Login
Newsletter
Werbung

Sicherheit: Pufferüberlauf in Nagios
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in Nagios
ID: FEDORA-2013-0732
Distribution: Fedora
Plattformen: Fedora 18
Datum: Mi, 23. Januar 2013, 06:52
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6096
Applikationen: Nagios

Originalnachricht

Name        : nagios
Product : Fedora 18
Version : 3.4.4
Release : 1.fc18
URL : http://www.nagios.org/
Summary : Nagios monitors hosts and services and yells if somethings breaks
Description :
Nagios is a program that will monitor hosts and services on your
network. It has the ability to send email or page alerts when a
problem arises and when a problem is resolved. Nagios is written
in C and is designed to run under Linux (and some other *NIX
variants) as a background process, intermittently running checks
on various services that you specify.

The actual service checks are performed by separate "plugin" programs
which return the status of the checks to Nagios. The plugins are
available at http://sourceforge.net/projects/nagiosplug.

This package provides the core program, web interface, and documentation
files for Nagios. Development files are built as a separate package.

-------------------------------------------------------------------------------
-
Update Information:

Update to 3.4.4; CVE-2012-6096
-------------------------------------------------------------------------------
-
ChangeLog:

* Sun Jan 13 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.4-1
- Update to 3.4.4
- CVE-2012-6096 (#893269)
* Sun Jan 13 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-5
- Refactored the patch
nagios-0010-Added-several-images-to-the-sample-config.patch
as patch can't create binary files (#875362).
The old patch10 was replaced by
nagios-0010-Added-several-images-to-the-sample-config-revb.patch
and the PNG files included as sources 10, 11, and 12.
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 3.4.3-4
- rebuild against new libjpeg
* Wed Dec 5 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-3
- Use the Apache 2.4 RequireAll authorization container
* Tue Dec 4 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-2
- Apache 2.4 configuration fix for Fedora 18+ (#871438);
Patch nagios-3.4.3-httpd-2.4-and-2.2.patch
* Tue Dec 4 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-1
- Upgrade to 3.4.3
* Sat Nov 10 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.2-1
- Upgrade to 3.4.2
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #893269 - CVE-2012-6096 nagios: stack-based buffer overflow in
history.cgi
https://bugzilla.redhat.com/show_bug.cgi?id=893269
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update nagios' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung