--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2019-376ecc221c
2019-01-30 02:06:12.445567
--------------------------------------------------------------------------------Name        : nagios
Product     : Fedora 29
Version     : 4.4.3
Release     : 1.fc29
URL         : https://www.nagios.org/projects/nagios-core/
Summary     : Host/service/network monitoring program
Description :
Nagios is a program that will monitor hosts and services on your
network.  It has the ability to send email or page alerts when a
problem arises and when a problem is resolved.  Nagios is written
in C and is designed to run under Linux (and some other *NIX
variants) as a background process, intermittently running checks
on various services that you specify.

The actual service checks are performed by separate "plugin" programs
which return the status of the checks to Nagios. The plugins are
available at https://github.com/nagios-plugins/nagios-plugins

This package provides the core program, web interface, and documentation
files for Nagios. Development files are built as a separate package.

--------------------------------------------------------------------------------Update Information:

Incorporate many fixes from Justin Paulsen  THANKS!!!  ----Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441
CVE-2016-8641
--------------------------------------------------------------------------------ChangeLog:

* Wed Jan 16 2019 Stephen Smoogen  - 4.4.3-1
- Incorporate many fixes from Justin Paulsen  THANKS!!!
- Update to 4.4.3 for CVE fixes
- BZ#1661479
- BZ#1661480
- BZ#1665200
- BZ#1665201
- BZ#1665206
- BZ#1665207
- BZ#1665209
- BZ#1665210
- Fix BZ#1666209 Add RuntimeDirectory too systemd
* Fri Nov 30 2018 Stephen Smoogen  - 4.4.2-3
- Remove systemd startup since built in works properly
- Incorporate fixes from patch14 into patch9
* Thu Nov 29 2018 Stephen Smoogen  - 4.4.2-2
- Fix init-type and initdir for systemd and sysv
* Wed Nov 28 2018 Justin Paulsen  4.4.2-1
- Bumped to version 4.4.2
- Updated patches 0001,0002,0003,0006,0009,0010,0011 to reflect upstream changes
- Updates to nagios.spec (this file) to cleanup un-needed elements and
  adjust/fix as required
- As a result of the cleanup I have added a patch nagios-0014-fix-resource.cfg-path.patch
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1661479 - CVE-2018-18245 nagios: Stored XSS via Plugin Output [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1661479
  [ 2 ] Bug #1661480 - CVE-2018-18245 nagios: Stored XSS via Plugin Output [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1661480
  [ 3 ] Bug #1665200 - CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1665200
  [ 4 ] Bug #1665201 - CVE-2018-13441 nagios: NULL pointer dereference in qh_help in base/query-handler.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1665201
  [ 5 ] Bug #1665206 - CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1665206
  [ 6 ] Bug #1665207 - CVE-2018-13457 nagios: NULL pointer dereference in qh_echo in base/query-handler.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1665207
  [ 7 ] Bug #1665209 - CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1665209
  [ 8 ] Bug #1665210 - CVE-2018-13458 nagios: NULL pointer dereference in qh_core in base/query-handler.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1665210
  [ 9 ] Bug #1666209 - Nagios cannot start after system reboot because of missing directory
        https://bugzilla.redhat.com/show_bug.cgi?id=1666209
  [ 10 ] Bug #1593048 - nagios-4.4.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1593048
  [ 11 ] Bug #1647765 - Memory leak in nagios
        https://bugzilla.redhat.com/show_bug.cgi?id=1647765
  [ 12 ] Bug #1482407 - nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc
        https://bugzilla.redhat.com/show_bug.cgi?id=1482407
  [ 13 ] Bug #1506423 - Nagios regularly crashes with SIGSEGV after couple of weeks of starting.
        https://bugzilla.redhat.com/show_bug.cgi?id=1506423
  [ 14 ] Bug #1592594 - nagios spool files in wrong location by default, causing SELinux violations
        https://bugzilla.redhat.com/show_bug.cgi?id=1592594
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-376ecc221c' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org