[Pkg-nagios-devel] Bug#697930: Bug#697930: nagios3: CVE-2012-6096
Alexander Wirt
formorer at debian.org
Sat Jan 12 17:12:03 UTC 2013
On Fri, 11 Jan 2013, Jonathan Wiltshire wrote:
> Control: found -1 3.2.1-2
>
> On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
> >Package: nagios3
> >Severity: grave
> >Tags: security
> >Justification: user security hole
> >
> >This was assigned CVE-2012-6096:
> >
> >http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
> >
> >Fix:
> >
> >http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
>
> I tested against squeeze and reproduced the problem. We use nagios
> at work so I'm happy to prepare DSA packages if required.
tests in the icinga team revealed the patch is probably incomplete. So please
don't upload with the patch currently provided unless our tests are finished.
Alex
More information about the Pkg-nagios-devel
mailing list