You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa nrpe

Sigurnosni nedostatak programskog paketa nrpe

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5896
2014-05-01 21:43:44
——————————————————————————–

Name : nrpe
Product : Fedora 19
Version : 2.15
Release : 2.fc19
URL : http://www.nagios.org
Summary : Host/service/network monitoring agent for Nagios
Description :
Nrpe is a system daemon that will execute various Nagios plugins
locally on behalf of a remote (monitoring) host that uses the
check_nrpe plugin. Various plugins that can be executed by the
daemon are available at:
http://sourceforge.net/projects/nagiosplug

This package provides the core agent.

——————————————————————————–
Update Information:

Add patch to mitigate CVE-2014-2913
——————————————————————————–
ChangeLog:

* Thu May 1 2014 Sam Kottler <skottler@fedoraproject.org> – 2.15.2
– Add patch to mitigate CVE-2014-2913
* Mon Jan 27 2014 Sam Kottler <skottler@fedoraproject.org> – 2.15.1
– Update to 2.15
* Wed Oct 16 2013 Peter Lemenkov <lemenkov@gmail.com> – 2.14-5
– Allow building for aarch64 (rhbz #926244)
– Allow user to redefine default commands (rhbz #963703)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 2.14-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
——————————————————————————–
References:

[ 1 ] Bug #1089878 – CVE-2014-2913 nrpe: remote command execution when command arguments are enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1089878
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update nrpe’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa binutils

Otkriveni su sigurnosni nedostaci u programskom paketu binutils za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju proizvoljno kreiranje i...

Close