Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
patchinfo.8906
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.8906
<patchinfo incident="8906"> <issue tracker="bnc" id="1011630">VUL-0: CVE-2016-8641: icinga,nagios: Unsafe ownership change leading to privilege escalation</issue> <issue tracker="bnc" id="961115">VUL-1: CVE-2016-0726: icinga: Configured administrative account with fixed password and no IP restriction as default</issue> <issue tracker="bnc" id="1018047">VUL-1: CVE-2016-10089: nagios,icinga: root privilege escalation (hardlink)</issue> <issue tracker="bnc" id="952777">VUL-0: CVE-2015-8010: icinga: XSS in Icinga Classic-UI</issue> <issue tracker="cve" id="2016-10089"/> <issue tracker="cve" id="2016-8641"/> <issue tracker="cve" id="2016-0726"/> <issue tracker="cve" id="2015-8010"/> <category>security</category> <rating>moderate</rating> <packager>lrupp</packager> <description>This update for icinga fixes the following issues: Update to 1.14.0 - CVE-2015-8010: Fixed XSS in the icinga classic UI (boo#952777) - CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root (boo#1011630 and boo#1018047) - CVE-2016-0726: removed the pre-configured administrative account with fixed password for the WebUI - (boo#961115) </description> <summary>Security update for icinga</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor