On Fri, 11 Jan 2013, Jonathan Wiltshire wrote: > Control: found -1 3.2.1-2 > > On 2013-01-11 13:50, Moritz Muehlenhoff wrote: > >Package: nagios3 > >Severity: grave > >Tags: security > >Justification: user security hole > > > >This was assigned CVE-2012-6096: > > > >http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html > > > >Fix: > > > >http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547 > > I tested against squeeze and reproduced the problem. We use nagios > at work so I'm happy to prepare DSA packages if required. tests in the icinga team revealed the patch is probably incomplete. So please don't upload with the patch currently provided unless our tests are finished.
Alex -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
