Fedora Update for gitolite3 FEDORA-2012-15746

2012-10-19T00:00:00
ID OPENVAS:864798
Type openvas
Reporter Copyright (c) 2012 Greenbone Networks GmbH
Modified 2017-12-29T00:00:00

Description

Check for the Version of gitolite3

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for gitolite3 FEDORA-2012-15746
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Gitolite allows a server to host many git repositories and provide access
  to many developers, without having to give them real userids on the server.
  The essential magic in doing this is ssh's pubkey access and the authorized
  keys file, and the inspiration was an older program called gitosis.

  Gitolite can restrict who can read from (clone/fetch) or write to (push) a
  repository. It can also restrict who can push to what branch or tag, which
  is very important in a corporate environment. Gitolite can be installed
  without requiring root permissions, and with no additional software than git
  itself and perl. It also has several other neat features described below and
  elsewhere in the doc/ directory.";

tag_affected = "gitolite3 on Fedora 16";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090174.html");
  script_id(864798);
  script_version("$Revision: 8257 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $");
  script_tag(name:"creation_date", value:"2012-10-19 09:47:57 +0530 (Fri, 19 Oct 2012)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_xref(name: "FEDORA", value: "2012-15746");
  script_name("Fedora Update for gitolite3 FEDORA-2012-15746");

  script_tag(name: "summary" , value: "Check for the Version of gitolite3");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC16")
{

  if ((res = isrpmvuln(pkg:"gitolite3", rpm:"gitolite3~3.04~4.fc16", rls:"FC16")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}