Accepted nagios-plugins 1.4.3.0cvs.20060707-3ubuntu0.1 (source)
Ubuntu Installer
archive at ubuntu.com
Mon Oct 22 18:55:45 BST 2007
Accepted:
OK: nagios-plugins_1.4.3.0cvs.20060707.orig.tar.gz
OK: nagios-plugins_1.4.3.0cvs.20060707-3ubuntu0.1.diff.gz
OK: nagios-plugins_1.4.3.0cvs.20060707-3ubuntu0.1.dsc
-> Component: universe Section: net
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 17 Oct 2007 17:07:05 -0400
Source: nagios-plugins
Binary: nagios-plugins nagios-plugins-basic nagios-plugins-standard
Architecture: source
Version: 1.4.3.0cvs.20060707-3ubuntu0.1
Distribution: edgy-security
Urgency: low
Maintainer: Jamie Strandboge <jamie at ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
nagios-plugins - Plugins for the nagios network monitoring and management system
nagios-plugins-basic - Plugins for the nagios network monitoring and management system
nagios-plugins-standard - Plugins for the nagios network monitoring and management system
Changes:
nagios-plugins (1.4.3.0cvs.20060707-3ubuntu0.1) edgy-security; urgency=low
.
* SECURITY UPDATE: denial of service via multiple HTTPS redirects
* debian/patches/24_SECURITY_LP153697.dpatch: set SSL context and SSL
connection to NULL in np_net_ssl_cleanup()
* SECURITY UPDATE: denial of service via multiple redirects
* debian/patches/25_SECURITY_LP153703.dpatch: fix off-by-one error to
re-allocate the proper amount of memory in redir()
* SECURITY UPDATE: denial of service and possible arbitrary code execution
as the user in check_http.c via crafted Location Header
* debian/patches/26_SECURITY_CVE-2007-5198.dpatch: properly validate
Location header in redir(). Thanks to Luca Falavigna for preliminary
patches.
* References
LP: #153697
LP: #153703
CVE-2007-5198
LP: #152624
Files:
74ddde53e2c3296499c8728edaff1636 1103 net extra nagios-plugins_1.4.3.0cvs.20060707-3ubuntu0.1.dsc
75cf8d8101c9e7d728a82bf1edcf93a9 20815 net extra nagios-plugins_1.4.3.0cvs.20060707-3ubuntu0.1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHF8RXH/9LqRcGPm0RAlIqAJ96Gl8jcGljXA6vUDBXXpNbheVgNwCfa/yH
Qsns6+0+FMLOocgfAF/nk2c=
=+zYh
-----END PGP SIGNATURE-----
More information about the edgy-changes
mailing list