Fedora alert FEDORA-2010-1540 (ocsinventory)

From:
    	     
 
updates@fedoraproject.org 
To:
    	     
 
package-announce@lists.fedoraproject.org 
Subject:
    	     
 
[SECURITY] Fedora 11 Update: ocsinventory-1.02.3-1.fc11 
Date:
    	     
 
Sat, 06 Feb 2010 00:07:19 +0000
Message-ID:
    	     
 
<20100206001032.B639B110C84@bastion2.fedora.phx.redhat.com>

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-1540
2010-02-05 23:24:17
--------------------------------------------------------------------------------

Name        : ocsinventory
Product     : Fedora 11
Version     : 1.02.3
Release     : 1.fc11
URL         : http://www.ocsinventory-ng.org/
Summary     : Open Computer and Software Inventory Next Generation
Description :
Open Computer and Software Inventory Next Generation is an application
designed to help a network or system administrator keep track of the
computers configuration and software that are installed on the network.

OCS Inventory is also able to detect all active devices on your network,
such as switch, router, network printer and unattended devices.

OCS Inventory NG includes package deployment feature on client computers.

ocsinventory is a metapackage that will install the communication server,
the administration console and the database server (MySQL).

--------------------------------------------------------------------------------
Update Information:

Multiple vulnerabilities have been discovered in OCS Inventory NG, which can be
exploited by malicious users to conduct SQL injection attacks and by malicious
people to conduct cross-site scripting attacks.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  5 2010 Remi Collet <Fedora@famillecollet.com> 1.02.3-1
- Security Fixes - Bug #560737
* Mon Aug 17 2009 Remi Collet <Fedora@famillecollet.com> 1.02.1-3
- add ChangeLog
- Security Fixes (internal version 5003) Bug #517837
* Sat May 30 2009 Remi Collet <Fedora@famillecollet.com> 1.02.1-1
- update to OCS Inventory NG 1.02.1 - Security Fixes (internal version 5003)
* Mon Apr 20 2009 Remi Collet <Fedora@famillecollet.com> 1.02-1
- update to OCS Inventory NG 1.02 final release (internal version 5003)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #560737 - OCS Inventory NG: Multiple security fixes in v1.02.2 version of Management
server for Unix/Linux
        https://bugzilla.redhat.com/show_bug.cgi?id=560737
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ocsinventory' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...