UbuntuUpdates.org

Package "munin"

Name: munin

Description:

network-wide graphing framework (grapher/gatherer)

Latest version: 2.0.25-2ubuntu0.16.04.4
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: http://munin-monitoring.org

Links


Download "munin"


Other versions of "munin" in Xenial

Repository Area Version
base universe 2.0.25-2
security universe 2.0.25-2ubuntu0.16.04.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.0.25-2ubuntu0.16.04.4 2020-12-10 13:06:21 UTC

  munin (2.0.25-2ubuntu0.16.04.4) xenial; urgency=medium

  * Add patch to avoid reporting speed below 0 for network devices
    (LP: #1673357).

 -- Lucas Kanashiro <email address hidden> Mon, 20 Jul 2020 10:04:10 -0300

Source diff to previous version
1673357 [SRU] Munin core plugin \

Version: 2.0.25-2ubuntu0.16.04.3 2017-03-03 16:06:51 UTC

  munin (2.0.25-2ubuntu0.16.04.3) xenial-security; urgency=medium

  * SECURITY REGRESSION: log spamming issue (LP: #1669764)
    - debian/patches/CVE-2017-6188-3.patch: use looks_like_number in
      master/_bin/munin-cgi-graph.in.

 -- Marc Deslauriers <email address hidden> Fri, 03 Mar 2017 07:19:15 -0500

Source diff to previous version
1669764 security update spams log file
CVE-2017-6188 Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting

Version: 2.0.25-2ubuntu0.16.04.2 2017-03-02 17:07:46 UTC

  munin (2.0.25-2ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: local file write vulnerability
    - debian/patches/CVE-2017-6188.patch: avoid expansion in list context
      in master/_bin/munin-cgi-graph.in.
    - debian/patches/CVE-2017-6188-2.patch: handle empty strings in
      master/_bin/munin-cgi-graph.in.
    - CVE-2017-6188

 -- Marc Deslauriers <email address hidden> Thu, 02 Mar 2017 07:15:21 -0500

CVE-2017-6188 Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting



About   -   Send Feedback to @ubuntu_updates