Overview
Request 892196 accepted
This Nagios upgrade sums up multiple security fixes and other important
changes.
Security issues fixed in this upgrade:
* bsc#1172794 / CVE-2020-13977: Fixed postauth vulnerabilities in
histogram.js, map.js, trends.js
* bsc#989759 / CVE-2016-6209 : The "corewindow" parameter has been
disabled by default
* bsc#1014637 / CVE-2016-9566 : Fixed another root privilege escalation
* bsc#1182398 : nagios_upgrade.sh writing to log file in user controlled
directory
Additional fixes:
* bsc#1003362 : new nagios-exec-start-post script
* Fixed Map display in Internet Explorer 11
* Fixed duplicate properties appearing in statusjson.cgi
* Fixed build process when using GCC 10
* Fixed HARD OK states triggering on the maximum check attempt
~
Request History
lrupp created request
This Nagios upgrade sums up multiple security fixes and other important
changes.
Security issues fixed in this upgrade:
* bsc#1172794 / CVE-2020-13977: Fixed postauth vulnerabilities in
histogram.js, map.js, trends.js
* bsc#989759 / CVE-2016-6209 : The "corewindow" parameter has been
disabled by default
* bsc#1014637 / CVE-2016-9566 : Fixed another root privilege escalation
* bsc#1182398 : nagios_upgrade.sh writing to log file in user controlled
directory
Additional fixes:
* bsc#1003362 : new nagios-exec-start-post script
* Fixed Map display in Internet Explorer 11
* Fixed duplicate properties appearing in statusjson.cgi
* Fixed build process when using GCC 10
* Fixed HARD OK states triggering on the maximum check attempt
~
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
maintbot added factory-source as a reviewer
maintbot accepted review
ok
factory-source added backports-reviewers as a reviewer
Automated review failed. Needs fallback reviewer.
factory-source accepted review
the package needs to be accepted in openSUSE:Factory or openSUSE:Factory or openSUSE:Factory or openSUSE:Factory first
bigironman accepted review
ok
bigironman approved review
ok
bigironman accepted request
ok
home:lrupp:branches:OBS_Maintained:nagios/nagios.openSUSE_Backports_SLE-15-SP1_Update@09b7a601049fc5f4fa144f7df8a275bd -> openSUSE:Backports:SLE-15-SP1:Update/nagios
expected origin is 'openSUSE:Leap:15.1' (changed)