2026-49233.txt
    [CVE-2026-49234]: https://nlnetlabs.nl/downloads/routinator/CVE-2026-49234.txt
    [CVE-2026-49235]: https://nlnetlabs.nl/downloads/routinator/CVE-2026-49235.txt
    [X41 D-Sec]: https://www.x41-dsec.de/
    [Sovereign Tech Agency]: https://www.sovereign.tech/

    # v0.15.1

    ## Bug fixes

    * Abort the optimistic initial run if there are no stored TA certificates for a TAL instead of succeeding
    with an empty data set. ([#1071])
    * Undo `PrivateUsers` restriction in systemd unit files to allow user to run Routinator on privileged
    ports. ([#1068])

    [#1068]: https://github.com/NLnetLabs/routinator/pull/1068
    [#1071]: https://github.com/NLnetLabs/routinator/pull/1071

    # v0.15.0

    ## Breaking changes

    * Removed the `rrdp-keep-responses` feature. We suggest the use of an HTTP proxy such as [mitmproxy]
    instead.

      This once and for all fixes [CVE-2023-39916] which returned again in release 0.14.0. ([#1055])
    * Messages about issues with repositories and publication points are now logged separately and by default
    are only visible in the status HTTP server endpoints. The new `log-repository-issues` option can be used
    to have these messages also written to the log. ([#1054])
    * Changed how server mode deals with broken or missing local exception files. Previously, Routinator would
    just stop updating until they are fixed, leading to updates being stalled if the operator misses the error
    messages. Now it will log a warning and keep using the previous set of local exceptions. When starting, it
    will exit with an error message if there are broken or missing local exception files. ([#1060])
    * Changed the RRDP timeouts: introduced a new config variable `rrdp-read-timeout` that provides a timeout
    for individual network operations (primarily: read from the server). Its default is 10 seconds. This
    timeout is also used for connecting of no specific value is given, significantly speeding up validation
    runs.

      In addition, the RRDP timeout was increased from 300 to 600 seconds to better deal with slow
    transmission of large snapshots of some repositories. ([#1061])

    ## New

    * Added a quick initial run after starting the server which only uses stored data and aborts if any
    required data hasnt been requested before to deal with configuration changes. This will shorten the
    wait time for an initial data set when restarting Routinator. ([#1057])
    * Added support for SLURM v2 as output format which includes ASPA payload. ([#1021])
    * Changed refresh behaviour to better cope with short-lived objects. By default, Routinator will now wait
    for the time defined by `refresh` even if objects expire earlier. The new `min-refresh` option can be used
    to specify a short minimum refresh time if objects expire before the refresh time. If this value is set to
    0, the old behaviour is restored. ([#1027])
    * The order in which manifest entries are processed is now randomized. ([#1041])
    * Reduced the overhead of storing RRDP snapshot downloads, significantly improving the snapshot update
    times. ([#1035])
    * The `dump` command now prints the source directories of the data it dumps. ([#1045])
    * Added a `--update-after` option to the `vrps` subcommand that skips updating the local cache if the last
    successful validation run was known to be less than a given number of minutes ago. ([#1049])
    * Error responses for API-related HTTP endpoints now contain JSON bodies. ([#1050])
    * The `/validity` HTTP server endpoint now accepts POST requests with a JSON body containing multiple
    routes to be checked all at once. ([#1053])
    * Better protect against corrupted stored publication points by double checking cached manifest properties
    against the actual manifest and discard the stored publication point if they mismatch.

      This fixes an issue where an accidentally or maliciously manipulated locally stored manifest could block
    update of a legitimate new manifest which was reported by Zizhi Shang, Zhechao Lin, Jiahao Cao, Yangyang
    Wang, Mingwei Xu of the Institute for Network Sciences and Cyberspace (INSC), Tsinghua University.

    ## Bug fixes

    * Fixed a crash if certain invalid character appear in a manifest file name by limiting the name to the
    rules defined in [RFC9286]. This issue was reported by  Niklas Vogel of Goethe University Frankfurt and
    ATHENE. ([rpki-rs#342])
    * Re-implemented RRDP client metrics based on the much simpler model used by RTRTR to fix recurring errors
    in the metrics. ([#1039])
    * Changed the message logged when an RRDP update times out to actually say that. ([#1052])

    ## Other changes

    * Improved performance of file system operations on validate subcommand. ([#1043] by [@kawaemon])
    * Add package.homepage to Cargo.toml ([#1024])
    * Added building packages for RHEL 10 and Debian 13. ([#1034], [#1047])
    * Added building packages for ARMv6 and ARM64 for Debian Bookworm. ([#1036])
    * Added additional restrictions to the systemd unit files used in the various binary packages. ([#1056])
    * Upgrades various dependencies. ([#1004], [#1005], [#1006])

    [#1004]: https://github.com/NLnetLabs/routinator/pull/1004
    [#1005]: https://github.com/NLnetLabs/routinator/pull/1005
    [#1006]: https://github.com/NLnetLabs/routinator/pull/1006
    [#1014]: https://github.com/NLnetLabs/routinator/pull/1014
    [#1021]: https://github.com/NLnetLabs/routinator/pull/1021
    [#1024]: https://github.com/NLnetLabs/routinator/pull/1024
    [#1027]: https://github.com/NLnetLabs/routinator/pull/1027
    [#1034]: https://github.com/NLnetLabs/routinator/pull/1034
    [#1035]: https://github.com/NLnetLabs/routinator/pull/1035
    [#1036]: https://github.com/NLnetLabs/routinator/pull/1036
    [#1039]: https://github.com/NLnetLabs/routinator/pull/1039
    [#1041]: https://github.com/NLnetLabs/routinator/pull/1041
    [#1043]: https://github.com/NLnetLabs/routinator/pull/1043
    [#1045]: https://github.com/NLnetLabs/routinator/pull/1045
    [#1047]: https://github.com/NLnetLabs/routinator/pull/1047
    [#1049]: https://github.com/NLnetLabs/routinator/pull/1049
    [#1052]: https://github.com/NLnetLabs/routinator/pull/1052
    [#1053]: https://github.com/NLnetLabs/routinator/pull/1053
    [#1055]: https://github.com/NLnetLabs/routinator/pull/1055
    [#1056]: https://github.com/NLnetLabs/routinator/pull/1056
    [#1057]: https://github.com/NLnetLabs/routinator/pull/1057
    [#1060]: https://github.com/NLnetLabs/routinator/pull/1060
    [#1061]: https://github.com/NLnetLabs/routinator/pull/1061
    [rpki-rs#342]: https://github.com/NLnetLabs/rpki-rs/pull/342
    [@kawaemon]: https://github.com/kawaemon
    [mitmproxy]: https://www.mitmproxy.org/
    [RFC9286]: https://tools.ietf.org/html/rfc9286
    [CVE-2023-39916]: https://nlnetlabs.nl/downloads/routinator/CVE-2023-39916.txt


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2026-188f731254");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-49233");
  script_set_attribute(attribute:"cvss4_score_source", value:"CVE-2026-49235");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/09/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/07/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/07/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:45");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rust-fern");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rust-ifcfg-devname");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rust-routinator");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rust-rpki");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rust-syslog");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Fedora Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Fedora' >!< os_product) audit(AUDIT_OS_NOT, 'Fedora');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
if (! preg(pattern:"^45([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'Fedora 45', 'Fedora ' + os_version);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);

var constraints = [
  {
    'release': '45',
    'pkgs': [
      {'reference':'rust-fern-0.7.1-6.fc45', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rust-ifcfg-devname-1.1.1-5.fc45', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rust-routinator-0.15.2-1.fc45', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rust-rpki-0.19.3-1.fc45', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'rust-syslog-7.0.0-2.fc45', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rust-fern / rust-ifcfg-devname / rust-routinator / rust-rpki / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Jul 2026 00:00Current
6Medium risk
Vulners AI Score6
CVSS 3.17.5 - 9.3
CVSS 48.7
EPSS0.00549
SSVC
4