[SECURITY] Fedora EPEL 4 Update: ocsinventory-1.02.3-1.el4

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 9 03:59:43 UTC 2010 

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-0194
2010-02-09 03:23:28
--------------------------------------------------------------------------------

Name        : ocsinventory
Product     : Fedora EPEL 4
Version     : 1.02.3
Release     : 1.el4
URL         : http://www.ocsinventory-ng.org/
Summary     : Open Computer and Software Inventory Next Generation
Description :
Open Computer and Software Inventory Next Generation is an application
designed to help a network or system administrator keep track of the
computers configuration and software that are installed on the network.

OCS Inventory is also able to detect all active devices on your network,
such as switch, router, network printer and unattended devices.

OCS Inventory NG includes package deployment feature on client computers.

ocsinventory is a metapackage that will install the communication server,
the administration console and the database server (MySQL).

--------------------------------------------------------------------------------
Update Information:

Multiple vulnerabilities have been discovered in OCS Inventory NG, which can be
exploited by malicious users to conduct SQL injection attacks and by malicious
people to conduct cross-site scripting attacks.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #560737 - OCS Inventory NG: Multiple security fixes in v1.02.2 version of Management server for Unix/Linux
        https://bugzilla.redhat.com/show_bug.cgi?id=560737
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update ocsinventory' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the epel-package-announce mailing list