Change log for nagios package in Ubuntu
| 1 → 19 of 19 results | First • Previous • Next • Last |
nagios (2:1.3-cvs.20050402-8ubuntu8) dapper-security; urgency=low
* SECURITY UPDATE: authorization check bypass via custom form or
browser addon
- debian/patches/20_SECURITY_CVE-2008-5027.dpatch:
- cgi/cmd.c: strip semicolons and newlines in commit_command().
- CVE-2008-5027
* debian/rules: do not update po tree for security updates.
-- Marc Deslauriers <email address hidden> Thu, 18 Dec 2008 10:18:15 -0500
Available diffs
| Deleted in hardy-release (Reason: (From Debian) RoM; deprecated by nagios{2,3}) |
nagios (2:1.4-3.1ubuntu2) hardy; urgency=low
* Import fix from debian version 2:1.4-3.2
- Fix unconditional use of ucf in postrm
-- Albin Tonnerre <email address hidden> Wed, 06 Feb 2008 21:24:47 +0100
nagios (2:1.4-3.1ubuntu1) gutsy; urgency=low
* Merge from debian unstable, remaining changes:
- debian/nagios-common.config: Use Apache2 by default.
- debian/nagios-common.nagios.init: Create /var/run/nagios with the right
permissions.
- Update maintainer to match Debian Maintainer Field Spec.
* debian/control: Prefer apache2 as web server (not apache).
* Drop dbconfig-common from Depends: to Suggests: and enclose all the
invocations of it in {my,pg}sql.{postinst,prerm} in a test whether it is
installed. dbconfig-common is currently in universe and considered too
crackful, and it does not even work OOTB (tested with the PostgreSQL
module).
nagios (2:1.4-3ubuntu1) feisty; urgency=low
* Merge to Debian unstable; remaining Ubuntu changes:
- debian/nagios-common.config: Use Apache2 by default.
- debian/nagios-common.nagios.init: Create /var/run/nagios with the right
permissions.
* debian/control: Prefer apache2 as web server (not apache).
* Drop dbconfig-common from Depends: to Suggests: and enclose all the
invocations of it in {my,pg}sql.{postinst,prerm} in a test whether it is
installed. dbconfig-common is currently in universe and considered too
crackful, and it does not even work OOTB (tested with the PostgreSQL
module).
nagios (2:1.4-1ubuntu1) edgy; urgency=low
* Merge to Debian unstable; remaining Ubuntu changes:
- debian/nagios-common.config: Use Apache2 by default.
- debian/nagios-common.nagios.init: Create /var/run/nagios with the right
permissions.
* debian/control: Prefer apache2 as web server (not apache).
* Drop dbconfig-common from Depends: to Suggests: and enclose all the
invocations of it in {my,pg}sql.{config,postinst,prerm,postrm} in a test
whether it is installed. dbconfig-common is currently in universe and
considered too crackful, and it does not even work OOTB (tested with the
PostgreSQL module).
| Obsolete in breezy-security |
nagios (2:1.3-cvs.20050402-4ubuntu3.2) breezy-security; urgency=low
* SECURITY UPDATE: Remote arbitrary code execution with web servers that do
not check for bogus Content-Length headers (Apache 2 does).
* debian/patches/11_getcgi-negative-content-length.dpatch:
- Check for invalid large Content-Length values, too.
- Abort with a proper error message on invalid Content-Length values
instead of silently correcting it to 0.
* CVE-2006-2489
-- Martin Pitt <email address hidden> Wed, 24 May 2006 10:46:51 +0000
| Obsolete in hoary-security |
nagios (2:1.3-0+pre6ubuntu0.2) hoary-security; urgency=low
* SECURITY UPDATE: Remote arbitrary code execution with web servers that do
not check for bogus Content-Length headers (Apache 2 does).
* debian/patches/11_getcgi-negative-content-length.dpatch:
- Check for invalid large Content-Length values, too.
- Abort with a proper error message on invalid Content-Length values
instead of silently correcting it to 0.
* CVE-2006-2489
-- Martin Pitt <email address hidden> Wed, 24 May 2006 10:49:25 +0000
nagios (2:1.3-cvs.20050402-8ubuntu7) dapper; urgency=low
* SECURITY UPDATE: Remote arbitrary code execution with web servers that do
not check for bogus Content-Length headers (Apache 2 does).
* debian/patches/14_getcgi-negative-content-length.dpatch:
- Check for invalid large Content-Length values, too.
- Abort with a proper error message on invalid Content-Length values
instead of silently correcting it to 0.
* CVE-2006-2489
-- Martin Pitt <email address hidden> Tue, 23 May 2006 13:06:56 +0200
| Superseded in breezy-security |
nagios (2:1.3-cvs.20050402-4ubuntu3.1) breezy-security; urgency=low
* SECURITY UPDATE: Remote arbitrary code execution with web servers that do
not check for bogus Content-Length headers (Apache 2 does).
* Add debian/patches/11_getcgi-negative-content-length.dpatch:
- cgi/getcgi.c: Check for negative Content-Length values to avoid buffer
overflow.
* CVE-2006-2162
-- Martin Pitt <email address hidden> Mon, 8 May 2006 07:17:00 +0000
| Superseded in hoary-security |
nagios (2:1.3-0+pre6ubuntu0.1) hoary-security; urgency=low
* SECURITY UPDATE: Remote arbitrary code execution with web servers that do
not check for bogus Content-Length headers (Apache 2 does).
* Add debian/patches/11_getcgi-negative-content-length.dpatch:
- cgi/getcgi.c: Check for negative Content-Length values to avoid buffer
overflow.
* CVE-2006-2162
-- Martin Pitt <email address hidden> Mon, 8 May 2006 07:19:12 +0000
| Superseded in dapper-release |
nagios (2:1.3-cvs.20050402-8ubuntu6) dapper; urgency=low
* SECURITY UPDATE: Remote arbitrary code execution with web servers that do
not check for bogus Content-Length headers (Apache 2 does).
* Add debian/patches/14_getcgi-negative-content-length.dpatch:
- cgi/getcgi.c: Check for negative Content-Length values to avoid buffer
overflow.
* CVE-2006-2162
-- Martin Pitt <email address hidden> Mon, 8 May 2006 09:22:15 +0200
| Superseded in dapper-release |
nagios (2:1.3-cvs.20050402-8ubuntu5) dapper; urgency=low * Fix permissions of /var/run/nagios -- Scott James Remnant <email address hidden> Wed, 19 Apr 2006 14:39:34 +0100
| Superseded in dapper-release |
nagios (2:1.3-cvs.20050402-8ubuntu4) dapper; urgency=low * Create /var/run/nagios in the init script. -- Scott James Remnant <email address hidden> Tue, 11 Apr 2006 02:15:05 +0100
| Superseded in dapper-release |
nagios (2:1.3-cvs.20050402-8ubuntu3) dapper; urgency=low * Rebuild against the new libmysqlclient15off with correct symbols. -- Adam Conrad <email address hidden> Thu, 6 Apr 2006 12:48:36 +1000
| Superseded in dapper-release |
nagios (2:1.3-cvs.20050402-8ubuntu2) dapper; urgency=low * Build against libmysqlclient15. -- Martin Pitt <email address hidden> Thu, 2 Feb 2006 16:37:15 +0000
nagios (2:1.3-cvs.20050402-8ubuntu1) dapper; urgency=low
* Resynchronise with Debian.
* debian/control: Change build dep postgresql-dev to libpq-dev to get rid of
the transitional postgresql package in main.
-- Martin Pitt <email address hidden> Thu, 10 Nov 2005 14:28:44 -0500
| Obsolete in breezy-release |
nagios (2:1.3-cvs.20050402-4ubuntu3) breezy; urgency=low * Really get the default in, by hardcoding it in the template too. -- Adam Conrad <email address hidden> Wed, 12 Oct 2005 00:59:10 +1000
| Obsolete in hoary-release |
nagios (2:1.3-0+pre6) unstable; urgency=medium
* Sean Finney:
- another path fix, this time in obsessive_svc_handler. thanks
to Ragnar Wisloff <email address hidden> (closes: #284472).
- don't freak out if the htpasswd file exists but doesn't have
a nagiosadmin account.
- fix for installs where nagios was configured via debconf to use
a combination of apache that no longer exists on the server.
thanks to Brian C. DeRocher <email address hidden>.
(closes: #284949). upload priority set to medium, as it
fixes an RC bug.
-- Sean Finney <email address hidden> Mon, 06 Dec 2004 18:22:51 -0500
nagios (2:1.2-3.3) unstable; urgency=low
* NMU to fix some errors made in the previous one
* Correct typos in update-nagios script (closes: #254156)
* Don't ship checkcomamnds.cfg during installation
- This prevents dpkg from asking the modifed conffile question
* Convert changelog to utf-8
-- Guido Trotter <email address hidden> Sun, 13 Jun 2004 17:41:54 +0200
| 1 → 19 of 19 results | First • Previous • Next • Last |
