[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 01/01: gnu: Add Nagios.
From: |
Leo Famulari |
Subject: |
Re: 01/01: gnu: Add Nagios. |
Date: |
Fri, 30 Dec 2016 14:52:16 -0500 |
User-agent: |
Mutt/1.7.2 (2016-11-26) |
On Wed, Nov 30, 2016 at 10:31:09PM +0000, Ludovic Court�s wrote:
> civodul pushed a commit to branch master
> in repository guix.
>
> commit d30e578a0011b05d1e7d8b3ba7ee38588eba301c
> Author: Ludovic Courtès <address@hidden>
> Date: Wed Nov 30 23:26:57 2016 +0100
>
> gnu: Add Nagios.
>
> * gnu/packages/monitoring.scm: New file.
> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
> + (version "4.0.8")
> + ;; XXX: Newer versions such as 4.2.3 bundle a copy of AngularJS.
This version of Nagios includes some severe security vulnerabilities:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9565
They allow remote attackers to read and write arbitrary files (leading
to remote code execution) or to escalate privilege to the superuser.
What should we do?
signature.asc
Description: PGP signature
- Re: 01/01: gnu: Add Nagios.,
Leo Famulari <=