Environment
Novell
ZENworks Patch Management 6.2 - ZPM6.2
Novell ZENworks
Patch Management 6.3 - ZPM6.3Novell
ZENworks Patch Management 6.4 - ZPM6.4
Situation
Description
A
Security patch update has been released for ZENworks
Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.x.
Customers are recommended to install this security update at their
earliest opportunity.
Applies To:ZPM Update Agent for Unix/Linux/Mac 6.x
Additional Information
Details
Patch Name:LSA20080201 - Security Update for ZPM Update
Agent for LUM 6.x
Impact:Important
CVE:CVE-2008-0525
Description:Below are the list of fixes included in this security update:
Lumension
KB528: Symlink vulnerability found in logtrimmer script
(40628)
Lumension KB527: The rebootTask contains a symlink vulnerability where a user can run malicious code. (40644)
Lumension KB527: The rebootTask contains a symlink vulnerability where a user can run malicious code. (40644)
Systems Affected
ZPM Update Agent for Linux/Unix/Mac 6.4102
ZPM Update Agent for Linux/Unix/Mac 6.3450
ZPM Update Agent for Linux/Unix/Mac 6.2094
Installation
Engineering has created the following fixes which are available from your ZPM Update Server.
Engineering has created the following fixes which are available from your ZPM Update Server.
| Patch Name | Patch Description |
Security
Update for ZPM Update Agent for LUM6.x
(non-HPUX) | Security update that is only applicable to non HP-UX operating systems. |
Security
Update for ZPM Update Agent for LUM6.x (HPUX) | Security update that is only applicable to HP-UX operating systems. |
Future
Fix
These security updates will be available in the ZPM Update Server 6.4 Service Pack 1 (SP1). Customers are encouraged to upgrade to the latest version of the ZPM Update Server 6.4 software to keep up-to-date.
These security updates will be available in the ZPM Update Server 6.4 Service Pack 1 (SP1). Customers are encouraged to upgrade to the latest version of the ZPM Update Server 6.4 software to keep up-to-date.