mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-22 20:41:26 +00:00
Update to 4.0.3.
Sponsored by: Absolight
This commit is contained in:
parent
6524f66fba
commit
05ca9247c2
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=347056
@ -2,8 +2,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= nagios
|
||||
PORTVERSION= 4.0.2
|
||||
PKGNAMESUFFIX= 4
|
||||
PORTVERSION= 4.0.3
|
||||
CATEGORIES= net-mgmt
|
||||
MASTER_SITES= SF/${PORTNAME}/${PORTNAME}-4.x/${PORTNAME}-${PORTVERSION}
|
||||
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (nagios-4.0.2.tar.gz) = 01a3865301cb57ffec57247a2a23ea43d9cf2d21a480a89e9070546fdd366629
|
||||
SIZE (nagios-4.0.2.tar.gz) = 1696847
|
||||
SHA256 (nagios-4.0.3.tar.gz) = cf2050c1202c8532bbf5b56cd3399ad5852ec4df0dc46afc3576600f77d2bad9
|
||||
SIZE (nagios-4.0.3.tar.gz) = 1700420
|
||||
|
@ -1,175 +0,0 @@
|
||||
commit d97e03f32741a7d851826b03ed73ff4c9612a866
|
||||
Author: Eric Stanley <estanley@nagios.com>
|
||||
Date: 2013-12-20 13:14:30 -0600
|
||||
|
||||
CGIs: Fixed minor vulnerability where a custom query could crash the CGI.
|
||||
|
||||
Most CGIs previously incremented the input variable counter twice when
|
||||
it encountered a long key value. This could cause the CGI to read past
|
||||
the end of the list of CGI variables. This commit removes the second
|
||||
increment, removing the possibility of reading past the end of the list
|
||||
of CGI variables.
|
||||
|
||||
diff --git ./cgi/avail.c ./cgi/avail.c
|
||||
index 76afd86..64eaadc 100644
|
||||
--- ./cgi/avail.c
|
||||
+++ ./cgi/avail.c
|
||||
@@ -1096,7 +1096,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/cmd.c ./cgi/cmd.c
|
||||
index fa6cf5a..50504eb 100644
|
||||
--- ./cgi/cmd.c
|
||||
+++ ./cgi/cmd.c
|
||||
@@ -311,7 +311,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/config.c ./cgi/config.c
|
||||
index f061b0f..3360e70 100644
|
||||
--- ./cgi/config.c
|
||||
+++ ./cgi/config.c
|
||||
@@ -344,7 +344,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/extinfo.c ./cgi/extinfo.c
|
||||
index 62a1b18..5113df4 100644
|
||||
--- ./cgi/extinfo.c
|
||||
+++ ./cgi/extinfo.c
|
||||
@@ -591,7 +591,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/histogram.c ./cgi/histogram.c
|
||||
index 4616541..f6934d0 100644
|
||||
--- ./cgi/histogram.c
|
||||
+++ ./cgi/histogram.c
|
||||
@@ -1060,7 +1060,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/notifications.c ./cgi/notifications.c
|
||||
index 8ba11c1..461ae84 100644
|
||||
--- ./cgi/notifications.c
|
||||
+++ ./cgi/notifications.c
|
||||
@@ -327,7 +327,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/outages.c ./cgi/outages.c
|
||||
index 426ede6..cb58dee 100644
|
||||
--- ./cgi/outages.c
|
||||
+++ ./cgi/outages.c
|
||||
@@ -225,7 +225,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/status.c ./cgi/status.c
|
||||
index 3253340..4ec1c92 100644
|
||||
--- ./cgi/status.c
|
||||
+++ ./cgi/status.c
|
||||
@@ -567,7 +567,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/statusmap.c ./cgi/statusmap.c
|
||||
index ea48368..2580ae5 100644
|
||||
--- ./cgi/statusmap.c
|
||||
+++ ./cgi/statusmap.c
|
||||
@@ -400,7 +400,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/statuswml.c ./cgi/statuswml.c
|
||||
index bd8cea2..d25abef 100644
|
||||
--- ./cgi/statuswml.c
|
||||
+++ ./cgi/statuswml.c
|
||||
@@ -226,8 +226,13 @@ int process_cgivars(void) {
|
||||
|
||||
for(x = 0; variables[x] != NULL; x++) {
|
||||
|
||||
+ /* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
+ if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
/* we found the hostgroup argument */
|
||||
- if(!strcmp(variables[x], "hostgroup")) {
|
||||
+ else if(!strcmp(variables[x], "hostgroup")) {
|
||||
display_type = DISPLAY_HOSTGROUP;
|
||||
x++;
|
||||
if(variables[x] == NULL) {
|
||||
diff --git ./cgi/summary.c ./cgi/summary.c
|
||||
index 126ce5e..749a02c 100644
|
||||
--- ./cgi/summary.c
|
||||
+++ ./cgi/summary.c
|
||||
@@ -725,7 +725,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./cgi/trends.c ./cgi/trends.c
|
||||
index b35c18e..895db01 100644
|
||||
--- ./cgi/trends.c
|
||||
+++ ./cgi/trends.c
|
||||
@@ -1263,7 +1263,6 @@ int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
|
||||
diff --git ./contrib/daemonchk.c ./contrib/daemonchk.c
|
||||
index 78716e5..9bb6c4b 100644
|
||||
--- ./contrib/daemonchk.c
|
||||
+++ ./contrib/daemonchk.c
|
||||
@@ -174,7 +174,6 @@ static int process_cgivars(void) {
|
||||
|
||||
/* do some basic length checking on the variable identifier to prevent buffer overflows */
|
||||
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
|
||||
- x++;
|
||||
continue;
|
||||
}
|
||||
}
|
@ -1,10 +1,10 @@
|
||||
--- ./html/main.php.orig 2013-11-25 14:16:25.000000000 +0000
|
||||
+++ ./html/main.php 2014-01-24 22:40:43.000000000 +0000
|
||||
@@ -40,37 +40,10 @@
|
||||
--- ./html/main.php.orig 2014-02-28 17:50:25.000000000 +0100
|
||||
+++ ./html/main.php 2014-03-04 19:17:31.000000000 +0100
|
||||
@@ -40,38 +40,10 @@
|
||||
<div class="product">Nagios<sup><span style="font-size: small;">®</span></sup> Core<sup><span style="font-size: small;">™</span></sup></div>
|
||||
<div class="version">Version 4.0.2</div>
|
||||
<div class="releasedate">November 25, 2013</div>
|
||||
-<div class="checkforupdates"><a href="http://www.nagios.org/checkforupdates/?version=4.0.2&product=nagioscore" target="_blank">Check for updates</a></div>
|
||||
<div class="version">Version 4.0.3</div>
|
||||
<div class="releasedate">February 28, 2014</div>
|
||||
-<div class="checkforupdates"><a href="http://www.nagios.org/checkforupdates/?version=4.0.3&product=nagioscore" target="_blank">Check for updates</a></div>
|
||||
<!--<div class="whatsnew"><a href="http://go.nagios.com/nagioscore/whatsnew">Read what's new in Nagios Core 3</a></div>-->
|
||||
</div>
|
||||
|
||||
@ -35,6 +35,7 @@
|
||||
-</div>
|
||||
-
|
||||
-
|
||||
|
||||
-
|
||||
<div id="splashboxes">
|
||||
<div id='topsplashbox'>
|
||||
<div id="splashbox1" class="splashbox">
|
||||
|
Loading…
Reference in New Issue
Block a user