Package: icinga / 1.13.4-2
Metadata
Package | Version | Patches format |
---|---|---|
icinga | 1.13.4-2 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
50_cgi.cfg debianize.patch | (download) |
sample-config/cgi.cfg.in |
15 15 + 0 - 0 ! |
debianize cgi.cfg. |
51_commands.cfg debianize.patch | (download) |
sample-config/template-object/commands.cfg.in |
195 0 + 195 - 0 ! |
debianize commands.cfg. |
52_icinga.cfg debianize.patch | (download) |
sample-config/icinga.cfg.in |
72 27 + 45 - 0 ! |
debianize icinga.cfg. |
70_fix_eventhandler_paths.patch | (download) |
contrib/eventhandlers/distributed-monitoring/obsessive_svc_handler |
2 1 + 1 - 0 ! |
fix eventhandler paths. |
95_fix_db_upgrade.patch | (download) |
module/idoutils/db/pgsql/upgrade/pgsql-upgrade-1.3.0.sql |
18 0 + 18 - 0 ! |
fix db upgrade. |
96_jquery_compat.patch | (download) |
html/js/menu.js |
13 8 + 5 - 0 ! |
fix jquery compatibility. Bug#831332 icinga-cgi-bin: fix menu hiding (jquery 1.11 incompatibility) . icinga-cgi-bin in Debian Sid, Ubuntu Yakkety (and Ubuntu Xenial) is affected by an upstream bug where the left-hand menu in the Classic icinga web interface disappears immediately after the page finishes loading. Upstream has provided a fix and in my testing this resolves the issue (which is due to current code incompatibilty with jQuery versions in Debian and Ubuntu). |
99_CVE 2015 8010.patch | (download) |
cgi/avail.c |
325 134 + 191 - 0 ! |
fix xxs vulnerability in pagination and export links. Sorry guys. Due to my bad programming skills I introduced a XSS vulnerability in Classic-UI with the CSV export link and pagination feature. The functions parsed QUERY_STRING from the environment without properly sanitizing it. . The getcgivars() function got a bit reworked. Once the QUERY_STRING is read and parsed the content survives the whole lifetime of the cgi execution and gets free<80><99>d at the end. This way we can always build urls from valid parsed cgi params. . I wonder why I haven't done this earlier. . Also the url param parsing in every cgi was updated and hopefully everything works as bevor. |
spelling errors.patch | (download) |
Changelog |
2 1 + 1 - 0 ! |
fix spelling errors. * Agressive -> Aggressive * deamon -> daemon * occuring -> occurring * trucating -> truncating * preceeding -> preceding * occured -> occurred * occure -> occur * Unkown -> Unknown |
53_jquery ui.patch | (download) |
cgi/cgiutils.c |
7 5 + 2 - 0 ! |
fixing jquery ui paths for the debian installation |
pgsql upgrade 1.13.0.patch | (download) |
module/idoutils/db/pgsql/upgrade/pgsql-upgrade-1.13.0.sql |
7 5 + 2 - 0 ! |
fix database upgrade to 1.13.0. error encountered processing /usr/share/dbconfig-common/data/icinga-idoutils/upgrade/pgsql/1.13.0: ERROR: constraint "uq_servicedependencies" of relation "icinga_servicedependencies" does not exist |