[Pkg-nagios-devel] Bug#865497: CVE-2017-9781 not yet fixed in 1.2.8p26-1?
carnil at debian.org
Fri Oct 6 21:28:15 UTC 2017
Control: notfixed -1 1.2.8p26-1
On Fri, Oct 06, 2017 at 09:09:03PM +0000, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the src:check-mk package:
> #865497: check-mk: CVE-2017-9781: reflected XSS in webapi.py
I looked up the source for 1.2.8p26-1.
The fix for CVE-2017-9781 is
which does not yet seem to be applied to 1.2.8p26-1?
Can you please double-check?
Note, there is a second CVE now for check-mk, that one got addressed
in 1.2.8p26, but it's not clear yet in which version in was
More information about the Pkg-nagios-devel