——————————————————————————–
Fedora Update Notification
FEDORA-2014-11082
2014-09-19 09:07:06
——————————————————————————–
Name : check-mk
Product : Fedora 19
Version : 1.2.4p5
Release : 1.fc19
URL : http://mathias-kettner.de/check_mk
Summary : A new general purpose Nagios-plugin for retrieving data
Description :
check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a
new approach for collecting data from operating systems and network components.
It obsoletes NRPE, check_by_ssh, NSClient, and check_snmp and it has many
benefits, the most important are a significant reduction of CPU usage on
the Nagios host and an automatic inventory of items to be checked on hosts.
——————————————————————————–
Update Information:
New upstream release providing many security fixes.
——————————————————————————–
ChangeLog:
* Wed Sep 17 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p5-1
– New upstream release. Fixes CVEs:
– CVE-2014-5338
– CVE-2014-5339
– CVE-2014-5340 (BZ: #1132337, #1132339, #1132341)
– Stop shipping the j4p_performance plugin as it’s deprecated. (BZ: #1133068)
– Turn Wato_Legacy_Eval as True as we want to prevent breakages
between machines running different Python and/or check-mk releases.
This is necessary after the ‘ast’ move from ‘pickle’ (that was
generating a insecure API call), however the ‘ast’ module is still
not available for RHEL / CentOS 5 machines. The patch is there to
avoid miscommunications between different distribution releases. More
information is available at:
http://mathias-kettner.com/check_mk_werks.php?werk_id=984.
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1.2.4p2-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1.2.4p2-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 27 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p2-2
– Install the mk-job binary on /usr/bin.
– Make sure the proper permissions are given to /var/lib/check_mk_agent/job
to prevent any hard or symlink to be created by a normal user and pointing
to any file on the filesystem exposing it on the check-mk-agent output being
run as root. Fixes BZ #1101669.
* Mon Apr 14 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p2-1
– New upstream release.
* Wed Apr 2 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p1-1
– New upstream release. Fixes the missing two CVEs that were still
left unfixed on 1.2.4:
– CVE-2014-2330
– CVE-2014-2331
* Tue Mar 25 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4-1
– New upstream release. Fixes the following CVEs:
– CVE-2014-2329
– CVE-2014-2332
* Wed Oct 2 2013 Andrea Veri <averi@fedoraproject.org> – 1.2.2p2-2
– Make sure an /etc/check_mk/conf.d/wato directory is created for WATO
to work properly. (BZ: #987863)
– Improve the packages description.
* Sat Aug 31 2013 Andrea Veri <averi@fedoraproject.org> – 1.2.2p2-1
– New upstream release.
* Thu Aug 29 2013 Andrea Veri <averi@fedoraproject.org> – 1.2.2-6
– Make sure the waitmax binary gets built. Also thanks to John Reddy
for his initial work on this. (BZ: #982769)
– Add an if statement for RHEL and make sure auto provides are not set
automatically. (BZ #985285)
– Requires set to mod_python on RHEL, no mod_wsgi migration yet on EPEL. (BZ: #987852)
– Fix the perl command that was doing the needed substitution on the
/usr/bin/check_mk_agent’s configuration directories. Thanks Brainslug for the
report. (BZ: #989793)
– In addition to a customized ‘defaults’ file, add a defaults.py accordingly. (BZ: #987859)
* Fri Aug 2 2013 Petr Pisar <ppisar@redhat.com> – 1.2.2-5
– Do not provide from a documentation
* Sun Apr 28 2013 Andrea Veri <averi@fedoraproject.org> 1.2.2-5
– Make sure the Nagios library path on the check_mk_templates.cfg file
is correct on both x86_64 and i686 systems.
* Sat Apr 27 2013 Andrea Veri <averi@fedoraproject.org> 1.2.2-4
– Change check-mk-agent’s binary name to check_mk_agent to match xinetd’s file. (BZ: #956489)
– Remove other operating systems agents, we definitely don’t need them on this package.
– Make sure that check_mk_templates gets shipped into /etc/nagios/conf.d. (BZ: #956492)
– Don’t ship the auto-generated defaults file, but provide it with our customizations. This actually
fixes BZ: #956496 since we modify the checkresults path to be the same as the one provided
by Nagios itself, thus no need to create an additional directory.
——————————————————————————–
References:
[ 1 ] Bug #1132337 – CVE-2014-5338 CVE-2014-5339 CVE-2014-5340 check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4
https://bugzilla.redhat.com/show_bug.cgi?id=1132337
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update check-mk’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-10972
2014-09-19 09:02:19
——————————————————————————–
Name : check-mk
Product : Fedora 20
Version : 1.2.4p5
Release : 1.fc20
URL : http://mathias-kettner.de/check_mk
Summary : A new general purpose Nagios-plugin for retrieving data
Description :
check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a
new approach for collecting data from operating systems and network components.
It obsoletes NRPE, check_by_ssh, NSClient, and check_snmp and it has many
benefits, the most important are a significant reduction of CPU usage on
the Nagios host and an automatic inventory of items to be checked on hosts.
——————————————————————————–
Update Information:
New upstream release providing many security fixes.
——————————————————————————–
ChangeLog:
* Wed Sep 17 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p5-1
– New upstream release. Fixes CVEs:
– CVE-2014-5338
– CVE-2014-5339
– CVE-2014-5340 (BZ: #1132337, #1132339, #1132341)
– Stop shipping the j4p_performance plugin as it’s deprecated. (BZ: #1133068)
– Turn Wato_Legacy_Eval as True as we want to prevent breakages
between machines running different Python and/or check-mk releases.
This is necessary after the ‘ast’ move from ‘pickle’ (that was
generating a insecure API call), however the ‘ast’ module is still
not available for RHEL / CentOS 5 machines. The patch is there to
avoid miscommunications between different distribution releases. More
information is available at:
http://mathias-kettner.com/check_mk_werks.php?werk_id=984.
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1.2.4p2-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1.2.4p2-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 27 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p2-2
– Install the mk-job binary on /usr/bin.
– Make sure the proper permissions are given to /var/lib/check_mk_agent/job
to prevent any hard or symlink to be created by a normal user and pointing
to any file on the filesystem exposing it on the check-mk-agent output being
run as root. Fixes BZ #1101669.
* Mon Apr 14 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p2-1
– New upstream release.
* Wed Apr 2 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4p1-1
– New upstream release. Fixes the missing two CVEs that were still
left unfixed on 1.2.4:
– CVE-2014-2330
– CVE-2014-2331
* Tue Mar 25 2014 Andrea Veri <averi@fedoraproject.org> – 1.2.4-1
– New upstream release. Fixes the following CVEs:
– CVE-2014-2329
– CVE-2014-2332
——————————————————————————–
References:
[ 1 ] Bug #1132337 – CVE-2014-5338 CVE-2014-5339 CVE-2014-5340 check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4
https://bugzilla.redhat.com/show_bug.cgi?id=1132337
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update check-mk’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce