Summary: | net-analyzer/check_mk: GUI crash report reveals sensitive user information to remote attackers | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Aleksandr Wagner (Kivak) <alwag> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | axs, jstein, mgorny |
Priority: | Low | Keywords: | PMASKED |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://mathias-kettner.de/check_mk_werks.php?werk_id=5208&HTML=yes | ||
Whiteboard: | ~4 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Aleksandr Wagner (Kivak)
2017-10-01 20:01:18 UTC
net-analyzer/check_mk is now maintainer-needed. I should point out that this ebuild is now half-useless because we needed to force USE=agent-only after removing mod_python. Let's last-rite it. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c413569dc8e1ccbcadc6d3dd94fbeb5fb2d5cb9 commit 0c413569dc8e1ccbcadc6d3dd94fbeb5fb2d5cb9 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2018-08-26 11:54:20 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-08-26 11:54:20 +0000 package.mask: Last rite net-analyzer/check_mk Bug: https://bugs.gentoo.org/632648 profiles/package.mask | 7 +++++++ 1 file changed, 7 insertions(+) (CC-ing maintainer of net-analyzer/check_mk_agent just in case the other package was affected as well) Thanks! check_mk_agent isn't affected by this. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a69dd861c8eceb208df573afaa97e9312bdf41b7 commit a69dd861c8eceb208df573afaa97e9312bdf41b7 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2018-09-29 10:06:27 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-09-29 10:08:45 +0000 net-analyzer/check_mk: Remove last-rited pkg Bug: https://bugs.gentoo.org/632648 Closes: https://bugs.gentoo.org/652634 Signed-off-by: Michał Górny <mgorny@gentoo.org> net-analyzer/check_mk/Manifest | 2 - net-analyzer/check_mk/check_mk-1.2.4_p5-r1.ebuild | 323 ------------------- net-analyzer/check_mk/check_mk-1.2.8_p16.ebuild | 351 --------------------- .../check_mk/files/check_mk-1.2.4p5-setup.sh.patch | 39 --- .../files/check_mk-1.2.8p16-setup.sh.patch | 35 -- net-analyzer/check_mk/metadata.xml | 29 -- profiles/base/package.use.force | 5 - profiles/base/package.use.mask | 6 - profiles/package.mask | 7 - 9 files changed, 797 deletions(-) unCC-ing treecleaners Closing NoGLSA |