Disappointing to see Jessie was released with the check-mk package
missing. This is the third package I've found to be missing since Jessie
was released - I get the feeling the release was perhaps rushed?
Anyway, grievances aside - is there any progress with getting this
packaged for backports?
-
On Fri, 09 Jan 2015 12:09:46 -0800 Matt Taggart wrote:
> Most of the links on
> https://security-tracker.debian.org/tracker/CVE-2014-2330
> https://security-tracker.debian.org/tracker/CVE-2014-2331
>
> don't give any info, the RedHat link is for the full set of things and
> it's not clear to me
I am looking at the CVEs in #742689.
The URL listed
http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
lists 7 problems, but claims that upstream 1.2.2p3 (in sid) fixed 5
of them. The remaining 2 are:
5) Missing CSRF (Cross-Site Request Forgery) token allows execution
of arbitr
3 matches
Mail list logo
