Fedora 9: 2009-0636 Critical: libnasl OpenSSL Signature Issue

NASL is a scripting language designed for the Nessus security scanner.

Its aim is to allow anyone to write a test for a given security hole

in a few minutes, to allow people to share their tests without having

to worry about their operating system, and to guarantee everyone that

a NASL script can not do anything nasty except performing a given

security test against a given target.

Thus, NASL allows you to easily forge IP packets, or to send regular

packets. It provides you some convenient functions that will make the

test of web and FTP server more easy to write. NASL garantees you that

a NASL script:

- will not send any packet to a host other than the target host,

- will not execute any commands on your local system.

* Mon Jan 12 2009 Andreas Bierfert

- 2.2.11-3

- fix #479655

* Mon Dec 1 2008 Michael Schwendt - 2.2.11-2

- in doc pkg: include missing dirs and mark files as %doc

* Sun Nov 23 2008 Andreas Bierfert

- 2.2.11-1

- version upgrade

- fix #465106

[ 1 ] Bug #479655 - libnasl: OpenSSL incorrect checks for malformed signatures

https://bugzilla.redhat.com/show_bug.cgi?id=479655

su -c 'yum update libnasl' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/