drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Munin
Name: |
Zwei Probleme in Munin |
|
ID: |
FEDORA-2013-22993 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 18 |
|
Datum: |
Di, 17. Dezember 2013, 07:48 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6359 |
|
Applikationen: |
Munin |
|
Originalnachricht |
Name : munin Product : Fedora 18 Version : 2.0.19 Release : 1.fc18 URL : http://munin-monitoring.org/ Summary : Network-wide graphing framework (grapher/gatherer) Description : Munin is a highly flexible and powerful solution used to create graphs of virtually everything imaginable throughout your network, while still maintaining a rattling ease of installation and configuration.
This package contains the grapher/gatherer. You will only need one instance of it in your network. It will periodically poll all the nodes in your network it's aware of for data, which it in turn will use to create graphs and HTML pages, suitable for viewing with your graphical web browser of choice.
Munin is written in Perl, and relies heavily on Tobi Oetiker's excellent RRDtool.
Creaete a munin web user after installing: htpasswd -bc /etc/munin/munin-htpasswd MUNIN_WEB_USER PASSWORD
------------------------------------------------------------------------------- - Update Information:
Upstream update to 2.0.19, fixes CVE-2013-6359 ------------------------------------------------------------------------------- - ChangeLog:
* Sun Dec 8 2013 drjohnson1@gmail.com - 2.0.19-1 - Upstream to 2.0.19 * Sun Dec 8 2013 drjohnson1@gmail.com - 2.0.18-2 - Modifying hostname require for f21 * Sat Dec 7 2013 drjohnson1@gmail.com - 2.0.18-1 - BZ# 1037890,1037889,1037888: CVE-2013-6359 * Tue Sep 24 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.17-6 - Move Net::IP plugins to a subpackage for dep handling * Fri Aug 16 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.17-5 - BZ# 993985: munin possibly affected by F-20 unversioned docdir change * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Aug 1 2013 Petr Pisar <ppisar@redhat.com> - 2.0.17-3 - Perl 5.18 rebuild * Sat Jul 27 2013 Jóhann B. Guðmundsson <johannbg@fedoraproject.org> - 2.0.17-2 - BZ# 989080 Add a missing requirement on crontabs to spec file * Sat Jul 20 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.17-1 - Upstream release 2.0.17 * Tue Jun 4 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.16-1 - Upstream released 2.0.16 * Sat Jun 1 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.15-1 - Upstream released 2.0.15 * Wed May 22 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.14-2 - Corrected bugid 905241 references * Sat May 11 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.14-1 - Upstream released 2.0.14 * Fri Apr 26 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.13-1 - Upstream released 2.0.13 * Thu Apr 4 2013 Viljo Viitanen <viljo.viitanen@iki.fi> - 2.0.12-4 - BZ #905241 add nginx cgi package, removed unnecessary services from apache cgi package * Mon Apr 1 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.12-3 - Add fw_ default config * Sun Mar 24 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.12-2 - BZ# 917002 minor edits for asyncd * Fri Mar 22 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.12-1 - Upstream release 2.0.12 * Sat Mar 9 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11.1-3 - Update systemd scriptlets * Fri Feb 22 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11.1-2 - BZ# 913111 Removed R:webserver because it pulls boa .. and no clean way to prefer apache. - BZ# 917002 munin-asyncd should wait for munin-node * Sat Feb 9 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11.1-1 - Upstream version 2.0.11.1 * Thu Feb 7 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11-4 - BZ# 908711 munin-async: wrong path in init script * Wed Feb 6 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11-3 - Split out tomcat plugin to remove ruby dep from node. * Mon Feb 4 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11-2 - BZ# 907369 revert HTMLOld.pm patch * Sun Feb 3 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.11-1 - Upstream release 2.0.11 * Mon Jan 21 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.10-2 - BZ# 896644 Wrong path to munin jar in jmx plugin * Wed Jan 9 2013 D. Johnson <fenris02@fedoraproject.org> - 2.0.10-1 - Update to 2.0.10 - BZ# 891940,892377 Only stop/restart services provided by sub-package, not deps. - BZ# 881689 Fix config file so that it no longer references the build host - BZ# 877116 Patch using '&' in the URLs instead of '&' in HTMLConfig * Fri Dec 21 2012 D. Johnson <fenris02@fedoraproject.org> - 2.0.9-4 - Use Makefile.config-dist instead of sed. - BZ# 890246,890247 "su" directive is not used in epel5/6 logrotate * Sun Dec 9 2012 D. Johnson <fenris02@fedoraproject.org> - 2.0.9-3 - Add documentation links for async - BZ# 885422 Move munin-node logs to /var/log/munin-node/ - BZ# 877166 Convert '&' to '&' in HTMLConfig.pm for validation * Thu Dec 6 2012 D. Johnson <fenris02@fedoraproject.org> - 2.0.9-2 - Require: LWP::UserAgent for plugins - BZ# 861816 Add simplified files for switching to FCGI - BZ# 880505 Change logrotate files to include su directive * Thu Dec 6 2012 D. Johnson <fenris02@fedoraproject.org> - 2.0.9-1 - Update to 2.0.9 * Fri Nov 30 2012 D. Johnson <fenris02@fedoraproject.org> - 2.0.8-3 - BZ# 880505 munin logrotate permissions fix. * Tue Nov 13 2012 D. Johnson <fenris02@fedoraproject.org> - 2.0.8-2 - Added cgitmp patch c/o Diego Elio Pettenò <flameeyes@flameeyes.eu> - BZ# 861816 Add sample files for switching to FCGI ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1037888 - CVE-2013-6048 CVE-2013-6359 munin: two denial of service flaws fixed in 2.0.18 https://bugzilla.redhat.com/show_bug.cgi?id=1037888 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update munin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|