On 2013-01-20 19:54, Alexander Wirt wrote:
On Sun, 20 Jan 2013, Moritz Mühlenhoff wrote:
On Fri, Jan 11, 2013 at 03:56:25PM +0000, Jonathan Wiltshire wrote:
> Control: found -1 3.2.1-2
>
> On 2013-01-11 13:50, Moritz Muehlenhoff wrote:
> >Package: nagios3
> >Severity: grave
> >Tags: security
> >Justification: user security hole
> >
> >This was assigned CVE-2012-6096:
> >
>
>http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
> >
> >Fix:
> >
>
>http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
>
> I tested against squeeze and reproduced the problem. We use nagios
> at work so I'm happy to prepare DSA packages if required.
Jonathan, can you prepare packages for stable-security now that we
have
a final patch?
We have? We have an icinga patch, its still on my list to check the
nagios
patch if it fixes really all problems...
I'm more than happy to test packages at work and write DSA text and so
on but I don't have the knowledge of nagios to be able to do the patch
preparation.
--
Jonathan Wiltshire j...@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
<directhex> i have six years of solaris sysadmin experience, from
8->10. i am well qualified to say it is made from bonghits
layered on top of bonghits
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org