Change logs for xymon source package in Focal
-
xymon (4.3.30-1) unstable; urgency=medium [ Axel Beckert ] * Retroactively add bug report number to previous changelog entry. * Import new upstream bugfix release 4.3.30. + Drop 63_netstat-ant-vs-ipv6-address-truncating.patch, fixed upstream. [ Andreas Henriksson ] * Add patch to fix reproducible build on merged-usr vs non-merged systems. (Closes: #915957) -- Axel Beckert <email address hidden> Sun, 08 Sep 2019 19:57:38 +0200
-
xymon (4.3.29-1) unstable; urgency=high * Import new upstream release. + Fixes multiple security vulnerabilities: - CVE-2019-13451: service overflows histlogfn in history.c. - CVE-2019-13452: service overflows histlogfn in reportlog.c. - CVE-2019-13273: srdb overflows dbfn in csvinfo.c. - CVE-2019-13274: reflected XSS in csvinfo.c. - CVE-2019-13455: htmlquoted(hostname) overflows msgline in acknowledge.c. - CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c. - CVE-2019-13485: hostname overflows selfurl in history.c. - CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in svcstatus.c. + Drop patches applied upstream: - 00_htmlcontenttype.patch - 39_kfreebsd-makefile.patch - 66_apache2.4.patch - 84_fix_compilation_on_GNU_Hurd.patch - 90_fix-spelling-errors.patch + Refresh update patches where necessary: - 24_hobbitclient-tmpfs.patch - 51_hardening-buildflags.patch - 87_fix_logfetch_FTBFS_with_glibc_2.26.patch + Add new build-dependency libtirpc-dev. * Declare compliance with Debian Policy 4.4.0. (No changes needed.) * Bump debhelper compatibility level to 12. + Replace debian/compat with a versioned b-d on debhelper-compat. -- Axel Beckert <email address hidden> Wed, 24 Jul 2019 01:18:17 +0200