CVSROOT:        /cvs
Module name:    ports
Changes by:     [email protected]   2017/02/07 14:40:55

Modified files:
        net/icinga/core: Tag: OPENBSD_6_0 Makefile distinfo 
        net/icinga/core/patches: Tag: OPENBSD_6_0 patch-base_checks_c 
                                 patch-base_logging_c patch-cgi_avail_c 
                                 patch-cgi_cgiutils_c patch-cgi_cmd_c 
                                 patch-cgi_histogram_c 
                                 patch-cgi_history_c 
                                 patch-cgi_notifications_c 
                                 patch-cgi_showlog_c patch-cgi_trends_c 
        net/icinga/core/pkg: Tag: OPENBSD_6_0 PLIST-cgi PLIST-main 

Log message:
update to icinga 1.14.0

security fixes (also affecting nagios; icinga 1.x is the old nagios-derived
branch, whereas 2.x is all new) -

* Bug #13709: CVE-2016-9566: Root priviledge escalation during log file opening
* Bug #10453: Icinga Classic-UI 1.13.3 and older are vulnerable to XSS - 
CVE-2015-8010

notable changes -

* Classic UI: Remove attribute based authorization (cgiauth.cfg is not parsed
any more)
* IDO: Remove deprecated config options

Reply via email to