- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2019-376ecc221c
2019-01-30 02:06:12.445567
——————————————————————————–
Name : nagios
Product : Fedora 29
Version : 4.4.3
Release : 1.fc29
URL : https://www.nagios.org/projects/nagios-core/
Summary : Host/service/network monitoring program
Description :
Nagios is a program that will monitor hosts and services on your
network. It has the ability to send email or page alerts when a
problem arises and when a problem is resolved. Nagios is written
in C and is designed to run under Linux (and some other *NIX
variants) as a background process, intermittently running checks
on various services that you specify.
The actual service checks are performed by separate “plugin” programs
which return the status of the checks to Nagios. The plugins are
available at https://github.com/nagios-plugins/nagios-plugins
This package provides the core program, web interface, and documentation
files for Nagios. Development files are built as a separate package.
——————————————————————————–
Update Information:
Incorporate many fixes from Justin Paulsen <petaris@gmail.com> THANKS!!! —-
Updates to nagios-4.4.2 which is a major update. Fixes CVE’s CVE-2018-13441
CVE-2016-8641
——————————————————————————–
ChangeLog:
* Wed Jan 16 2019 Stephen Smoogen <smooge@fedoraproject.org> – 4.4.3-1
– Incorporate many fixes from Justin Paulsen <petaris@gmail.com> THANKS!!!
– Update to 4.4.3 for CVE fixes
– BZ#1661479
– BZ#1661480
– BZ#1665200
– BZ#1665201
– BZ#1665206
– BZ#1665207
– BZ#1665209
– BZ#1665210
– Fix BZ#1666209 Add RuntimeDirectory too systemd
* Fri Nov 30 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.4.2-3
– Remove systemd startup since built in works properly
– Incorporate fixes from patch14 into patch9
* Thu Nov 29 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.4.2-2
– Fix init-type and initdir for systemd and sysv
* Wed Nov 28 2018 Justin Paulsen <petaris@gmail.com> 4.4.2-1
– Bumped to version 4.4.2
– Updated patches 0001,0002,0003,0006,0009,0010,0011 to reflect upstream changes
– Updates to nagios.spec (this file) to cleanup un-needed elements and
adjust/fix as required
– As a result of the cleanup I have added a patch nagios-0014-fix-resource.cfg-path.patch
——————————————————————————–
References:
[ 1 ] Bug #1661479 – CVE-2018-18245 nagios: Stored XSS via Plugin Output [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661479
[ 2 ] Bug #1661480 – CVE-2018-18245 nagios: Stored XSS via Plugin Output [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661480
[ 3 ] Bug #1665200 – CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665200
[ 4 ] Bug #1665201 – CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665201
[ 5 ] Bug #1665206 – CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665206
[ 6 ] Bug #1665207 – CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665207
[ 7 ] Bug #1665209 – CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665209
[ 8 ] Bug #1665210 – CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665210
[ 9 ] Bug #1666209 – Nagios cannot start after system reboot because of missing directory
https://bugzilla.redhat.com/show_bug.cgi?id=1666209
[ 10 ] Bug #1593048 – nagios-4.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1593048
[ 11 ] Bug #1647765 – Memory leak in nagios
https://bugzilla.redhat.com/show_bug.cgi?id=1647765
[ 12 ] Bug #1482407 – nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc
https://bugzilla.redhat.com/show_bug.cgi?id=1482407
[ 13 ] Bug #1506423 – Nagios regularly crashes with SIGSEGV after couple of weeks of starting.
https://bugzilla.redhat.com/show_bug.cgi?id=1506423
[ 14 ] Bug #1592594 – nagios spool files in wrong location by default, causing SELinux violations
https://bugzilla.redhat.com/show_bug.cgi?id=1592594
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-376ecc221c’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2019-0b44528ff1
2019-01-30 01:31:27.440907
——————————————————————————–
Name : nagios
Product : Fedora 28
Version : 4.4.3
Release : 1.fc28
URL : https://www.nagios.org/projects/nagios-core/
Summary : Host/service/network monitoring program
Description :
Nagios is a program that will monitor hosts and services on your
network. It has the ability to send email or page alerts when a
problem arises and when a problem is resolved. Nagios is written
in C and is designed to run under Linux (and some other *NIX
variants) as a background process, intermittently running checks
on various services that you specify.
The actual service checks are performed by separate “plugin” programs
which return the status of the checks to Nagios. The plugins are
available at https://github.com/nagios-plugins/nagios-plugins
This package provides the core program, web interface, and documentation
files for Nagios. Development files are built as a separate package.
——————————————————————————–
Update Information:
Incorporate many fixes from Justin Paulsen <petaris@gmail.com> THANKS!!! —-
Updates to nagios-4.4.2 which is a major update. Fixes CVE’s CVE-2018-13441
CVE-2016-8641 —- Remove section which unset nagios Fix BZ#1568273
——————————————————————————–
ChangeLog:
* Wed Jan 16 2019 Stephen Smoogen <smooge@fedoraproject.org> – 4.4.3-1
– Incorporate many fixes from Justin Paulsen <petaris@gmail.com> THANKS!!!
– Update to 4.4.3 for CVE fixes
– BZ#1661479
– BZ#1661480
– BZ#1665200
– BZ#1665201
– BZ#1665206
– BZ#1665207
– BZ#1665209
– BZ#1665210
– Fix BZ#1666209 Add RuntimeDirectory too systemd
* Fri Nov 30 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.4.2-3
– Remove systemd startup since built in works properly
– Incorporate fixes from patch14 into patch9
* Thu Nov 29 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.4.2-2
– Fix init-type and initdir for systemd and sysv
* Wed Nov 28 2018 Justin Paulsen <petaris@gmail.com> 4.4.2-1
– Bumped to version 4.4.2
– Updated patches 0001,0002,0003,0006,0009,0010,0011 to reflect upstream changes
– Updates to nagios.spec (this file) to cleanup un-needed elements and
adjust/fix as required
– As a result of the cleanup I have added a patch nagios-0014-fix-resource.cfg-path.patch
* Tue Jul 24 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.3.4-13
– Remove section which unset nagios Fix BZ#1568273
– Remove /etc/nagios/conf.d Fix BZ#1504306
– Change perms on dir Fix BZ#1579935
– Close BZ#1273154
– Hopefully Fix BZ#1201849
– Hopefully Fix BZ#1476238
– Hopefully Fix BZ#1494292
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> – 4.3.4-12
– Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 28 2018 Jitka Plesnikova <jplesnik@redhat.com> – 4.3.4-11
– Perl 5.28 rebuild
* Thu Apr 26 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.3.4-10
– Fix systemd failures due to old versioning.
* Tue Feb 20 2018 Stephen Smoogen <smooge@fedoraproject.org> – 4.3.4-9
– Add buildrequires for gcc
* Thu Feb 8 2018 Fedora Release Engineering <releng@fedoraproject.org> – 4.3.4-8
– Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1661479 – CVE-2018-18245 nagios: Stored XSS via Plugin Output [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661479
[ 2 ] Bug #1661480 – CVE-2018-18245 nagios: Stored XSS via Plugin Output [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1661480
[ 3 ] Bug #1665200 – CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665200
[ 4 ] Bug #1665201 – CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665201
[ 5 ] Bug #1665206 – CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665206
[ 6 ] Bug #1665207 – CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665207
[ 7 ] Bug #1665209 – CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665209
[ 8 ] Bug #1665210 – CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1665210
[ 9 ] Bug #1666209 – Nagios cannot start after system reboot because of missing directory
https://bugzilla.redhat.com/show_bug.cgi?id=1666209
[ 10 ] Bug #1593048 – nagios-4.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1593048
[ 11 ] Bug #1647765 – Memory leak in nagios
https://bugzilla.redhat.com/show_bug.cgi?id=1647765
[ 12 ] Bug #1482407 – nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc
https://bugzilla.redhat.com/show_bug.cgi?id=1482407
[ 13 ] Bug #1506423 – Nagios regularly crashes with SIGSEGV after couple of weeks of starting.
https://bugzilla.redhat.com/show_bug.cgi?id=1506423
[ 14 ] Bug #1592594 – nagios spool files in wrong location by default, causing SELinux violations
https://bugzilla.redhat.com/show_bug.cgi?id=1592594
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-0b44528ff1’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
| Autor | Josip Papratovic |
| Cert id | NCERT-REF-2019-01-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
