Fedora Update for gitolite FEDORA-2011-1644

2011-02-28T00:00:00
ID OPENVAS:862861
Type openvas
Reporter Copyright (c) 2011 Greenbone Networks GmbH
Modified 2017-07-10T00:00:00

Description

Check for the Version of gitolite

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for gitolite FEDORA-2011-1644
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Gitolite allows a server to host many git repositories and provide access
  to many developers, without having to give them real userids on the server.
  The essential magic in doing this is ssh's pubkey access and the authorized
  keys file, and the inspiration was an older program called gitosis.

  Gitolite can restrict who can read from (clone/fetch) or write to (push) a
  repository. It can also restrict who can push to what branch or tag, which
  is very important in a corporate environment. Gitolite can be installed
  without requiring root permissions, and with no additional software than git
  itself and perl. It also has several other neat features described below and
  elsewhere in the doc/ directory.";
tag_solution = "Please Install the Updated Packages.";

tag_affected = "gitolite on Fedora 14";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054250.html");
  script_id(862861);
  script_version("$Revision: 6626 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $");
  script_tag(name:"creation_date", value:"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_xref(name: "FEDORA", value: "2011-1644");
  script_name("Fedora Update for gitolite FEDORA-2011-1644");

  script_summary("Check for the Version of gitolite");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC14")
{

  if ((res = isrpmvuln(pkg:"gitolite", rpm:"gitolite~1.5.3~2.fc14", rls:"FC14")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}