nagios-plugins (1.4.8-2.1ubuntu1.1) gutsy-security; urgency=low
* SECURITY UPDATE: denial of service via multiple HTTPS redirects
* debian/patches/29_SECURITY_LP153697.dpatch: set SSL context and SSL
connection to NULL in np_net_ssl_cleanup()
* SECURITY UPDATE: denial of service via multiple redirects
* debian/patches/30_SECURITY_LP153703.dpatch: fix off-by-one error to
re-allocate the proper amount of memory in redir()
* SECURITY UPDATE: denial of service and possible arbitrary code execution
as the user in check_http.c via crafted Location Header
* debian/patches/CVE-2007-5198.dpatch: previous patch was not complete.
Patch now reworked to properly validate Location header in redir().
* References
LP: #153697
LP: #153703
CVE-2007-5198
LP: #152624
-- Jamie Strandboge <[EMAIL PROTECTED]> Thu, 18 Oct 2007 14:10:13
+0000
--
Buffer overflow in check_http.c (CVE-2007-5198)
https://bugs.launchpad.net/bugs/152624
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
