Bug#698119: nagios-plugins-standard: Enable --extra-opts in Debian nagios plugins

[Alex Dehnert]

Package: nagios-plugins-standard
Version: 1.4.15-3squeeze1
Severity: normal

Upstream nagios has a config option for support the --extra-opts argument,
which allows storing extra options in a file (see
http://nagiosplugins.org/extra-opts). This is very helpful when using the mysql
nagios plugin, which requires a password --- I can stick my check definition in
nrpe.cfg, but read passwords out of a separate file (and avoid putting the
password in ps -AF output). It would be great if Debian could enable support
for this option prior to 1.5's release (when it will become the default) ---
Fedora already does enable it.

-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages nagios-plugins-standard depends on:
ii  libc6  2.11.3-4  Embedded GNU C Library: Shared lib
ii  libldap-2.4-2  2.4.23-7.2OpenLDAP libraries
ii  libmysqlclient16   5.1.66-0+squeeze1 MySQL database client library
ii  libpq5 8.4.13-0squeeze1  PostgreSQL C client library
ii  libradiusclient-ng20.5.6-1.1 Enhanced RADIUS client library
ii  nagios-plugins-basic   1.4.15-3squeeze1  Plugins for the nagios network mon
ii  ucf3.0025+nmu1   Update Configuration File: preserv

Versions of packages nagios-plugins-standard recommends:
ii  bind9-host [host 1:9.7.3.dfsg-1~squeeze8 Version of 'host' bundled with BIN
ii  dnsutils 1:9.7.3.dfsg-1~squeeze8 Clients provided with BIND
ii  fping2.4b2-to-ipv6-16.1  sends ICMP ECHO_REQUEST packets to
ii  host 1:9.7.3.dfsg-1~squeeze8 Transitional package
ii  libnet-snmp-perl 5.2.0-4 Script SNMP connections
ii  qstat2.11-3  Command-line tool for querying qua
ii  smbclient2:3.5.6~dfsg-3squeeze8  command-line SMB/CIFS clients for 
ii  snmp 5.4.3~dfsg-2SNMP (Simple Network Management Pr
ii  whois5.0.10  an intelligent whois client

Versions of packages nagios-plugins-standard suggests:
ii  exim4-daemon-light   4.72-6+squeeze3 lightweight Exim MTA (v4) daemon
pn  nagios3(no description available)

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#632399: tomcat6-admin doesn't use CSRF protections

[Alex Dehnert]

Package: tomcat6-admin
Version: 6.0.28-9+squeeze1
Severity: normal
Tags: security

According to the upstream changelog
(http://tomcat.apache.org/tomcat-6.0-doc/changelog.html), Tomcat 6.0.30 fixed a
CSRF vulnerability in the manager application. The Debian package does not have
these protections.

-- System Information:
Debian Release: 6.0.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages tomcat6-admin depends on:
ii  tomcat6-common 6.0.28-9+squeeze1 Servlet and JSP engine -- common f

tomcat6-admin recommends no packages.

tomcat6-admin suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org