[Pkg-nagios-devel] Bug#913142: monitoring-plugins-basic: check_http sending extra CRLF after POST data

[Jan Wagner]

Hi Pierre,

Am 07.11.18 um 14:26 schrieb Pierre TEISSONNIERE:
> Package: monitoring-plugins-basic
> Version: 2.2-3
> Severity: normal
> 
> Dear Maintainer,
> 
>     * What led up to the situation ? Using check_http with POST data
>     * What exactly did you do (or not do) that was effective (or ineffective) ? check_http is used with POST data to check a web application is answerng properly
>     * What was the outcome of this action ? Extra CRLF triggering alarm in WAF because not complying to RFC
>     * What outcome did you expect instead ? Packet not blocked by WAF
> 
> This is a known bug which could lead to security issues (disabled WAF checks to allow requests). cf : https://github.com/nagios-plugins/nagios-plugins/issues/266

I published a new package 2.3.2-1 (to unstable) which tries to solve the 
issue. Can you please test it?

Thanks Jan
-- 
Never write mail to <waja at spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d-@ s+:()>- a+ C++++$ UL++++$ P+ L++++$ !E--- W+++$ N+++ o++ K++ 
!w---? O M+
!V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y+++++
------END GEEK CODE BLOCK------