lp:ubuntu/hardy-security/nagios2
- Get this branch:
- bzr branch lp:ubuntu/hardy-security/nagios2
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 13. By Marc Deslauriers
-
* SECURITY UPDATE: remote code execution via shell metacharacters.
- debian/patches/ 33_CVE_ 2009_2288. dpatch: make sure host ip and
arguments are valid in cgi/statuswml.c.
- CVE-2009-2288 - 12. By Marc Deslauriers
-
* SECURITY UPDATE: authorization check bypass and arbitrary command
execution via custom form or browser addon (LP: #301542)
- debian/patches/ 31_CVE_ 2008_5027. dpatch: cgi/cmd.c: strip semicolons and
newlines in commit_command().
- CVE-2008-5027
* SECURITY UPDATE: Cross-site request forgery (CSRF) arbitrary command
execution (LP: #301542)
- debian/patches/ 32_CVE_ 2008_5028. dpatch: disable CMD_CHANGE commands in
base/commands.c
- CVE-2008-5028
* debian/rules: do not update po tree for security updates. - 11. By Jamie Strandboge
-
* SECURITY UPDATE: fix XSS issues in CGI scripts thanks to Thierry Carrez
* debian/rules: fix nagios2-common upgrade failure. Thanks to Thierry Carrez
* References
CVE-2007-5803
LP: #238516
LP: #220208 - 10. By Chuck Short
-
* debian/
nagios2- common. nagios2. init
- Fix init script pid file. (LP: #174466)
* Update maintainers as per spec. - 9. By Marc Haber <email address hidden>
-
* new upstream version
* remove wrong NOT RELEASED YET entry from 2.10-1 changelog
* Add debian/watch file. Thanks to Raphael Geissert. Closes: #456018
* init script: Tell killproc which daemon to kill.
Thanks to Mark Petersen. Closes: #456958
* Steal copyright file from Nagios3
* Standards-Version: 3.7.3 (no changes necessary)
* Add a description to 10_p1_pl_shebang. dpatch
* Override empty directory warning for usr/share/nagios2/ htdocs/ ssi/
* fix Errors in manpages by removing .Xc[Jan Wagner]
* added Vcs- fields - 8. By Marc Haber <email address hidden>
-
* NOT RELEASED YET
* New upstream release
* Fix XSS vulnerability (CVS-2007-5624). Closes: #448371
* Adapt sample config patches
* Fix permissions on /var/log/nagios2/ archives.
Thanks to Michael Feger. Closes: #429820
* Fix typo in localhost_nagios2. cfg.
Thanks to Justin Pryzby. Closes: #430477.
* New Portuguese debconf translations from Rui Branco and the Traduz
team. Closes: #436155.
* Rearrange apache2.conf so that the Stylesheet alias path is
actually used.
Thanks to Joerg Dorchain. This may fix #420009
* Relax dependency on web server to Recommends. Depend on
apache2-utils since we need htpasswd.
Thanks to Japp Eldering. Closes: #413519
* Move stylesheets to /etc, create a symlink.
Thanks to Joerg Dorchain and Steve Greenland. Closes: #420011
* Fix suboptimal formatting of package descriptions.
Thanks to Sam Morris. Closes: 413494
* debian/control: re-order Source stanza according to dpkg 1.14.7,
add Homepage field. We're going to leave in the Upstream URL in the
package description for a while though.
* Unmark package names for translation in debconf templates.
Thanks to Kobayashi Noritada. Closes: #413127[Jan Wagner]
* fixed README.Debian about setting check_external_commands= 1
(closes: #431953). - 7. By sean finney <email address hidden>
-
* New upstream release (closes: #414647).
* new dutch (nl) debconf translations from cobaco (closes: #414762).
* new japanese (ja) debconf translations from Kobayashi Noritada
(closes: #413122).
* Fix wrong path to debian.gd2 in extinfo_nagios2.cfg (closes: #423639).
[Sean Finney]
* various fixes/cleanups in init script should resolve issues with
pidfile handling etc (closes: #416763, #397289, #414050, #412980, #415752).
* Merge config file changes.
* add note for pam_tmpdir users about setting TMPDIR in
/etc/nagios2/ default. thanks to Richard A Nelson (closes: #414652) - 6. By Marc Haber <email address hidden>
-
[Marc Haber]
* services_nagios2. cfg: add default notification_ interval 0 clauses to
make it clear that nagios won't re-notify by default.
Thanks to Jan Wagner.
* Add symlink from /usr/share/nagios2/ htdocs/ docs to
/usr/share/doc/ nagios2- doc/html as suggested by Mike O'Connor.
Closes: #408141
* init script: use awk -v FS. Thanks to Mike O'Connor. Closes: #408136
* init script: remove commented sleep-rekill loop which was confusing
to some users. It has never been enabled in nagios2 and is probably
left over from whatever package the original nagios2 init script
was taken from. Closes: #408231
* run debconf-updatepo and commit new files[Sean Finney]
* added Build-Depends on dpkg-dev >= 1.13.19, since our use of
source:Version in debian/control requires it. - 5. By Marc Haber <email address hidden>
-
* new german debconf translations from Matthias Julius (closes: #400700).
* remove check_dns from commands.cfg.
Thanks to Dr. Tilo Levante. Closes: #402303
* nagios2-common. postinst: Take 127.0.0.1 as default default gateway.
* nagios2-common. postrm: Send dpkg-statoverride standard error to
the bin to avoid a row of "No override present" error messages on
purge.
* Ship our own resource.cfg with nagios2-common - 4. By Marc Haber <email address hidden>
-
* new upstream version
* adapt configuration patches
* adapt installation lists
* Add README reference to nagios.cfg regarding the command file
* Add no-op logrotate file to really disable logrorate log rotation.
Closes: #396173, #401546
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)