Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Fedora Core 10 FEDORA-2009-10233 (deltarpm)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to deltarpm announced via advisory FEDORA-2009-10233.
Insight
Insight
Update Information: deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CVE-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. ChangeLog: * Wed Sep 30 2009 Toshio Kuratomi - 3.4-11.1 - Build against the system zlib, not the bundled library. This remedies the fact that the included zlib is affected by CVE-2005-1849. - Fix cfile_detect_rsync() to detect rsync even if we don't have a zlib capable of making rsync-friendly compressed files.
Solution
Solution
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update deltarpm' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10233