[Bug 1279826] Re: CVE-2013-7108
Simon Déziel
1279826 at bugs.launchpad.net
Wed Aug 12 13:04:06 UTC 2015
Seems like there was some confusion here. CVE-2013-7106 affected Icinga
only but CVE-2013-7108 affects both Icinga and Nagios3.
CVE-2013-7108 is still unpatched for Nagios3
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7106
** Also affects: nagios3 (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
- Seems like the version shipped in Ubuntu Precise suffers from CVE-2013-7106 (buffer overflows)
+ Seems like the version shipped in Ubuntu Precise suffers from CVE-2013-7108 (buffer overflows)
1) Description: Ubuntu 12.04.4 LTS
Release: 12.04
2) apt-cache policy icinga
icinga:
- Installed: 1.6.1-2
- Candidate: 1.6.1-2
- Version table:
- *** 1.6.1-2 0
- 500 http://archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages
- 100 /var/lib/dpkg/status
+ Installed: 1.6.1-2
+ Candidate: 1.6.1-2
+ Version table:
+ *** 1.6.1-2 0
+ 500 http://archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages
+ 100 /var/lib/dpkg/status
A lot of info plus patches exist here:
https://dev.icinga.org/issues/5251
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios3 in Ubuntu.
https://bugs.launchpad.net/bugs/1279826
Title:
CVE-2013-7108
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/icinga/+bug/1279826/+subscriptions
More information about the Ubuntu-server-bugs
mailing list