aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-04-12 08:42:24 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2013-04-12 08:42:24 +0000
commit5954c5a286c361f7a7345e5e1dd5714f7fbc4da8 (patch)
tree1eff79fad8d074130d8def09773e62318e13da29 /main
parentbd4160cd2286ae71c919500fc00c2abd086b5748 (diff)
downloadaports-5954c5a286c361f7a7345e5e1dd5714f7fbc4da8.tar.bz2
aports-5954c5a286c361f7a7345e5e1dd5714f7fbc4da8.tar.xz
main/nagios: security fix (CVE-2012-6096)
fixes #1703
Diffstat (limited to 'main')
-rw-r--r--main/nagios/APKBUILD10
-rw-r--r--main/nagios/CVE-2012-6096.patch42
2 files changed, 48 insertions, 4 deletions
diff --git a/main/nagios/APKBUILD b/main/nagios/APKBUILD
index c26ee8d23a..859a5b8c6c 100644
--- a/main/nagios/APKBUILD
+++ b/main/nagios/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Carlo Landmeter <clandmeter at gmail>
pkgname=nagios
pkgver=3.2.3
-pkgrel=5
+pkgrel=6
pkgdesc="Popular monitoring tool"
url="http://www.nagios.org/"
arch="all"
@@ -14,13 +14,14 @@ source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz
cve-2011-1523.patch
nagios.confd
nagios.initd
- lighttpd-nagios.conf"
+ lighttpd-nagios.conf
+ CVE-2012-6096.patch
+ "
subpackages="${pkgname}-web"
pkgusers="nagios"
pkggroups="nagios"
_builddir="$srcdir/$pkgname-$pkgver"
-
prepare() {
cd "$_builddir"
for i in $source; do
@@ -73,4 +74,5 @@ md5sums="fe1be46e6976a52acdb021a782b5d04b nagios-3.2.3.tar.gz
1d55432308d049f2c0dbbbbe1322d83e cve-2011-1523.patch
431dfe7403323e247a88b97beade5d78 nagios.confd
2ead8695b32222abe922692664aa9de1 nagios.initd
-d63c36f47d26f1f71ae2faf272eec640 lighttpd-nagios.conf"
+d63c36f47d26f1f71ae2faf272eec640 lighttpd-nagios.conf
+22239c4df4d5e7f8e3aea19b276a9974 CVE-2012-6096.patch"
diff --git a/main/nagios/CVE-2012-6096.patch b/main/nagios/CVE-2012-6096.patch
new file mode 100644
index 0000000000..1ce1790bab
--- /dev/null
+++ b/main/nagios/CVE-2012-6096.patch
@@ -0,0 +1,42 @@
+diff --git a/cgi/history.c b/cgi/history.c
+index 23c1146..9e018db 100644
+--- a/cgi/history.c
++++ b/cgi/history.c
+@@ -805,16 +805,16 @@ void get_history(void){
+ else if(display_type==DISPLAY_HOSTS){
+
+ if(history_type==HOST_HISTORY || history_type==SERVICE_HISTORY){
+- sprintf(match1," HOST ALERT: %s;",host_name);
+- sprintf(match2," SERVICE ALERT: %s;",host_name);
++ snprintf(match1, sizeof(match1), " HOST ALERT: %s;",host_name);
++ snprintf(match2, sizeof(match2), " SERVICE ALERT: %s;",host_name);
+ }
+ else if(history_type==HOST_FLAPPING_HISTORY || history_type==SERVICE_FLAPPING_HISTORY){
+- sprintf(match1," HOST FLAPPING ALERT: %s;",host_name);
+- sprintf(match2," SERVICE FLAPPING ALERT: %s;",host_name);
++ snprintf(match1, sizeof(match1), " HOST FLAPPING ALERT: %s;",host_name);
++ snprintf(match2, sizeof(match2), " SERVICE FLAPPING ALERT: %s;",host_name);
+ }
+ else if(history_type==HOST_DOWNTIME_HISTORY || history_type==SERVICE_DOWNTIME_HISTORY){
+- sprintf(match1," HOST DOWNTIME ALERT: %s;",host_name);
+- sprintf(match2," SERVICE DOWNTIME ALERT: %s;",host_name);
++ snprintf(match1, sizeof(match1), " HOST DOWNTIME ALERT: %s;",host_name);
++ snprintf(match2, sizeof(match2), " SERVICE DOWNTIME ALERT: %s;",host_name);
+ }
+
+ if(show_all_hosts==TRUE)
+@@ -853,11 +853,11 @@ void get_history(void){
+ else if(display_type==DISPLAY_SERVICES){
+
+ if(history_type==SERVICE_HISTORY)
+- sprintf(match1," SERVICE ALERT: %s;%s;",host_name,svc_description);
++ snprintf(match1, sizeof(match1), " SERVICE ALERT: %s;%s;",host_name,svc_description);
+ else if(history_type==SERVICE_FLAPPING_HISTORY)
+- sprintf(match1," SERVICE FLAPPING ALERT: %s;%s;",host_name,svc_description);
++ snprintf(match1, sizeof(match1), " SERVICE FLAPPING ALERT: %s;%s;",host_name,svc_description);
+ else if(history_type==SERVICE_DOWNTIME_HISTORY)
+- sprintf(match1," SERVICE DOWNTIME ALERT: %s;%s;",host_name,svc_description);
++ snprintf(match1, sizeof(match1), " SERVICE DOWNTIME ALERT: %s;%s;",host_name,svc_description);
+
+ if(strstr(temp_buffer,match1) && (history_type==SERVICE_HISTORY || history_type==SERVICE_FLAPPING_HISTORY || history_type==SERVICE_DOWNTIME_HISTORY))
+ display_line=TRUE;