Debian
icinga package

Branches for Wheezy

Name Status Last Modified Last Commit
lp:debian/wheezy/icinga 1 Development 2014-06-11 10:44:57 UTC
34. * Fix multiple stack-based buffer ove...

Author: Alexander Wirt
Revision Date: 2014-06-11 10:44:57 UTC

* Fix multiple stack-based buffer overflows in cgiutils.c
  and config.c. This is a fix for CVE-2013-7106
* Fix CSRF vulnerability in cmd.cgi.
  This is a fix for CVE-2013-7107
* Fix multiple off-by-one errors in process_cgivars().
  This is a fix for CVE-2013-7108
* Fix stack bases overflow in cmd_submitf() from cmd.c.
  This is a fix for CVE-2014-1878
* Fix buffer overflows when checking strlen against MAX_INPUT_BUFFER in
  cgiutils.c. This is a fix for CVE-2014-2386

Thanks to Moritz Muehlenhoff for providing those patches.
11 of 1 result FirstPreviousNextLast