[SECURITY] [DLA 461-1] nagios3 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : nagios3
Version : 3.4.1-3+deb7u2
CVE ID : CVE-2014-1878
A stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c
in Nagios, a monitoring and management system for hosts, services and
networks, allowed remote attackers to cause a denial of service
(segmentation fault) via a long message to cmd.cgi.
For Debian 7 "Wheezy", this problem has been fixed in version
3.4.1-3+deb7u2.
We recommend that you upgrade your nagios3 packages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAEBCgBmBQJXLkEaXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkozgP/0FtjF0lqjrAYa2fbvRmlxBS
+LeFHgQpQbfYVCfWaqSxIgp/ZZElOzxlnf6KHBkhrZOyhPf7uky/azX6L+gy0mXR
h0k7AQZkugLIH3odac6VE+tIBZBcfETKILhCw6R3BEY0JS4PhBgM4DnD8BGpxbbO
OZE5ppOIT2XrO7Q7XEh+r7Caq6m3Suyxhm7yhZsvNks+1v8I97Xsicza1w0aY34X
zB3eO8YPpvbPnx5SCF0lR9Uzmlk7tqdU/5xqdJskxVQnMmLTntOfO9dssSfYaUxz
islqhdL0J4vH71GhFcm90tElfU3tcZDfP91YBjg18vcYSvqomR0plYztA1BanuMu
La93BNREjZFcRNfnXhgdLtSYEBv7fUh1pl1M2VwHajNYl/Qk7lR1SPTSrEYfEnAc
CHz9JaB+trkGnPLdUkISEFdzBmaPmO8VxjNqFf5imK/fIrfTQqgoAKPyU7q5dIkS
yRuKb3vwvcVTQgvqmNPCwvFDxHxcKOh4z0lTMiXiTy5FaNueZ3HDE93tG/PqgcES
gH7TFpocO/TKuSIowrWuId1+KQWu/cU3dqU5COiUUS4U9BGAX3X9NxY8WQPLORit
3qLi8IzZvd7THkxshzjC+ILVDXXiFCkwgsVc3VCQmAmZubFwqZjgl0cv5Uc9s4E5
idwvM0xe3JYaSCkc8G8N
=LAC8
-----END PGP SIGNATURE-----
Reply to: