Bug 446379 (CVE-2007-5803)
Summary: | CVE-2007-5803 nagios: XSS vulnerability | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | linux, mmcgrath, wtogami | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5803 | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2010-12-22 23:16:44 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 437850, 445512, 446381, 446382, 446383 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Tomas Hoger
2008-05-14 12:28:01 UTC
Created attachment 305354 [details]
SuSE patch
This is *NOT* fixed in the upstream version 2.11.
(Extracted from SuSE nagios-2.9-48.4.src.rpm)
Now fixed upstream in 3.0.2 and 2.12: http://www.nagios.org/development/history/nagios-3x.php http://www.nagios.org/development/history/nagios-2x.php We have Nagios 3.0.4 in Rawhide. Should we close this bug ? Purpose of the bugs filed against 'Security Response' product is to remain open until the issue is addressed in all affected versions of all affected products (either Fedora or Red Hat products). This still remains unfixed in at least F8/F9. Fedora 8 and 9 are EOL, latest Fedora and EPEL have the fixed version. |