Ansible Playbook

The script additionally automates the process of scanning Ansible-managed hosts for the specified vulnerability and applies necessary updates to mitigate any found issues.

Features:

• User Input Flexibility: Users can now specify paths for input and output files at runtime, with default paths provided to streamline operations.
• Automated Vulnerability Scanning: The script checks all hosts in the provided Ansible inventory for the CVE-2024-3094 vulnerability.
• Conditional Remediation Execution: Users can choose to automatically run remediation playbooks on detected vulnerable hosts or manually initiate the remediation process.
• Enhanced User Notifications: The script includes clear, informative notifications regarding the progress and outcomes of the scanning and remediation processes.
• Efficient Error Handling: The script will exit safely and notify the user if no vulnerable hosts are found, avoiding unnecessary operations.

1.1.1: Update CVE-2024-3094.sh

Enhanced Security with Improved Detection Mechanism

• We've enhanced security by querying the installed xz version using the system's package manager, avoiding the execution of a potentially vulnerable binary.

Expanded Compatibility Across Linux Distributions

• The script now accurately detects and supports a wide range of Linux distributions, including Debian, Ubuntu, Kali Linux, CentOS, Fedora, RHEL, Rocky Linux, and OpenSUSE, thanks to a refined detection mechanism.

Upgrade First Approach

• The script attempts to upgrade xz to the latest available version through the system's package manager before considering downgrading to a safe version. This keeps systems up-to-date with recent xz releases, resorting to the specified stable version only when an upgrade isn't possible.

v1.1.0

Enhanced OS and Package Manager Support

• Original: The script did not include logic to detect the operating system or package manager.
• New: Added functionality to detect the operating system and determine the appropriate package manager. Now supports apt-get for Debian-based distributions (including Kali Linux), dnf or yum for Red Hat-based distributions (including CentOS, Fedora, and Rocky Linux), and zypper for OpenSUSE.

Updated Stable Version Download URL

• Original: The stable version download URL was pointed to GitHub.
• New: Updated the URL to source the stable version of xz from SourceForge, providing a more direct and reliable source for the download.

Installation Process Improvements

• Original: The script's focus was solely on downloading and compiling the stable version without considering the distribution-specific package management.
• New: Maintained the compile and install approach but structured the script to integrate better with future enhancements that could leverage native package management for installation where possible.

User Interaction for System Reboot

• Original: There was no prompt for the user to reboot the system after installing the stable version of xz.
• New: Added a prompt to reboot the system after successful installation of the stable xz version, ensuring that any changes are properly applied system-wide.

Script Usability and Messaging

• Original: Limited feedback was provided to the user regarding the status of the script's operations and next steps.
• New: Enhanced messaging throughout the script provides clearer feedback to the user about each step's success or failure, including instructions for manual intervention if needed.

v1.0.0

It's does what it supposed to do in a very simple way.