Advisories ยป MGASA-2017-0437

Updated nagios packages fix security vulnerability

Publication date: 01 Dec 2017
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-12847

Description

It was found that nagios daemon creates its PID file after dropping
privileges, which allows to change its content by non-root user with PID
of any other process, resulting into denial-of-service when daemon is
stopped (CVE-2017-12847).

Note that the nagios package on Mageia 5 is no longer supported.  Users
of this package should upgrade to Mageia 6.
                

References

SRPMS

6/core