[Nagios-announce] Nagios 2.3.1 and 1.4.1 Available
Ethan Galstad
nagios at nagios.org
Thu May 25 07:11:38 CEST 2006
Marc Haber wrote:
> On Mon, May 15, 2006 at 06:12:35PM -0500, Ethan Galstad wrote:
>> Changelogs for both the 2.3.1 and 1.4.1 releases are included below.
>>
>> 2.3.1 - 05/15/2006
>> ----------------
>> * Bug fix for HTTP content_length header integer overflow in CGIs
>>
>>
>> 1.4.1 - 05/15/2006
>> ----------------
>> * Bug fix for HTTP content_length header integer overflow in CGIs
>
> Do those vulnerabilities have CVE numbers? If so, it would be great to
> have them listed in the changelog. This will greatly ease the work of
> security people in the distributions.
>
> Greetings
> Marc
>
Looks like there are two CVE numbers assigned from:
http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=nagios
CVE-2006-2489 (pre 2.3.1/1.4.1)
CVE-2006-2162 (pre 2.3/1.4)
Ethan Galstad,
Nagios Developer
---
Email: nagios at nagios.org
Website: http://www.nagios.org
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
More information about the Developers
mailing list