oss-sec mailing list archives
CVE-2013-2029: Nagios RPM nagios.upgrade_to_v3.sh
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 30 Apr 2013 14:34:40 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This was found by Grant Murphy So most Nagios RPM files seem to include a copy of "nagios.upgrade_to_v3.sh" which contains the following code: tmp1=/tmp/nagioscfg.$$.tmp ... cat $nagios_cfg | sed --regexp-extended "s/^(\s*check_result_buffer_slots\s*=\s*)/# Line Commented out for Nagios v3 Compatibility\n#\1/g" > $tmp1 ... diff_output=`diff -u $nagios_cfg $tmp1` ... mv $tmp1 $nagios_cfg Oops. Covered in https://bugzilla.redhat.com/show_bug.cgi?id=958015 Please use CVE-2013-2029 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRgCrgAAoJEBYNRVNeJnmTAsMQAL0d2qJCKO24AP15MT7Au4I7 71VGuuUs2qcfrKBgCBkC+zIOn50e8P+k/MSTXcfbbSlzfr/LFGF4FJfEAEM9vnlv QJ++YJwDdSiqznwAPJEF3fXj2kflkAAqd8mPTLHBMh6Ow33e6vmBzl0JBcd8W96A mKlx5dX/7ICCxzNWBZxIP31FaBwvaLGOkbe5cFtBr6LYH2KEmlHCEg6NgFi3BCZJ a61d3WgoUjEd1M0H10sbM+di1VJFKgzgpXOkNW93b+XjPLan0Dmvc/9wAAWq0NMX E+tKMUxQc8Pwbpu/QhUs34gFvh2myMhUeLlvW39ccpaWclfqkn7pMeWPJKmYE4Ew FcSl8SOm4HVK1I1II2w/NCnpsqO/XgAEtAVaG0622jzUICZhf6c7NYoxoO5/kPjO WK4T3vUPcSkrR2xTYJb3uKkEiKOo80uDGS4MHwVwhsz93oX2T15RP+2yGDwePPPs NdfzRVUPiLFz1BHECvF7D58HXb056nbexlj8GYt0NKkipi0YHraMu+dprumX4YEk 2H9RXaGGLEc4s7XCurOqF8L2TnOmvbFnOS62oCYm0rrdGtxKhhv+MEm/yJBbsWLi 4kO1V23IVl4TuUVBri4wzeVBMBCxJPaABN1D30TaXwBAy0eTGzxM60hWacVeyrBP SljhlBPyI9nTtM5TMcMQ =8bFP -----END PGP SIGNATURE-----
Current thread:
- CVE-2013-2029: Nagios RPM nagios.upgrade_to_v3.sh Kurt Seifried (Apr 30)