File _patchinfo of Package patchinfo.9111

<patchinfo incident="9111">
  <issue tracker="bnc" id="1011630">VUL-0: CVE-2016-8641: icinga,nagios: Unsafe ownership change leading to privilege escalation</issue>
  <issue tracker="bnc" id="1018047">VUL-1: CVE-2016-10089: nagios,icinga: root privilege escalation (hardlink)</issue>
  <issue tracker="bnc" id="952777">VUL-0: CVE-2015-8010: icinga: XSS in Icinga Classic-UI</issue>
  <issue tracker="cve" id="2016-10089"/>
  <issue tracker="cve" id="2016-8641"/>
  <issue tracker="cve" id="2015-8010"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>lrupp</packager>
  <description>This update for icinga fixes the following issues:

Security issues fixed:

- CVE-2015-8010: Fixed XSS in the icinga classic UI (boo#952777)
- CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root (boo#1011630 and boo#1018047)

</description>
  <summary>Security update for icinga</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.9111

Places
