Overview
Request 892199 accepted
This Nagios upgrade sums up multiple security fixes and other important
changes.
Security issues fixed in this upgrade:
* bsc#1172794 / CVE-2020-13977: Fixed postauth vulnerabilities in
histogram.js, map.js, trends.js
* bsc#989759 / CVE-2016-6209 : The "corewindow" parameter has been
disabled by default
* bsc#1014637 / CVE-2016-9566 : Fixed another root privilege escalation
* bsc#1182398 : nagios_upgrade.sh writing to log file in user controlled
directory
Additional fixes:
* bsc#1003362 : new nagios-exec-start-post script
* Fixed Map display in Internet Explorer 11
* Fixed duplicate properties appearing in statusjson.cgi
* Fixed build process when using GCC 10
* Fixed HARD OK states triggering on the maximum check attempt
Request History
lrupp created request
This Nagios upgrade sums up multiple security fixes and other important
changes.
Security issues fixed in this upgrade:
* bsc#1172794 / CVE-2020-13977: Fixed postauth vulnerabilities in
histogram.js, map.js, trends.js
* bsc#989759 / CVE-2016-6209 : The "corewindow" parameter has been
disabled by default
* bsc#1014637 / CVE-2016-9566 : Fixed another root privilege escalation
* bsc#1182398 : nagios_upgrade.sh writing to log file in user controlled
directory
Additional fixes:
* bsc#1003362 : new nagios-exec-start-post script
* Fixed Map display in Internet Explorer 11
* Fixed duplicate properties appearing in statusjson.cgi
* Fixed build process when using GCC 10
* Fixed HARD OK states triggering on the maximum check attempt
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
maintbot accepted review
ok
maintbot approved review
ok
msmeissn moved maintenance target to openSUSE:Maintenance:16258
msmeissn accepted request
accepted request 892199:Thanks!
For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance
home:lrupp:branches:OBS_Maintained:nagios/nagios.openSUSE_Leap_15.2_Update@d5b8820b911262a29a38100026bf7178 -> openSUSE:Leap:15.2:Update/nagios
expected origin is 'None' (unchanged)