Debian Package Tracker

Date: Sat, 09 Mar 2013 09:04:37 +0000
From: Alexander Wirt <formorer@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted nagios-nrpe 2.13-3 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 09 Mar 2013 08:42:05 +0100
Source: nagios-nrpe
Binary: nagios-nrpe-server nagios-nrpe-plugin
Architecture: source amd64
Version: 2.13-3
Distribution: unstable
Urgency: high
Maintainer: Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>
Changed-By: Alexander Wirt <formorer@debian.org>
Description: 
 nagios-nrpe-plugin - Nagios Remote Plugin Executor Plugin
 nagios-nrpe-server - Nagios Remote Plugin Executor Server
Closes: 701227
Changes: 
 nagios-nrpe (2.13-3) unstable; urgency=high
 .
   * [e55afd1] Add 08_CVE-2013-1362.dpatch patch.
     If command arguments are enabled in the NRPE configuration, it was
     possible to pass $() as arguments as the checking for nasty caracters
     was not strict enough to catch $(). This allowed executing shell
     commands under a subprocess and pass the output as a parameter to the
     called script (if run under bash). CVE-2013-1362 (Closes: #701227)
Checksums-Sha1: 
 ce797b74315a839d047b9f14e92ec152c7e1664f 1356 nagios-nrpe_2.13-3.dsc
 8af5274412281f9bc77c819c1cf8838351804c73 11115 nagios-nrpe_2.13-3.diff.gz
 432c0ba3347aa7aa5e948e84310cfd58ef5380c0 41026 nagios-nrpe-server_2.13-3_amd64.deb
 a07a26e80cb5bd7cd7404d580a3488c487116141 19692 nagios-nrpe-plugin_2.13-3_amd64.deb
Checksums-Sha256: 
 b7604c377e9042380be01316394696398a0860fc128d04532c313e3ef2d6a92c 1356 nagios-nrpe_2.13-3.dsc
 b7bfc6b0d0894bf6660b91292adffc50e28724f905b0df1f59ac561a94a14e4f 11115 nagios-nrpe_2.13-3.diff.gz
 501c8eb1c2d8703f49cb997b9eb585cd301d05b249cd288e7ef4919e01643865 41026 nagios-nrpe-server_2.13-3_amd64.deb
 6622c8d1bbcb4e7daaedcb9cfd86dd32b69c6a8d046bbf05b34e2b61b1c5fb15 19692 nagios-nrpe-plugin_2.13-3_amd64.deb
Files: 
 e23df9385fd97d0150e1f7623928c697 1356 net optional nagios-nrpe_2.13-3.dsc
 854eb80d419e8e51d0d7e0b4a14f7be4 11115 net optional nagios-nrpe_2.13-3.diff.gz
 545cc2e0a1716e59711fb32f39b39772 41026 net optional nagios-nrpe-server_2.13-3_amd64.deb
 768f4a3b8ebc00780ac8f37362ea963f 19692 net optional nagios-nrpe-plugin_2.13-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlE66yMACgkQ01u8mbx9AgqSTgCgw5DQjTUnaHd2tfAuAJWP71LV
fVcAoIX4bz0OgymTdVboLfc5s3gOp/Mb
=Rnqy
-----END PGP SIGNATURE-----
News for package nagios-nrpe
