Nagios Support Forum

The below link refers to a security vulnerability for 4.2.4 and below.
Can you advise when an update will be provided or in the meantime if there is a work-around I can implement?

https://web.nvd.nist.gov/view/vuln/deta ... 2016-10089

Thanks.... Fred

fixed in XI 5.4. Is that all you needed to know?

Thanks - couldn't see a refernce to that in the Change Log.
I need to report backto the Security Team - Which release of 5.4 was the fix implemented?

Fix was in 5.4

Change log entry mentions a meta fix:

- Upgraded Nagios Core to version 4.2.4 -JO

Nagios Core changelog at https://github.com/NagiosEnterprises/na ... /Changelog

Please let us know if you need any more details.

Yes I saw that entry in the change log, however the vulnerability advisory refers to to Core 4.2.4 and below.
There is no subsequent entry in the change log that states that this vulnerability has been addressed.
Sorry for the hassle.... I just need some documented proof that CVE-2016-10089 has been fixed.

Thank you for perseverance. We got so many questions about the things fixed in 4.2.4 that I just assumed this was one of those.

It does not appear this one has been fixed in the new releases of Core. I brought this to the attention of the Core developer. I know there is a [email protected] email address for reporting, but I am not sure if there is a way for me to view what has been reported.

Thanks - can you keep this open and update it please when you get confirmation that it has been fixed?

For sure. I just checked the maintenance branch on github and no changes yet.

Was this vulnerablity addressed in the latest release of NagiosXI ?

Looks like there is no fix yet in the maint branch: https://github.com/NagiosEnterprises/na ... /Changelog

Occasionally there are fixes in XI that aren't in Core, but it does not look like this is one of them: https://assets.nagios.com/downloads/nag ... NGES-5.TXT

I filed a github issue so it doesn't slip through the cracks: https://github.com/NagiosEnterprises/na ... issues/353