[Pkg-nagios-devel] Bug#447639: nagios-plugins: incomplete fix for CVE-2007-5198
Jamie Strandboge
jamie at strandboge.com
Mon Oct 22 19:17:46 UTC 2007
Package: nagios-plugins
Version: 1.4.8-2.1
Severity: important
The security fix for nagios-plugins (1.4.8-2.1) does not contain the complete
fix for CVE-2007-5198. Relevant svn commits are r1740, r1742 and r1807. It
appears that the patch contains the fixes for r1740 and r1742, but not r1807.
Please see:
http://sourceforge.net/tracker/index.php?func=detail&aid=1813346&group_id=29880&atid=397597
Attached is the svn commit for this issue.
-- System Information:
Debian Release: lenny/sid
APT prefers gutsy-updates
APT policy: (500, 'gutsy-updates'), (500, 'gutsy-security'), (500, 'gutsy')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-14-386
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: r1807.diff
Type: text/x-c
Size: 947 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20071022/793f77be/attachment.bin
More information about the Pkg-nagios-devel
mailing list