Paketname
nagios
Datum
2014-05-16
Advisory ID
MDVSA-2014:089
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

Updated nagios packages fix security vulnerability:

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in
Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6,
1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to
cause a denial of service (segmentation fault) via a long message to
cmd.cgi (CVE-2014-1878).

Aktualisierte Pakete

MES5 i586

 60ce30af7d5d0577113a3eb7b5b9590f  mes5/i586/nagios-3.1.2-0.6mdvmes5.2.i586.rpm
 0be8bdf78c4a16041f8cb40ecd32a686  mes5/i586/nagios-devel-3.1.2-0.6mdvmes5.2.i586.rpm
 26f04c99f2e0dd36c07ff5baceaf5da5  mes5/i586/nagios-theme-default-3.1.2-0.6mdvmes5.2.i586.rpm
 c5a82025b52d15d7c1baf75662a2ca76  mes5/i586/nagios-www-3.1.2-0.6mdvmes5.2.i586.rpm 
 b5f59cfd77c07623a4d620154acca490  mes5/SRPMS/nagios-3.1.2-0.6mdvmes5.2.src.rpm

MBS1 x86_64

 37d46d71b801a1d04f391e38cd7a0b5d  mbs1/x86_64/nagios-3.4.4-4.2.mbs1.x86_64.rpm
 a97d21062a8ac761fbb700680b62d1e5  mbs1/x86_64/nagios-devel-3.4.4-4.2.mbs1.x86_64.rpm
 e9c38f5c88d82340db0a48b49f60a1d2  mbs1/x86_64/nagios-www-3.4.4-4.2.mbs1.x86_64.rpm 
 8be9920434af8bb841aec5e6fbb5a95c  mbs1/SRPMS/nagios-3.4.4-4.2.mbs1.src.rpm

MES5 x86_64

 552d4af54e7876595c9ae6dd47948498  mes5/x86_64/nagios-3.1.2-0.6mdvmes5.2.x86_64.rpm
 79544ceabd1a5ddfeb75dbdc9174eed4  mes5/x86_64/nagios-devel-3.1.2-0.6mdvmes5.2.x86_64.rpm
 cac41076c80a3fccb93449074350604c  mes5/x86_64/nagios-theme-default-3.1.2-0.6mdvmes5.2.x86_64.rpm
 446e5864242d2d8e7f57307d7a416eca  mes5/x86_64/nagios-www-3.1.2-0.6mdvmes5.2.x86_64.rpm 
 b5f59cfd77c07623a4d620154acca490  mes5/SRPMS/nagios-3.1.2-0.6mdvmes5.2.src.rpm

Referenzen