-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 Apr 2019 19:03:02 +0200 Source: monit Binary: monit Architecture: source amd64 Version: 1:5.9-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Sergey B Kirpichev <skirpichev@gmail.com> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: monit - utility for monitoring and managing daemons or similar programs Changes: monit (1:5.9-1+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-11454 Zack Flack reported an XSS vulnerabilitty that could be prevented by HTML escaping the log file content when viewed via Monit GUI. * CVE-2019-11455 Zack Flack reported a buffer overrun vulnerability in URL decoding. Checksums-Sha1: db6187b1bec34597008d57babfc03bf502d070e1 2124 monit_5.9-1+deb8u2.dsc f5fd22e865670ee4e538b2cc040ced880ba52a4f 1161683 monit_5.9.orig.tar.gz e53c7771528f13353798e9ee2ee237058fd1a340 57124 monit_5.9-1+deb8u2.debian.tar.xz 4369b670f2fc9d8237d1f5e7a1b50cb16fe8e2ec 243374 monit_5.9-1+deb8u2_amd64.deb Checksums-Sha256: 82b32942194b63f1df4279bf1e10c99271269b7fc471eaec4c43e8ef8f1a781b 2124 monit_5.9-1+deb8u2.dsc 274044485170b7498de29e7876cd86488378f50d69df4303a14930ba1f5e4a11 1161683 monit_5.9.orig.tar.gz 20911e564695040a7cee1fd027c6b66c4e7a36cb4087e521fbdd65a81268076b 57124 monit_5.9-1+deb8u2.debian.tar.xz 8489ea10364632542a4ba1986217c477818f728a2beda9d8f55361c8e085cd57 243374 monit_5.9-1+deb8u2_amd64.deb Files: 5fde427fb6e66648d5f4951340ec09d1 2124 admin optional monit_5.9-1+deb8u2.dsc 808473ebbacda0c5085d7399e507bfda 1161683 admin optional monit_5.9.orig.tar.gz f5c0b4259eb8cf67ad062a80f19c749e 57124 admin optional monit_5.9-1+deb8u2.debian.tar.xz 66411c14409cce9e8a821a69daab6701 243374 admin optional monit_5.9-1+deb8u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlzDQblfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR0LOD/9nxiVQoiiz8MajGV37XwGBOA/JPsIa uL3HBsG0IEZy8I4bbwXlWSr2XCQarQzfcBKzyacSZ7QNT7Lw3U62F12ocFpLy0xt KNf/zdiVPN0GO9orHpgrUFoQhFgislCNLvnIUzDTlUngZbvKx5p4xA92rZIC7xpE BKKe+pYM0ReWT887smxcUpYWh79amevRfEHyDmtRWXeyplmUhzcmgSpvx9vLFR7H m+8/5EGInZktWbHBM0c16L6aKT3gDNPQftmdpBXfDEhFKYhzPSjYLH+HCVJamS5P KQLTK73f8SGhtzoB5slbcNrS5nQ/eZ3v0VGcekCi/EBIIgY3FdPbuExx8+Wxk1Ha og+XqtWDljnmbZqhTJsGjEy6QLLzYNwQKeclGVnijTFuSK5VBSp6dtnMrp7kh8rU MJKmU1/gofhMLMic80lV8modIaj+LKDUIqlH3bts8V4UWiyZGowrgcBUff1CBBo3 jmKn6/aKnw/IIfMyC1w7gFBgtsOJ+Qi7LegULDYBN1z8M1Mq21a+Xlwl07WQzytH S3CHwh7Ql65ZFUrNj9SLq8tIHeo1hNvopj9kq0peuZZ8Olsw1/0lcz2V1lkhMeCU aiku/pWT8Hwi5BcZ9wrqKchN5KtGW3Rya8XMCQke7JrnGnKPpHSyAYU/14UZ/22y LlvVrWVZ8qY2+A== =81t9 -----END PGP SIGNATURE-----