[SECURITY] Fedora 20 Update: pnp4nagios-0.6.22-2.fc20

updates at fedoraproject.org updates at fedoraproject.org
Mon Jul 14 00:54:48 UTC 2014


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-8098
2014-07-05 14:12:16
--------------------------------------------------------------------------------

Name        : pnp4nagios
Product     : Fedora 20
Version     : 0.6.22
Release     : 2.fc20
URL         : http://www.pnp4nagios.org/
Summary     : Nagios performance data analysis tool
Description :
PNP is an addon to nagios which analyzes performance data provided by plugins
and stores them automatically into RRD-databases.

--------------------------------------------------------------------------------
Update Information:

Fix three URL Cross-Site Scripting Vulnerabilities.
Update to upstream (fixes XSS flaw in an error page)
Update to upstream (fixes XSS flaw in an error page)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul  4 2014 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.6.22-2
- Fix two URL Cross-Site Scripting Vulnerabilities (bz#1115983)
* Thu Jul  3 2014 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.6.22-1
- Update to upstream (fixes XSS flaw in an error page - bz#1115770)
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.21-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1115983 - CVE-2014-4908 pnp4nagios: Two URL Cross-Site Scripting Vulnerabilities
        https://bugzilla.redhat.com/show_bug.cgi?id=1115983
  [ 2 ] Bug #1115770 - CVE-2014-4907 pnp4nagios: cross-site scripting flaw in an error page
        https://bugzilla.redhat.com/show_bug.cgi?id=1115770
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update pnp4nagios' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list