NVT: Gentoo Security Advisory GLSA 20{1401-04,1503-10}: 1.3.6.1.4.1.25623.1.0.12{1101,1364}

The following checks:

Gentoo Security Advisory GLSA 201401-04 OID: 1.3.6.1.4.1.25623.1.0.121101
https://security.gentoo.org/glsa/201401-04
Gentoo Security Advisory GLSA 201503-10 OID: 1.3.6.1.4.1.25623.1.0.121364
https://security.gentoo.org/glsa/201503-10

lately started to produce false positives on Gentoo systems where Python 2.7 is installed.

Both checks mention:

Package dev-lang/python-2.7.18-r6 is installed which is known to be vulnerable.

in the scan detection results. Python 2.7.18 has been released in 2020 and is unaffected by both mentioned NVTs according to the version desciptions in the Gentoo Security Advisory GLSAs and since they’re from 2014 and 2015 respectively.

Thanks a lot for this report.

Please note that the Gentoo based package checks are provided by a 3rdparty years ago (the last Gentoo LSCs are from 2016), are currently unsupported by Greenbone and needs a community contribution if any fixes / updates are required.

Is there any git repository to follow/checkout/look into for such things and possible contributions for fixups? Having a git log to look into would be very helpful to identify things that only recently broke.

Unfortunately there is no public repository available for the feed and contributions are only possible by posting in this community portal category (this is currently out of the control of the team working on the Feed).

For the Gentoo topic i can say that pkg-lib-gentoo.inc handling package checks for Gentoo hasn’t been changed for years, similar with the LSC for Gentoo as well.

I guess something in the syntax for the Gentoo package manager output, the package names or similar might have been changed which could cause this behavior. A specific version of the python packages now introduced / existing which wasn’t covered / can’t be handle by pkg-lib-gentoo.inc could be another reason.