lp://staging/ubuntu/intrepid-updates/nagios3
- Get this branch:
- bzr branch lp://staging/ubuntu/intrepid-updates/nagios3
Branch merges
Branch information
Recent revisions
- 6. By Marc Deslauriers
-
* SECURITY UPDATE: remote code execution via shell metacharacters.
- debian/patches/ 52_SECURITY_ CVE-2009- 2288.dpatch: make sure host ip
and arguments are valid in cgi/statuswml.c.
- CVE-2009-2288 - 5. By Marc Deslauriers
-
* SECURITY UPDATE: authorization check bypass and arbitrary command
execution via custom form or browser addon (LP: #301542)
- debian/patches/ 50_SECURITY_ CVE-2008- 5027.dpatch:
- cgi/cmd.c: disallow CHANGE commands in commit_command() via new
cmd_submitf() function.
- cgi/cmd.c: strip semicolons in commit_command().
- cgi/cmd.c: strip newlines in write_command_to_file( ).
- added cgi/extcmd_list.c: added extcmd_get_name() used by
cmd_submitf() to validate commands.
- CVE-2008-5027
* SECURITY UPDATE: Cross-site request forgery (CSRF) arbitrary command
execution (LP: #301542)
- debian/patches/ 51_SECURITY_ CVE-2008- 5028.dpatch: disable CMD_CHANGE
commands in base/commands.c
- CVE-2008-5028
* debian/rules: do not update po tree for security updates. - 4. By Stefan Lesicnik
-
* debian/
nagios3- common. prerm:
- Purge fails if /etc/nagios3/apache2. conf
is missing (LP: #256920).
* Update Maintainer. - 3. By Alexander Wirt
-
[ Alexander Wirt ]
* Remove bashism from rules file (Closes: #479324, #478412)
* Set p1.pl DEBUG_LOG_PATH to /var/log/nagios3/ (Closes: #478877)
* Start nagios3 in nagios3.postinst (Closes: #481334)
* Add a patch from Stephane Chazelas which fixes the incluѕion of spurious $
signs into command output (Closes: #479061)[ Jan Wagner ]
* New upstream release (Closes: #485439)
* Fix XSS vulnerability (CVE-2007-5803).
* updated cfg-cgi.cfg.diff, cfg-commands.cfg.diff and cfg-nagios.cfg.diff
for new upstream release and remove version from config files
(Closes: #482178)
* Updating standards version to 3.8.0, no changes needed
* add myself fo Uploaders
* add doc-base support (Closes: #479334)
* replace dependency of mailx with bsd-mailx
* added Vcs- fields into source header's field
* take care if killproc isn't able to stop daemon via stop target of
initscript, thanks Stephen Gran <email address hidden> for providing this fix
(Closes: #479329) - 2. By Alexander Wirt
-
* New upstream version (Closes: #475041)
* Move cfg_dir=/etc/nagios3/ conf.d to the end of nagios.cfg to
allow overwriting variables from nagios.cfg in conf.đ/
* Disable external_commands in nagios.cfg as they are now enabled by
default
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/karmic/nagios3