-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 07 Aug 2014 16:21:39 +0200 Source: munin Binary: munin-node munin-plugins-extra munin-java-plugins munin munin-common Architecture: source all Version: 1.4.5-3+deb6u1 Distribution: squeeze-lts Urgency: low Maintainer: Munin Debian Maintainers <munin-deb-maint@linpro.no> Changed-By: Holger Levsen <holger@debian.org> Description: munin - network-wide graphing framework (grapher/gatherer) munin-common - network-wide graphing framework (common) munin-java-plugins - network-wide graphing framework (java plugins for node) munin-node - network-wide graphing framework (node) munin-plugins-extra - network-wide graphing framework (user contributed plugins for nod Closes: 679897 684075 Changes: munin (1.4.5-3+deb6u1) squeeze-lts; urgency=low . [ Christoph Biedl ] * munin-node: more secure state file handling, introducing a new plugin state directory root, owned by uid 0. Then each plugin runs in its own UID plugin state directory, owned by that UID. (Closes: #684075), (Closes: #679897), closes CVE-2012-3512. * plugins: use runtime $ENV{MUNIN_PLUGSTATE}. So all properly written plugins will use /var/lib/munin-node/plugin-state/$uid/$some_file now - please report plugins that are still using /var/lib/munin/plugin-state/ - as those might pose a security risk! * Validate multigraph plugin name, CVE-2013-6048. * Don't abort data collection for a node due to malicious node, fixing munin#1397, CVE-2013-6359. . [ Holger Levsen ] * Convert Christophs git commits into debian/patches, make his changelog entries more verbose. Checksums-Sha1: c96283dd622c723dfe0179ad7b68e76548ae58d7 2167 munin_1.4.5-3+deb6u1.dsc 51a95fbeaa09dabdc86cd8bdb7a8639dbeb283df 44112 munin_1.4.5-3+deb6u1.diff.gz 287adbf454483f456803182c308d29233bb8ce1c 83284 munin-common_1.4.5-3+deb6u1_all.deb 20068ad8f8fed396a45ea768bdae2110857f6363 211418 munin_1.4.5-3+deb6u1_all.deb 9fb371c24ae4e233f9ffc1e9d81a117d04512512 394066 munin-node_1.4.5-3+deb6u1_all.deb b8d1782e087ddec50339929d8b3d90920b51c630 108372 munin-plugins-extra_1.4.5-3+deb6u1_all.deb 42df431ecb5f389a781a7d502c473aea5c55f2f3 119876 munin-java-plugins_1.4.5-3+deb6u1_all.deb Checksums-Sha256: 94a5381b7d118a5a716f63ae7cd3b849fe28d5344824317c1f3a5a3835c82439 2167 munin_1.4.5-3+deb6u1.dsc d4b88803470add7f580db8766886b01c4258ea49730ae3a5baa43908535fd1ab 44112 munin_1.4.5-3+deb6u1.diff.gz 64e6077feddb2faae45d32ec3b29b59f9c211d738ee4fa1d06849aef8136cd46 83284 munin-common_1.4.5-3+deb6u1_all.deb 16bc34b051f68f6d9f8875edd99259929927808673a94b481266e5277ce59b18 211418 munin_1.4.5-3+deb6u1_all.deb bac44dfb32b74037ac4897dd1052ce9075ec8da47d3e67a1457afa386506dfd6 394066 munin-node_1.4.5-3+deb6u1_all.deb 1dd8b3c7aa856c137b8620c4a5ab703d6354060d8360ae3e325b016fad16e922 108372 munin-plugins-extra_1.4.5-3+deb6u1_all.deb 41c4bdc60ff2ac404e8db8b181e231f40d4b26676193a0f597782c0a843d2b2a 119876 munin-java-plugins_1.4.5-3+deb6u1_all.deb Files: 00bec1387b56381fb07b3b814fdc0b3e 2167 net optional munin_1.4.5-3+deb6u1.dsc fb6d5c44bbc27f6f71a5167b87139701 44112 net optional munin_1.4.5-3+deb6u1.diff.gz 1723d2450c8b41cd8acbcfdef3678e0f 83284 net optional munin-common_1.4.5-3+deb6u1_all.deb 179e44acbe675a128f2575ba7e321a7a 211418 net optional munin_1.4.5-3+deb6u1_all.deb 2c77cc69df4ffe4264f6ac7d286dc8b0 394066 net optional munin-node_1.4.5-3+deb6u1_all.deb 260cb5d6af851d689ff83dfcae5dde48 108372 net optional munin-plugins-extra_1.4.5-3+deb6u1_all.deb d1df260a12079ce5b9a8a7b46fb134f0 119876 net optional munin-java-plugins_1.4.5-3+deb6u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUBU+OQqQkauFYGmqocAQjqqQ/+LdrSOrPPu4qr3zJzNbKaDR/qu6FjGdd0 4v7sPKpPFrNEUkQ8vBCJVe/ucL8g7ghny7iS/luQhfvYvPH2d8hMBqzyCkiz1+qJ EO3zm0jMlvCSuTNeoxDgkcQKjhjSYInkAmbtduC18KEPClkNwtP1gKbBvYgSC3T1 UheaKFP0Wq1C/IXQBnrA1bQLl7jD8F1CSCBLi2h6GR7V6pSY6ILRd1sZ8WvaGq4z 2aNyshOQwB+3yxfwGDPy6A6VGWGmLW72dnQeKXD6i0yHDw4Dge3zx7L07kLuL1yA Hk2R20X25gubZuGMuVVIQVcf+buqyS75eZsvIcepPApMDIqKOy7/pZ2RUzMjkBjM cwd/hLCO6zif0uca0RfSXPawUr7OM+Ktx299/qkFyycIeRLm0BFnTel8kl9zAiCm 87f1xRE1WKvqxtQ5npSMaeyZI97ka4R+FgyG3EiTCsjCPErwziZBMXUktLOI3wux YKX+qpliUo/J0ZLYa4OAT3/5JfqlebhQeI0aueN256qNvGB5E01Qug7ExPLsUoH+ GxTVzag++KzmJcMEYNZ6m7niNdwvZRjHgdqaJSlHtTk0mTmH9Q3N8bhmXsrLRV65 QItZxzhVw5uETlTXDjDh2M+Qg7ZNQlA0Ls5V0X6LgzhinomzK6eRvOjNNibmkPEB UvpVWNbMsMY= =mHqd -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-lts-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/E1XFQ1R-000632-SM@franck.debian.org
