FEDORA-EPEL-2019-d661b588d2

security update in Fedora EPEL 7 for nagios

Status: stable 2 months ago

Incorporate many fixes from Justin Paulsen petaris@gmail.com THANKS!!!


Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441 CVE-2016-8641


Remove section which unset nagios Fix BZ#1568273


Fix systemd failures due to old versioning.

How to install

sudo dnf upgrade --advisory=FEDORA-EPEL-2019-d661b588d2

Comments 8

This update has been submitted for testing by smooge.

This update has obsoleted nagios-4.4.2-3.el7, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by smooge.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1201849 Support an environment file in the systemd unit file
#1273154 RFE: Remove Nagios version check warning messages
#1476238 EPEL6 update to 4.3.2 causes information leak to google via embedded youtube
#1482407 nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc
#1494292 file ownership problem between nagios and nagios-contrib
#1504306 minor packaging improvements
#1506423 Nagios regularly crashes with SIGSEGV after couple of weeks of starting.
#1517925 Updating nagios package causes nagios service to be disabled.
#1568273 Nagios service disabled after each update
#1579935 nagios-common permissions issue with /usr/lib64/nagios/plugins directory
#1592594 nagios spool files in wrong location by default, causing SELinux violations
#1593048 nagios-4.4.1 is available
#1647765 Memory leak in nagios
#1661479 Invalid bug number
#1661480 CVE-2018-18245 nagios: Stored XSS via Plugin Output [epel-all]
#1665200 CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [fedora-all]
#1665201 CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [epel-all]
#1665206 CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [fedora-all]
#1665207 CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [epel-all]
#1665209 CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [fedora-all]
#1665210 CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [epel-all]
#1666209 Invalid bug number
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
low
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 months ago
in testing 3 months ago
in stable 2 months ago

Related Bugs 22

0+1 #1201849 Support an environment file in the systemd unit file
00 #1273154 RFE: Remove Nagios version check warning messages
0+1 #1476238 EPEL6 update to 4.3.2 causes information leak to google via embedded youtube
00 #1482407 nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc
00 #1494292 file ownership problem between nagios and nagios-contrib
0+1 #1504306 minor packaging improvements
00 #1506423 Nagios regularly crashes with SIGSEGV after couple of weeks of starting.
00 #1517925 Updating nagios package causes nagios service to be disabled.
00 #1568273 Nagios service disabled after each update
0+1 #1579935 nagios-common permissions issue with /usr/lib64/nagios/plugins directory
0+1 #1592594 nagios spool files in wrong location by default, causing SELinux violations
0+1 #1593048 nagios-4.4.1 is available
00 #1647765 Memory leak in nagios
0+1 #1661479 Invalid bug number
0+1 #1661480 CVE-2018-18245 nagios: Stored XSS via Plugin Output [epel-all]
0+1 #1665200 CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [fedora-all]
0+1 #1665201 CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [epel-all]
0+1 #1665206 CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [fedora-all]
0+1 #1665207 CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [epel-all]
0+1 #1665209 CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [fedora-all]
0+1 #1665210 CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [epel-all]
00 #1666209 Invalid bug number

Automated Test Results