Fedora 28: FEDORA-2019-0b44528ff1 Moderate: Nagios Update Issues

Nagios is a program that will monitor hosts and services on your

network. It has the ability to send email or page alerts when a

problem arises and when a problem is resolved. Nagios is written

in C and is designed to run under Linux (and some other *NIX

variants) as a background process, intermittently running checks

on various services that you specify.

The actual service checks are performed by separate "plugin" programs

which return the status of the checks to Nagios. The plugins are

available at https://github.com/nagios-plugins/nagios-plugins

This package provides the core program, web interface, and documentation

files for Nagios. Development files are built as a separate package.

Incorporate many fixes from Justin Paulsen THANKS!!! ----Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441

CVE-2016-8641 ---- Remove section which unset nagios Fix BZ#1568273

* Wed Jan 16 2019 Stephen Smoogen - 4.4.3-1

- Incorporate many fixes from Justin Paulsen THANKS!!!

- Update to 4.4.3 for CVE fixes

- BZ#1661479

- BZ#1661480

- BZ#1665200

- BZ#1665201

- BZ#1665206

- BZ#1665207

- BZ#1665209

- BZ#1665210

- Fix BZ#1666209 Add RuntimeDirectory too systemd

* Fri Nov 30 2018 Stephen Smoogen - 4.4.2-3

- Remove systemd startup since built in works properly

- Incorporate fixes from patch14 into patch9

* Thu Nov 29 2018 Stephen Smoogen - 4.4.2-2

- Fix init-type and initdir for systemd and sysv

* Wed Nov 28 2018 Justin Paulsen 4.4.2-1

- Bumped to version 4.4.2

- Updated patches 0001,0002,0003,0006,0009,0010,0011 to reflect upstream changes

- Updates to nagios.spec (this file) to cleanup un-needed elements and

adjust/fix as required

- As a result of the cleanup I have added a patch nagios-0014-fix-resource.cfg-path.patch

* Tue Jul 24 2018 Stephen Smoogen - 4.3.4-13

- Remove section which unset nagios Fix BZ#1568273

- Remove /etc/nagios/conf.d Fix BZ#1504306

- Change perms on dir Fix BZ#1579935

- Close BZ#1273154

- Hopefully Fix BZ#1201849

- Hopefully Fix BZ#1476238

- Hopefully Fix BZ#1494292

* Fri Jul 13 2018 Fedora Release Engineering - 4.3.4-12

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Thu Jun 28 2018 Jitka Plesnikova - 4.3.4-11

- Perl 5.28 rebuild

* Thu Apr 26 2018 Stephen Smoogen - 4.3.4-10

- Fix systemd failures due to old versioning.

* Tue Feb 20 2018 Stephen Smoogen - 4.3.4-9

- Add buildrequires for gcc

* Thu Feb 8 2018 Fedora Release Engineering - 4.3.4-8

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[ 1 ] Bug #1661479 - CVE-2018-18245 nagios: Stored XSS via Plugin Output [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1661479

[ 2 ] Bug #1661480 - CVE-2018-18245 nagios: Stored XSS via Plugin Output [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1661480

[ 3 ] Bug #1665200 - CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1665200

[ 4 ] Bug #1665201 - CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1665201

[ 5 ] Bug #1665206 - CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1665206

[ 6 ] Bug #1665207 - CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1665207

[ 7 ] Bug #1665209 - CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1665209

[ 8 ] Bug #1665210 - CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1665210

[ 9 ] Bug #1666209 - Nagios cannot start after system reboot because of missing directory

https://bugzilla.redhat.com/show_bug.cgi?id=1666209

[ 10 ] Bug #1593048 - nagios-4.4.1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1593048

[ 11 ] Bug #1647765 - Memory leak in nagios

https://bugzilla.redhat.com/show_bug.cgi?id=1647765

[ 12 ] Bug #1482407 - nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc

https://bugzilla.redhat.com/show_bug.cgi?id=1482407

[ 13 ] Bug #1506423 - Nagios regularly crashes with SIGSEGV after couple of weeks of starting.

https://bugzilla.redhat.com/show_bug.cgi?id=1506423

[ 14 ] Bug #1592594 - nagios spool files in wrong location by default, causing SELinux violations

https://bugzilla.redhat.com/show_bug.cgi?id=1592594

su -c 'dnf upgrade --advisory FEDORA-2019-0b44528ff1' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org