[ubuntu/xenial-security] nagios3 3.5.1.dfsg-2.1ubuntu1.1 (Accepted)

Mon, 03 Apr 2017 10:30:46 -0700 

nagios3 (3.5.1.dfsg-2.1ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: off-by-one errors leading to DoS or info disclosure
    - debian/patches/CVE-2013-7xxx.patch: fix off-by-ones and check length
      in cgi/avail.c, cgi/cmd.c, cgi/config.c, cgi/extinfo.c,
      cgi/histogram.c, cgi/notifications.c, cgi/outages.c, cgi/status.c,
      cgi/statusmap.c, cgi/statuswml.c, cgi/summary.c, cgi/trends.c,
      contrib/daemonchk.c.
    - CVE-2013-7108
    - CVE-2013-7205
  * SECURITY UPDATE: DoS via long message to cmd.cgi
    - debian/patches/CVE-2014-1878.patch: check len in cgi/cmd.c.
    - CVE-2014-1878
  * SECURITY UPDATE: symlink attack on log file
    - debian/patches/CVE-2016-9566.patch: safely handle log file in
      base/logging.c.
    - CVE-2016-9566

Date: 2017-03-31 20:06:13.426678+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/nagios3/3.5.1.dfsg-2.1ubuntu1.1

Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to