[Pkg-nagios-devel] Bug#697930: Bug#697930: nagios3: CVE-2012-6096
Jonathan Wiltshire
jmw at debian.org
Tue Jan 22 15:40:31 UTC 2013
On 2013-01-20 19:54, Alexander Wirt wrote:
> On Sun, 20 Jan 2013, Moritz Mühlenhoff wrote:
>
>> On Fri, Jan 11, 2013 at 03:56:25PM +0000, Jonathan Wiltshire wrote:
>> > Control: found -1 3.2.1-2
>> >
>> > On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
>> > >Package: nagios3
>> > >Severity: grave
>> > >Tags: security
>> > >Justification: user security hole
>> > >
>> > >This was assigned CVE-2012-6096:
>> > >
>> >
>> >http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
>> > >
>> > >Fix:
>> > >
>> >
>> >http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
>> >
>> > I tested against squeeze and reproduced the problem. We use nagios
>> > at work so I'm happy to prepare DSA packages if required.
>>
>> Jonathan, can you prepare packages for stable-security now that we
>> have
>> a final patch?
> We have? We have an icinga patch, its still on my list to check the
> nagios
> patch if it fixes really all problems...
I'm more than happy to test packages at work and write DSA text and so
on but I don't have the knowledge of nagios to be able to do the patch
preparation.
--
Jonathan Wiltshire jmw at debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
<directhex> i have six years of solaris sysadmin experience, from
8->10. i am well qualified to say it is made from bonghits
layered on top of bonghits
More information about the Pkg-nagios-devel
mailing list