From dd5bdb8d48e4c9821a370e205cc0eb65615b09e7 Mon Sep 17 00:00:00 2001 From: Aldas Nabazas Date: Sat, 26 Apr 2008 19:30:50 +0200 Subject: [PATCH] [nagios] Updated (2.5 -> 3.0.1) : SECURITY - MEDIUM CVE-2007-5624 (Medium) : Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts. CVE-2008-1360 (Medium) : Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624. --- monitor/nagios/nagios.desc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/monitor/nagios/nagios.desc b/monitor/nagios/nagios.desc index a31472120..d1910d14d 100644 --- a/monitor/nagios/nagios.desc +++ b/monitor/nagios/nagios.desc @@ -2,6 +2,7 @@ [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch. [COPY] [COPY] Filename: package/.../nagios/nagios.desc +[COPY] Copyright (C) 2008 The OpenSDE Project [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project [COPY] [COPY] More information can be found in the files COPYING and README. @@ -11,6 +12,7 @@ [COPY] the Free Software Foundation; version 2 of the License. A copy of the [COPY] GNU General Public License can be found in the file COPYING. [COPY] --- SDE-COPYRIGHT-NOTE-END --- + [I] Nagios host and service monitor [T] NagiosŪ is a host and service monitor designed to inform you of @@ -36,7 +38,7 @@ [L] OpenSource [S] Stable -[V] 2.5 +[V] 3.0.1 [P] X -----5---9 200.400 -[D] 2171406968 nagios-2.5.tar.gz http://dl.sourceforge.net/sourceforge/nagios/ +[D] 769663844 nagios-3.0.1.tar.gz http://dl.sourceforge.net/sourceforge/nagios/