icinga (1.7.1-7) stable-security; urgency=high * Fix multiple stack-based buffer overflows in cgiutils.c and config.c. This is a fix for CVE-2013-7106 * Fix CSRF vulnerability in cmd.cgi. This is a fix for CVE-2013-7107 * Fix multiple off-by-one errors in process_cgivars(). This is a fix for CVE-2013-7108 * Fix stack bases overflow in cmd_submitf() from cmd.c. This is a fix for CVE-2014-1878 * Fix buffer overflows when checking strlen against MAX_INPUT_BUFFER in cgiutils.c. This is a fix for CVE-2014-2386 Thanks to Moritz Muehlenhoff for providing those patches. -- Alexander Wirt Wed, 11 Jun 2014 10:44:57 +0200 icinga (1.7.1-6) unstable; urgency=medium * Don't destroy symlinked icinga configs with sed (Closes: #698137) -- Alexander Wirt Mon, 11 Feb 2013 22:03:15 +0100 icinga (1.7.1-5) unstable; urgency=high * Apply fix for CVE-2012-6096 - buffer overflows in cgis (Closes: #697931) -- Alexander Wirt Mon, 14 Jan 2013 06:14:38 +0100 icinga (1.7.1-4) unstable; urgency=low * Remove unneeded build-dep on iputils-ping (Closes: #687825) -- Alexander Wirt Mon, 01 Oct 2012 08:14:08 +0200 icinga (1.7.1-3) unstable; urgency=low * Fix generation of duplicated events. Patch cherrypicked from 1.7.2 (Closes: #686036) -- Alexander Wirt Sun, 09 Sep 2012 14:50:53 +0200 icinga (1.7.1-2) unstable; urgency=low [ Alexander Wirt ] * [6dee566] Start after postgresql or mysql [ Christian Perrier ] * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. Closes: #674024 * [Debconf translation updates] * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. Closes: #674024 * [Debconf translation updates] * Czech (Martin Sin). Closes: #677033 * Swedish (Martin Bagge / brother). Closes: #677064 * Russian (Yuri Kozlov). Closes: #677178 * Slovak (Slavko). Closes: #677240 * Portuguese (Américo Monteiro). Closes: #677316 * Dutch; (Jeroen Schot). Closes: #677357 * Danish (Joe Hansen). Closes: #677808 * Italian (Luca Monducci). Closes: #677841 * German (Holger Wansing). Closes: #677914 * French (Steve Petruzzello). Closes: #677952 * Galician (). Closes: #678913 * Spanish; (Omar Campagne). Closes: #678944 -- Alexander Wirt Fri, 29 Jun 2012 23:02:35 +0200 icinga (1.7.1-1) unstable; urgency=low * [b64d290] Imported Upstream version 1.7.1 * [bcba7da] 80_fix_typos_in_eventhandlers is now upstream * [abd8b59] icinga 1.7.0 should work with Postgresql >= 9.0 * [29506e2] Add a patch for better handling of mysql and pgsql default in ido2b * [29d6787] Check if ucf really exists during purge (Closes: #677064) -- Alexander Wirt Thu, 21 Jun 2012 00:09:52 +0200 icinga (1.7.0-4) unstable; urgency=low * [704a3bc] Quote version for dpkg-compare * [6e25045] Add patch to fix typo in handle-master-proc-event script (Closes: #676586) -- Alexander Wirt Sat, 09 Jun 2012 08:37:42 +0200 icinga (1.7.0-3) unstable; urgency=low * [7c55fce] Install plpgsql as early as possible into postgres (Closes: #675536) -- Alexander Wirt Sat, 02 Jun 2012 09:06:09 +0200 icinga (1.7.0-2) unstable; urgency=medium * [57cc621] Fix example path for idoutils broker * [c27a750] Depend on dpkg >= 1.16.1 for s-s-d --status (Closes: #675041) * [24e3fc9] Move old retention.dat to new locatation (Closes: #675046) * [f365185] make icinga-core.postinst a little bit nicer and more verbose * [e5fd639] Improve retention.dat move * [4b2e286] Don't overwrite existing files during retention.dat move * [d3ba784] Fix status.dat location for cgi (Closes: #671908) * [37d3c92] Remove trailing / in configure (Closes: #675043) * [c57ac90] Fix filenames for dbconfig-common sql files (Closes: #675277) -- Alexander Wirt Fri, 01 Jun 2012 10:12:50 +0200 icinga (1.7.0-1) unstable; urgency=low * [8ae8e90] Imported Upstream version 1.7.0~beta1 * [e20c16d] 80_fix_tac_json is now upstream * [ab9a6aa] Update rules file for 1.7 * [e17e241] Add NEWS file for idoutils broker move * [2f26c8d] Update icinga.cfg patch * [2ebdf35] Update idoutils docs * [5e02b2e] Fix tempfile path * [22b4070] Fix status.dat location * [a938089] Remove not used conf.d from icinga.cfg * [64b812c] Fix ido2db socket path * [c3664d6] Imported Upstream version 1.7.0 * [9364846] Bump standards version * [7d6f5f4] Cleanup config.log -- Alexander Wirt Tue, 15 May 2012 23:38:27 +0200 icinga (1.6.1-3) unstable; urgency=medium [ Daniel Baumann ] * [548ece5] Adding debconf handling for icinga check_external_commands option (Closes: #592738). [ Alexander Wirt ] * [d3c349e] Add alternative for libdbi-dev * [2d0c4bb] Fix broker location in ido example config and enhance README * [4416c9c] Always display debconf note for external command * [9dec07f] Build-depend on libpng-dev (Closes: #662374) * [dfacf10] Add buildalternative for libpng * [c4a5675] Update translationfiles * [181d023] Enable hardening buildflags (Closes: #656866) * [6ec83b0] Fix json output of tac.cgi (Closes: #663224) * [3fc1a26] Fix endlessloop in idoutils during installation (Closes: #652647) * [6ff2be5] Fix postgres escaping with postgres 9.1 (Closes: #659675) * [4c7bac5] Fix db upgrades with postgres (Closes: #663440) * [46dfeea] Add prepared dbc debug flag into idoutils.postinst * [495fe20] Install plpgsql for postgres < 9.0 (Closes: #659675) * [b6bba3b] Remove stale socket on daemon startup and start idoutils before icinga (Closes: #670201, #663678) * [309ba7a] Fix db upgrade for postgres (Closes: #641391) * [c1c3991] Add postgres admin functions for plperl (Closes: #659675) * [6230476] Update polish and dutch po translations (Closes: #659252, #670365) * [dfef271] don't install sample configs for idoutils (Closes: #661797) * [3263424] improve apache configuration. Thanks to Christoph Anton Mitterer for the patch (Closes: #659896) -- Alexander Wirt Fri, 04 May 2012 08:04:12 +0200 icinga (1.6.1-2) unstable; urgency=low * [56d53d9] fix template for ido2db_check_proc.cfg * [200d89f] Depend on libdbi-dev (Closes: #653277) * [69370bc] Add indonesian po translation. Thanks to Mahyuddin Susanto for the translation (Closes: #654159) -- Alexander Wirt Tue, 03 Jan 2012 16:51:45 +0100 icinga (1.6.1-1) unstable; urgency=low * [0e847f9] Add versioned dep for jquery * [cf78552] Imported Upstream version 1.6.1 -- Alexander Wirt Fri, 02 Dec 2011 15:58:11 +0100 icinga (1.6.0-1) unstable; urgency=low * [0c69c1a] Fix permissions and remove *.in in contrib files (Closes: #648735) * [a34927a] Refresh 51_commands.cfg-debianize.dpatch * [0808c54] Remove mootools * [0c2f21d] Add changelog * [0ac1d13] phpapi is now deprecated - removed * [1edf848] Cleanup javascript * [ec0f684] Imported Upstream version 1.6.0 - removes git metadata in upstream tarball (Closes: #613787) * [b48970b] Add slovak po translation. Thanks to Slavko for the translation (Closes: #641985) -- Alexander Wirt Wed, 30 Nov 2011 15:52:07 +0100 icinga (1.5.1-1) unstable; urgency=low * [932cd5e] Imported Upstream version 1.5.1 -- Alexander Wirt Sun, 11 Sep 2011 11:16:37 +0200 icinga (1.5.0-3) unstable; urgency=low * [37c76c6] Fix p1 location -- Alexander Wirt Mon, 05 Sep 2011 21:34:59 +0200 icinga (1.5.0-2) unstable; urgency=low Brown paper bag release. My refresh of icinga.cgi failed... * [dbd8173] Fix paths for moste important files * [dab43df] Re-nable embedded perl * [85aa90a] Re-enable environment macros -- Alexander Wirt Fri, 26 Aug 2011 21:50:17 +0200 icinga (1.5.0-1) unstable; urgency=low * [06735ad] Imported Upstream version 1.5.0 (Closes: #639271) * [63670cd] Update 51_commands.cfg-debianize.dpatch * [c721a5e] Refresh 52_icinga.cfg-debianize.dpatch * [13699c0] Remove 60_fix_p1.pl_patch_mini_epn (now handled in configure) * [818764e] Improve description (Closes: #628204) -- Alexander Wirt Fri, 26 Aug 2011 08:20:15 +0200 icinga (1.4.2-1) unstable; urgency=low * New upstream version 1.4.2 - Fix xss bugs (Closes: #629131) These issues are liste at mitre as: CVE-2011-2179 and CVE-2011-1523 -- Alexander Wirt Thu, 30 Jun 2011 10:03:39 +0200 icinga (1.4.1-1) unstable; urgency=low * Remove useless patch * Imported Upstream version 1.4.1 - Fixes CVE-2011-2179 - Fixes CVE-2011-1523 * Update 70_fix_eventhandler_paths.dpatch -- Alexander Wirt Wed, 08 Jun 2011 22:38:28 +0200 icinga (1.4.0-2) unstable; urgency=low * Install /etc/icinga/modules in -common * Remove useles patch * Imported Upstream version 1.4.1 -- Alexander Wirt Wed, 08 Jun 2011 22:07:53 +0200 icinga (1.4.0-1) unstable; urgency=low * New upstream version * Bump standards version (no changes) -- Alexander Wirt Sat, 14 May 2011 08:26:37 +0200 icinga (1.3.0-1) unstable; urgency=low * new upstream version -- Alexander Wirt Sun, 13 Feb 2011 08:04:21 +0100 icinga (1.2.1-2) unstable; urgency=low * Fix symlink to mootols -- Alexander Wirt Mon, 01 Nov 2010 11:02:00 +0100 icinga (1.2.1-1) unstable; urgency=low * New upstream release * Add apache vhost example (Closes: #599555) -- Alexander Wirt Mon, 25 Oct 2010 08:26:07 +0200 icinga (1.2-1) unstable; urgency=low * New upstream version - Remove 80_remove_daemoncheck_cgi (now upstream) * bump standards version (no changes) * Icinga Plugins does not exist * Fix typo in watch file * Add japanese debconf translation (Closes: #598368) Thanks Hideki Yamane -- Alexander Wirt Mon, 09 Aug 2010 18:23:06 +0200 icinga (1.0.2-1) unstable; urgency=low * New upstream version * Bump standards version (no changes needed) * Fix eventhandler paths * Remove 40_fix_spurious_dollar_signs_added_to_command_lines - now upstream -- Alexander Wirt Sat, 03 Jul 2010 12:28:08 +0200 icinga (1.0.1-4) unstable; urgency=low * Fix mini_epn p1 path * Backport several ido2db fixes from git * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. Closes: #579934 * [Debconf translation updates] * Spanish (Omar Campagne). Closes: #579656,#581823 * Czech (Martin Sin). Closes: #580471 * Basque (Iñaki Larrañaga Murgoitio). Closes: #580478 * Danish (Joe Hansen). Closes: #580571,#580572 * Brazilian Portuguese (Bruno Gurgel Gomes de Oliveira). Closes: #580656, #581562 * Russian (Yuri Kozlov). Closes: #580765 * Italian (Luca Monducci). Closes: #580768 * Vietnamese (Clytie Siddall). Closes: #581538 * Portuguese (Américo Monteiro). Closes: #582319 * German (Matthias Julius). Closes: #582348 * French (Steve Petruzzello). Closes: #582643 * Swedish (Martin Bagge). Closes: #582699 -- Alexander Wirt Tue, 13 Apr 2010 11:52:52 +0200 icinga (1.0.1-3) unstable; urgency=low * its nagios-plugins, not icinga-plugins * Use alternatives for mini_epn (Closes: #577493) * Don't depend on non-existing virtual facility $icinga (Closes: #577166) * Update french po translation (Closes: #577152) * Update russian po translation (Closes: #577170) * Update swedish po translation (Closes: #577553) * Update portuguese po translation (Closes: #577137) -- Alexander Wirt Thu, 08 Apr 2010 19:58:16 +0200 icinga (1.0.1-2) unstable; urgency=low * Fix maintainer address * Disable context sensitive help * Recommend php5-mysql | php5-pgsql for the phpapi package -- Alexander Wirt Wed, 07 Apr 2010 14:31:39 +0200 icinga (1.0.1-1) unstable; urgency=low * Initial packaging (Closes: #573880) -- Alexander Wirt Sat, 27 Mar 2010 09:59:41 +0100