Information on source package icinga

Available versions

ReleaseVersion
jessie1.11.6-1
stretch1.13.4-2
buster1.14.2+ds-3

Open issues

BugjessiestretchbusterDescription
CVE-2016-9566vulnerable (no DSA)fixedfixedbase/logging.c in Nagios Core before 4.2.4 allows local users with acc ...
CVE-2015-8010vulnerable (no DSA)fixedfixedCross-site scripting (XSS) vulnerability in the Classic-UI with the CS ...

Resolved issues

BugDescription
CVE-2017-16882Icinga Core through 1.14.0 initially executes bin/icinga as root but s ...
CVE-2016-6209Cross-site scripting (XSS) vulnerability in Nagios.
CVE-2014-2386Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, all ...
CVE-2014-1878Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c i ...
CVE-2013-7108Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, a ...
CVE-2013-7107Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1 ...
CVE-2013-7106Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 befo ...
CVE-2012-6096Multiple stack-based buffer overflows in the get_history function in h ...
CVE-2012-3441The database creation script (module/idoutils/db/scripts/create_mysqld ...
CVE-2011-2477Multiple cross-site scripting (XSS) vulnerabilities in config.c in con ...
CVE-2011-2179Multiple cross-site scripting (XSS) vulnerabilities in config.c in con ...
CVE-2011-1523Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.c ...

Security announcements

DSA / DLADescription
DLA-60-1icinga - security update
DSA-2956-1icinga - security update
DSA-2653-1icinga - buffer overflow

Search for package or bug name: Reporting problems