[Pkg-nagios-devel] Bug#714171: security uploads for Bug#714171 (nagios3-cgi: CVE-2013-2214: status.cgi lists unauthorized hosts and services in servicegroup view)
Jonas Meurer
jonas at freesources.org
Mon Jul 8 15:21:07 UTC 2013
Hello,
Am 2013-07-03 13:55, schrieb Alexander Wirt:
> Jonas Meurer schrieb am Wednesday, den 03. July 2013:
>
>> Am 2013-06-27 07:51, schrieb owner at bugs.debian.org:
>> >Source: nagios3
>> >Source-Version: 3.4.1-4
>> >
>> >We believe that the bug you reported is fixed in the latest version of
>> >nagios3, which is due to be installed in the Debian FTP archive.
>>
>> Thanks for fixing. Do you intend to backport that fix for squeeze
>> and wheezy? I would recommend to do so. If you like, I can prepare a
>> debdiff for both.
> I am currently very short on time, so yes: that would be appreciated.
I just prepared packages for squeeze-security (3.2.1-2+squeeze2 just
fixing #714171) and wheezy-security (3.4.1-3+wheezy1, fixing #714171 and
#710356).
Debdiffs are attached. Full package sources and binaries for amd64 can
be found at http://people.freesources.org/~mejo/nagios3/
I'll happily upload as soon as I've the ok from security team.
Kind regards,
jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nagios3_3.2.1-2+squeeze2.debdiff
Type: text/x-diff
Size: 3039 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20130708/d807c788/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nagios3_3.4.1-3+wheezy1.debdiff
Type: text/x-diff
Size: 6842 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20130708/d807c788/attachment-0001.diff>
More information about the Pkg-nagios-devel
mailing list