openSUSE Security Update: update for nagstamon ______________________________________________________________________________
Announcement ID: openSUSE-SU-2013:1235-1 Rating: moderate References: #829217 Cross-References: CVE-2013-4114 Affected Products: openSUSE 12.3 openSUSE 12.2 ______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
- update to 0.9.10: + added fullscreen option + added Thruk support + added Check_MK cookie-based auth + added new Centreon autologin option + added configurable default sort order + added filter for hosts in hard/soft state for Nagios, Icinga, Opsview and Centreon + added $STATUS-INFO$ variable for custom actions + added audio alarms also in fullscreen mode + improved update interval set in seconds instead minutes + improved Icinga JSON support + improved Centreon 2.4 xml/broker support + improved Nagios 3.4 pagination support + improved nicer GTK theme Murrine on MacOSX + fixed security bug + fixed some memory leaks + fixed superfluous passive icon for Check_MK + fixed blocking of shutdown/reboot on MacOSX + fixed saving converted pre 0.9.9 config immediately + fixed statusbar position when offscreen + fixed some GUI issues + fixed update detection - this version fixes a security bug in the automatic update check (mentioned in CVE-2013-4114 and bnc #829217)
- fix build on CentOS > 5
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 12.3:
zypper in -t patch openSUSE-2013-601
- openSUSE 12.2:
zypper in -t patch openSUSE-2013-601
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 12.3 (noarch):
nagstamon-0.9.10-4.4.1
- openSUSE 12.2 (noarch):
nagstamon-0.9.10-2.4.1
References:
http://support.novell.com/security/cve/CVE-2013-4114.html https://bugzilla.novell.com/829217