Fedora Update for gitolite3 FEDORA-2012-15731

Fedora Update for gitolite3 FEDORA-2012-15731. Gitolite allows a server to host many git repositories and provide access to many developers, without giving real userids on the server. It restricts read and write access to repositories and can be installed without root permissions

Source	Link
lists	www.lists.fedoraproject.org/pipermail/package-announce/2012-October/090194.html

###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for gitolite3 FEDORA-2012-15731
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Gitolite allows a server to host many git repositories and provide access
  to many developers, without having to give them real userids on the server.
  The essential magic in doing this is ssh's pubkey access and the authorized
  keys file, and the inspiration was an older program called gitosis.

  Gitolite can restrict who can read from (clone/fetch) or write to (push) a
  repository. It can also restrict who can push to what branch or tag, which
  is very important in a corporate environment. Gitolite can be installed
  without requiring root permissions, and with no additional software than git
  itself and perl. It also has several other neat features described below and
  elsewhere in the doc/ directory.";

tag_affected = "gitolite3 on Fedora 17";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090194.html");
  script_id(864787);
  script_version("$Revision: 8273 $");
  script_tag(name:"last_modification", value:"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $");
  script_tag(name:"creation_date", value:"2012-10-19 09:45:38 +0530 (Fri, 19 Oct 2012)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_xref(name: "FEDORA", value: "2012-15731");
  script_name("Fedora Update for gitolite3 FEDORA-2012-15731");

  script_tag(name: "summary" , value: "Check for the Version of gitolite3");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC17")
{

  if ((res = isrpmvuln(pkg:"gitolite3", rpm:"gitolite3~3.04~4.fc17", rls:"FC17")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

03 Jan 2018 00:00Current

7.4High risk

Vulners AI Score7.4