Remote execution exploit fix

.gitignore

@@ -26,8 +26,9 @@ startup/default-service
 startup/default-socket
 startup/default-socket-svc
 startup/default-xinetd
-startup/mac-org.nagios.PKG_NAME.plist
+startup/mac-org.plist
 startup/newbsd-init
+startup/openbsd-init
 startup/openrc-conf
 startup/openrc-init
 startup/rh-upstart-init
@@ -35,3 +36,4 @@ startup/solaris-inetd.xml
 startup/solaris-init.xml
 startup/tmpfile.conf
 startup/upstart-init
+

src/nrpe.c

@@ -62,7 +62,7 @@ int       use_ssl = FALSE;
 
 #define DEFAULT_COMMAND_TIMEOUT			60	/* default timeout for execution of plugins */
 #define MAXFD							64
-#define NASTY_METACHARS					"|`&><'\\[]{};"
+#define NASTY_METACHARS					"|`&><'\\[]{};\r\n"
 #define MAX_LISTEN_SOCKS				16
 #define DEFAULT_LISTEN_QUEUE_SIZE		5
 #define DEFAULT_SSL_SHUTDOWN_TIMEOUT	15