[Pkg-nagios-devel] Bug#447639: nagios-plugins: incomplete fix for CVE-2007-5198

Jamie Strandboge jamie at strandboge.com
Mon Oct 22 19:17:46 UTC 2007

Package: nagios-plugins
Version: 1.4.8-2.1
Severity: important

The security fix for nagios-plugins (1.4.8-2.1) does not contain the complete
fix for CVE-2007-5198.  Relevant svn commits are r1740, r1742 and r1807.  It
appears that the patch contains the fixes for r1740 and r1742, but not r1807.

Please see:

Attached is the svn commit for this issue.

-- System Information:
Debian Release: lenny/sid
  APT prefers gutsy-updates
  APT policy: (500, 'gutsy-updates'), (500, 'gutsy-security'), (500, 'gutsy')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-14-386
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: r1807.diff
Type: text/x-c
Size: 947 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20071022/793f77be/attachment.bin 

More information about the Pkg-nagios-devel mailing list