[Nagios-announce] Nagios 2.3.1 and 1.4.1 Available

Ethan Galstad nagios at nagios.org
Thu May 25 07:11:38 CEST 2006

Previous message: [Nagios-announce] Nagios 2.3.1 and 1.4.1 Available
Next message: serios problem after reloads with nagios 2.3.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Marc Haber wrote:
> On Mon, May 15, 2006 at 06:12:35PM -0500, Ethan Galstad wrote:
>> Changelogs for both the 2.3.1 and 1.4.1 releases are included below.
>>
>> 2.3.1 - 05/15/2006
>> ----------------
>> * Bug fix for HTTP content_length header integer overflow in CGIs
>>
>>
>> 1.4.1 - 05/15/2006
>> ----------------
>> * Bug fix for HTTP content_length header integer overflow in CGIs
> 
> Do those vulnerabilities have CVE numbers? If so, it would be great to
> have them listed in the changelog. This will greatly ease the work of
> security people in the distributions.
> 
> Greetings
> Marc
> 

Looks like there are two CVE numbers assigned from:

http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=nagios

CVE-2006-2489 (pre 2.3.1/1.4.1)
CVE-2006-2162 (pre 2.3/1.4)


Ethan Galstad,
Nagios Developer
---
Email: nagios at nagios.org
Website: http://www.nagios.org


-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642

Previous message: [Nagios-announce] Nagios 2.3.1 and 1.4.1 Available
Next message: serios problem after reloads with nagios 2.3.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Developers mailing list