Package "munin-java-plugins"
Name: |
munin-java-plugins
|
Description: |
network-wide graphing framework (java plugins for node)
|
Latest version: |
1.4.6-3ubuntu3.4 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
munin |
Homepage: |
http://munin-monitoring.org |
Links
Download "munin-java-plugins"
Other versions of "munin-java-plugins" in Precise
Changelog
munin (1.4.6-3ubuntu3.4) precise-security; urgency=low
* SECURITY UPDATE: multiple denial of service issues
- debian/patches/CVE-2013-6xxx.patch: backport fixes from upstream to
master/lib/Munin/Master/{HTMLOld,Node}.pm.
- CVE-2013-6048
- CVE-2013-6359
-- Marc Deslauriers <email address hidden> Wed, 18 Dec 2013 09:43:31 -0500
|
Source diff to previous version |
CVE-2013-6048 |
The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin ... |
CVE-2013-6359 |
Munin::Master::Node in Munin before 2.0.18 allows remote attackers to ... |
|
munin (1.4.6-3ubuntu3.3) precise-security; urgency=low
* SECURITY UPDATE: symlink vulnerability in qmailscan plugin
- debian/patches/CVE-2012-2103.patch: remove the use of tempfiles in
plugins/node.d/qmailscan.in.
- CVE-2012-2103
* SECURITY UPDATE: privilege escalation via root running plugins
- debian/patches/CVE-2012-3512.patch: run each plugin in their own
state directory in Makefile, Makefile.config,
node/lib/Munin/Node/{OS,Service}.pm, plugins/lib/Munin/Plugin.pm,
plugins/node.d/*.in,plugins/node.d.linux/*.in.
- debian/patches/CVE-2012-3512-regression.patch: Don't rely on
MUNIN_PLUGSTATE being in the environment as these scripts also get
run by a cron job in plugins/node.d.linux/apt_all.in,
plugins/node.d.linux/apt.in.
- CVE-2012-3512
* debian/Makefile.config: added new plugin state directory location.
* debian/munin-node.{postinst,postrm}: Remove old plugin state directory
override, also remove new plugin state directory.
-- Marc Deslauriers <email address hidden> Wed, 17 Oct 2012 08:26:39 -0400
|
Source diff to previous version |
CVE-2012-2103 |
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. |
CVE-2012-3512 |
local privilege escalation munin to root |
|
munin (1.4.6-3ubuntu3.1) precise-proposed; urgency=low
* debian/patches/upstream_changeset_4597.patch
- Fix incorrect graph configuration in munin plugin
exim_mailqueue but switching AREA and STACK sections.
Cherry picked patch from upstream VCS (LP: #598385).
* debian/patches/upstream_changeset_4358.patch
- Fix broken memory usage data collection in memory plugin by
silencing Perl 5.14 warnings.
Cherry picked patch from upstream VCS (LP: #1000678).
-- Vibhav Pant <email address hidden> Mon, 21 May 2012 17:09:20 +0100
|
598385 |
[SRU] munin plugin exim_mailqueue has incorrect gra... |
1000678 |
[SRU] munin-memory plugin doesn't work on 64-bit 1... |
|
About
-
Send Feedback to @ubuntu_updates