[Pkg-nagios-devel] Bug#697931: Bug#697931: icinga: CVE-2012-6096

Moritz Mühlenhoff jmm at inutil.org
Mon Feb 11 22:25:47 UTC 2013


On Mon, Jan 14, 2013 at 01:17:52PM +0100, Alexander Wirt wrote:
> tag 697931 patch
> thanks
> 
> Alexander Wirt schrieb am Saturday, den 12. January 2013:
> 
> > On Fri, 11 Jan 2013, Moritz Muehlenhoff wrote:
> > 
> > > Package: icinga
> > > Severity: grave
> > > Tags: security
> > > Justification: user security hole
> > > 
> > > This was assigned CVE-2012-6096:
> > > http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
> > > 
> > > Fix:
> > > http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
> > As it currently seems this fix is incomplete. The severity of the problem
> > isn't hat high, so I want to wait until the icinga team has an official
> > patch.
> Ok, I backported the official patch to stable and attached it. Should I
> provide an updated package for security.d.o?

Sorry for the late followup, I thought Jonathan would take care of icinga
as well and overlooked his reply.

Please build with -sa and upload to security-master.

Cheers,
        Moritz



More information about the Pkg-nagios-devel mailing list