Debian
xymon package

xymon 4.3.28-5+deb10u1 source package in Debian

Changelog

xymon (4.3.28-5+deb10u1) buster; urgency=high

  * Apply minimal upstream security patch to fix several (server-only)
    vulnerabilities reported upstream by Graham Rymer:
    + CVE-2019-13451: service overflows histlogfn in history.c.
    + CVE-2019-13452: service overflows histlogfn in reportlog.c.
    + CVE-2019-13273: srdb overflows dbfn in csvinfo.c.
    + CVE-2019-13274: reflected XSS in csvinfo.c.
    + CVE-2019-13455: htmlquoted(hostname) overflows msgline in
      acknowledge.c.
    + CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c.
    + CVE-2019-13485: hostname overflows selfurl in history.c.
    + CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in
      svcstatus.c.
    + Closes: #935470
  * Include hostname validation regression fixes from 4.3.30, too.

 -- Axel Beckert <email address hidden>  Fri, 23 Aug 2019 01:07:47 +0200

Upload details

Uploaded by:
Christoph Berg
Uploaded to:
Buster
Original maintainer:
Christoph Berg
Architectures:
any
Section:
net
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Buster release main net

Builds

Downloads

File Size SHA-256 Checksum
xymon_4.3.28-5+deb10u1.dsc 2.0 KiB 769e6bd65a85b1bf9c6499d72f58126fb2f0232776e71f4192d6788f95b09977
xymon_4.3.28.orig.tar.gz 3.8 MiB 68cb33eb48d1bb212a1bbafd9fdea8c682ae1b69077cd5fb03676e0af39cbf80
xymon_4.3.28-5+deb10u1.debian.tar.xz 50.5 KiB 2b90d2558f76ffaf053625e2d3c2276f89a257464d8e79a8b3e053d276c413cf

No changes file available.

Binary packages built by this source