Advisories ยป MGASA-2017-0045

Updated nagios packages fix security vulnerabilities

Publication date: 11 Feb 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9565 , CVE-2016-9566

Description

The nagios package has been patched to fix the following issues:

Improper sanitization of RSS feed input enables unauthenticated remote
read and write of arbitrary files (CVE-2016-9565).

Unsafe logfile handling allows unprivileged users to escalate their
privileges to root (CVE-2016-9566).
                

References

SRPMS

5/core