[Pkg-nagios-devel] Bug#697930: nagios3: CVE-2012-6096
Moritz Mühlenhoff
jmm at inutil.org
Sat Feb 2 15:43:20 UTC 2013
On Fri, Feb 01, 2013 at 10:09:34PM +0000, Jonathan Wiltshire wrote:
> On Sun, Jan 20, 2013 at 08:49:26PM +0100, Moritz Mühlenhoff wrote:
> > On Fri, Jan 11, 2013 at 03:56:25PM +0000, Jonathan Wiltshire wrote:
> > > Control: found -1 3.2.1-2
> > >
> > > On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
> > > >Package: nagios3
> > > >Severity: grave
> > > >Tags: security
> > > >Justification: user security hole
> > > >
> > > >This was assigned CVE-2012-6096:
> > > >
> > > >http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
> > > >
> > > >Fix:
> > > >
> > > >http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
> > >
> > > I tested against squeeze and reproduced the problem. We use nagios
> > > at work so I'm happy to prepare DSA packages if required.
> >
> > Jonathan, can you prepare packages for stable-security now that we have
> > a final patch?
>
> Ok, I now have tested packages for stable-security for nagios3, debdiff
> and DSA text attached.
Please upload to security-master.
cheers,
Moritz
More information about the Pkg-nagios-devel
mailing list