[Pkg-nagios-devel] Bug#970252: Bug#970252: Bug#970252: CVE-2020-14004

Sebastiaan Couwenberg sebastic at xs4all.nl
Mon Sep 14 06:09:05 BST 2020


On 9/14/20 6:38 AM, Sebastiaan Couwenberg wrote:
> On 9/14/20 5:41 AM, Sebastiaan Couwenberg wrote:
>> On 9/13/20 10:39 PM, Moritz Muehlenhoff wrote:
>>> Please see https://www.openwall.com/lists/oss-security/2020/06/12/1
>>
>> This is fixed upstream in:
>>
>>  v2.12.0 v2.11.5 v2.11.4
>>
>> The former is already in experimental, and the 2.11 package in unstable
>> will be updated to .5 to have the fix as well.
> 
> icinga2 (2.11.5-1) has been uploaded to unstable.

The update for buster is also available:

 https://salsa.debian.org/nagios-team/pkg-icinga2/-/commits/buster

Is it alright to upload the -sa build to security-master?

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1



More information about the Pkg-nagios-devel mailing list