Back to xymon PTS page

Accepted xymon 4.3.28-5+deb10u1 (source amd64) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 23 Aug 2019 01:07:47 +0200
Source: xymon
Binary: xymon xymon-client xymon-client-dbgsym xymon-dbgsym
Architecture: source amd64
Version: 4.3.28-5+deb10u1
Distribution: buster
Urgency: high
Maintainer: Christoph Berg <myon@debian.org>
Changed-By: Axel Beckert <abe@debian.org>
Description:
 xymon      - monitoring system for systems, networks and applications
 xymon-client - client for the Xymon network monitor
Closes: 935470
Changes:
 xymon (4.3.28-5+deb10u1) buster; urgency=high
 .
   * Apply minimal upstream security patch to fix several (server-only)
     vulnerabilities reported upstream by Graham Rymer:
     + CVE-2019-13451: service overflows histlogfn in history.c.
     + CVE-2019-13452: service overflows histlogfn in reportlog.c.
     + CVE-2019-13273: srdb overflows dbfn in csvinfo.c.
     + CVE-2019-13274: reflected XSS in csvinfo.c.
     + CVE-2019-13455: htmlquoted(hostname) overflows msgline in
       acknowledge.c.
     + CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c.
     + CVE-2019-13485: hostname overflows selfurl in history.c.
     + CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in
       svcstatus.c.
     + Closes: #935470
   * Include hostname validation regression fixes from 4.3.30, too.
Checksums-Sha1:
 8543810dfffabb6e08416dbeb96983828e9af8b0 2094 xymon_4.3.28-5+deb10u1.dsc
 b951811488f2d5e6213a2e4579172821e7c7c2a9 51668 xymon_4.3.28-5+deb10u1.debian.tar.xz
 e424f6fcd1b89395607423425d21b8f9f79df4a1 1077748 xymon-client-dbgsym_4.3.28-5+deb10u1_amd64.deb
 8a601abf2d0a7ee1dc640bf22b5fea0c313f9c97 294304 xymon-client_4.3.28-5+deb10u1_amd64.deb
 5ca858a3acc10abed3fe857109d2224aec0e391d 10322644 xymon-dbgsym_4.3.28-5+deb10u1_amd64.deb
 a160429763263e1cacb6c8d29a87faa0b3621767 8604 xymon_4.3.28-5+deb10u1_amd64.buildinfo
 0b58370b266e1b8067d85b375d8861f502509004 2450496 xymon_4.3.28-5+deb10u1_amd64.deb
Checksums-Sha256:
 769e6bd65a85b1bf9c6499d72f58126fb2f0232776e71f4192d6788f95b09977 2094 xymon_4.3.28-5+deb10u1.dsc
 2b90d2558f76ffaf053625e2d3c2276f89a257464d8e79a8b3e053d276c413cf 51668 xymon_4.3.28-5+deb10u1.debian.tar.xz
 49b16cafa5e250c76bcf328cae3dff6be3491e88e549eeb4e8a287c77b132fc4 1077748 xymon-client-dbgsym_4.3.28-5+deb10u1_amd64.deb
 764c1579758f8129bc0b439871cd37601b49af753440339d26afc284f5f17bca 294304 xymon-client_4.3.28-5+deb10u1_amd64.deb
 63cc59f6563a64b7ca619d883ded5a97ce786f2139f7f704e5b9db6378a47942 10322644 xymon-dbgsym_4.3.28-5+deb10u1_amd64.deb
 6a5c08c17fb8b9af0641168dcf2c6875aa2373a6cf0d67c08c4564fd79d6d7e4 8604 xymon_4.3.28-5+deb10u1_amd64.buildinfo
 b10c6272ec0e386199b38a32a6df0e9228ebf4bbd78df8e796fa2b02bba3dcdb 2450496 xymon_4.3.28-5+deb10u1_amd64.deb
Files:
 cf6ae330a88d1f210ffcae7b01624b3b 2094 net optional xymon_4.3.28-5+deb10u1.dsc
 2c87622347c552ad8cbab1e5e4f6a51c 51668 net optional xymon_4.3.28-5+deb10u1.debian.tar.xz
 82b4879ebd6331e8a8d11f60534dfc69 1077748 debug optional xymon-client-dbgsym_4.3.28-5+deb10u1_amd64.deb
 9d75f65a8084b972321c5c5de081d826 294304 net optional xymon-client_4.3.28-5+deb10u1_amd64.deb
 36ab93ddd48985c06710463be47f19b1 10322644 debug optional xymon-dbgsym_4.3.28-5+deb10u1_amd64.deb
 84cdb60790c96e24445eb4da67e9cb9b 8604 net optional xymon_4.3.28-5+deb10u1_amd64.buildinfo
 b26a7d727678c4928495c2dab8f4d0c8 2450496 net optional xymon_4.3.28-5+deb10u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERoyJeTtCmBnp12Ema+Zjx1o1yXUFAl1ghj4ACgkQa+Zjx1o1
yXXPxQ/8CKlcaa9ye3k9Nh/sJmEobENt2S0C1g5eLeof+gS59/0hB+zFx+U2iF3+
E+PdLTJrU5aqPxipVILTyrgT6wqquIbdZqtJv27YVKLEtuqN3Pc8/R5mLgJw17rT
9DpALMFzK1CJ4sCnpFZDhUh+Pi8IWbbCfiZ7qRC60mf1lPOy/wvoBApxA3gLJtWc
Z3wq1o/7cFWTsjU6qGX7tWAN2rux/jcFUTBSi7dR3ycHpdbMePcHCNDdrEL6vIjf
5t7vdztz9vKlZO3CzrzjD8q2OUcRc6dxJgaXDMk735ibtdS6UrP7VkeQkztgqHJs
De/U/D1Oq4xkdBK3YszwBWNBOArf1FvQfVi+GD9VN2nbqr0GnC7Ai2oQYalh+cSG
Z4GOv3T3aFwgxTeXSrrixvEgMCnO+dXDRPcDkW4hUzxk1pg2F3lfiVMn13DDlyRW
pw8EpRIa/HOxS48wsos/qudv/9411/gC7ogWqs6gSwi6OZL3oI+gcp0dAhjEgy9e
QmP7OKh383hLLv1JAFJ3efuxvMZLd3pTx6hdQRLzKhBHbLF1md0VIVRIK0xi2yk4
G8pfBf0ZD5EJ5eSEBxRE7nUKj6hRleVjOrNbP+1qyvME1w1T1NOEgOSO9EfERRzE
Ld2aTOJG6vEMuG0Aoy63Ni4W2gbNhn6SCeJIv2SSKJEYyiq5cfQ=
=2cl3
-----END PGP SIGNATURE-----