> On Thu, Nov 6, 2008 at 6:45 AM, Andreas Ericsson wrote:
>
>> Hope that clears things up a bit.
>
> Thanks for the rather thorough layman's explanation of this. Is there
> an estimate for when these fixes will be rolled into the stable tree
> for nagios?
>
In-form session token support was completed about five minutes ago. I'm
doing some basic testing right now and will push this to my git repo at
git://git.op5.org (as 'csrf' branch). It's done as a single patch right
now, mainly because I didn't think it would be worth it to split it into
different parts for the sha1 code, the session library and the changes
to cmd.c (about 10 lines), but also because I've really stressed this
one.
I'm hoping Ethan will have picked it up by tomorrow. I'll send an
announce and put up a nagios-3.0.5p1 or something for download unless
Ethan's done with that by the time I leave the office tomorrow (around
17:00 GMT+1). Note that it won't be official until Ethan hits the big
release-bell and puts it up at nagios.org, but with some decent testing
beforehand, I'm sure he'll be a lot more trigger-happy
Also note that the part of the issue that was a lot easier to fix than
this one is already in 3.0.5, just like Hendrik said.
--
Andreas Ericsson [email protected]
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]