[Pkg-nagios-devel] Bug#845777: nagios3: seriously buggy (7 open CVEs) should not be shipped like this in stretch
Holger Levsen
holger at layer-acht.org
Sat Nov 26 16:34:59 UTC 2016
package: src:nagios3
severity: serious
version: 3.5.1.dfsg-2
Hi,
according to https://security-tracker.debian.org/tracker/source-package/nagios3
nagios3 in stable, stretch and unstable is affected by
CVE-2016-6209
CVE-2014-1878
CVE-2013-7205
CVE-2013-7108
CVE-2013-7107
CVE-2013-4214
and another unimportant CVE (CVE-2008-5027), so it's high time this
package (in this state) gets removed from stretch.
Upstream has also abendonded it and is developing nagios4.
Please also see #845765.
For stretch users, it's recommend to switch to icinga2, which is largely
compatible.
--
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20161126/8db2bb09/attachment.sig>
More information about the Pkg-nagios-devel
mailing list