[Pkg-nagios-devel] Bug#697930: nagios3: CVE-2012-6096

Jonathan Wiltshire jmw at debian.org
Fri Jan 11 15:56:25 UTC 2013


Control: found -1 3.2.1-2

On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
> Package: nagios3
> Severity: grave
> Tags: security
> Justification: user security hole
>
> This was assigned CVE-2012-6096:
> 
> http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
>
> Fix:
> 
> http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547

I tested against squeeze and reproduced the problem. We use nagios at 
work so I'm happy to prepare DSA packages if required.

-- 
Jonathan Wiltshire                                      jmw at debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

<directhex> i have six years of solaris sysadmin experience, from
             8->10. i am well qualified to say it is made from bonghits
			layered on top of bonghits



More information about the Pkg-nagios-devel mailing list