Debian Package Tracker

general

source: monit (main)
version: 1:5.26.0-1
maintainer: Sergey B Kirpichev [DMD] [dm]
arch: any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:5.9-1+deb8u1
o-o-sec: 1:5.9-1+deb8u2
oldstable: 1:5.20.0-6
testing: 1:5.26.0-1
unstable: 1:5.26.0-1

versioned links

1:5.9-1+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.9-1+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.20.0-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.26.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

monit (1 bugs: 0, 1, 0, 0)

action needed

2 security issues in stretch high

There are 2 open security issues in stretch.

2 important issues:

CVE-2019-11455: A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage).
CVE-2019-11454: Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation.

Please fix them.

Created: 2019-04-23 Last update: 2019-07-13 06:36

Depends on packages which need a new maintainer normal

The packages that monit depends on which need a new maintainer are:

lsb (#924519)
- Depends: lsb-base

Created: 2019-03-13 Last update: 2019-07-19 01:08

3 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 279f22b099a42f2c2e3f4aa1237e9fe1414e17aa
Author: Sergey B Kirpichev <skirpichev@gmail.com>
Date:   Wed Jul 17 18:48:52 2019 +0300

    Add debian/gbp.conf

commit a4e7137c61e53e63487d36beee9d1c517462f575
Author: Sergey B Kirpichev <skirpichev@gmail.com>
Date:   Wed Jul 17 18:42:05 2019 +0300

    Use https in copyright urls

commit 5a3ac88ea541bf6a6cc9262474bc10a77a6ed392
Author: Sergey B Kirpichev <skirpichev@gmail.com>
Date:   Wed Jul 17 18:38:33 2019 +0300

    Clean trailing spaces in old changelog entries

Created: 2019-07-17 Last update: 2019-07-18 13:51

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2016-7067: Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service.

Please fix it.

Created: 2016-10-28 Last update: 2019-07-13 06:36

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-07-08 20:08

news

[rss feed]

[2019-07-17] Accepted monit 1:5.26.0-1~bpo10+1 (source amd64) into buster-backports, buster-backports (Sergey B Kirpichev) (signed by: Sebastiaan Couwenberg)
[2019-07-13] monit 1:5.26.0-1 MIGRATED to testing (Debian testing watch)
[2019-07-07] Accepted monit 1:5.26.0-1 (source) into unstable (Sergey B Kirpichev)
[2019-06-28] monit REMOVED from testing (Debian testing watch)
[2019-06-17] Accepted monit 1:5.25.2-3+deb10u1 (source amd64) into testing-proposed-updates (Sergey B Kirpichev)
[2019-06-03] Accepted monit 1:5.25.3-1 (source amd64) into unstable (Sergey B Kirpichev)
[2019-04-26] Accepted monit 1:5.9-1+deb8u2 (source amd64) into oldstable (Thorsten Alteholz)
[2019-02-27] monit 1:5.25.2-3 MIGRATED to testing (Debian testing watch)
[2019-02-17] Accepted monit 1:5.25.2-3 (source) into unstable (Sergey B Kirpichev)
[2018-12-26] monit 1:5.25.2-2 MIGRATED to testing (Debian testing watch)
[2018-12-21] Accepted monit 1:5.25.2-2 (source amd64) into unstable (Sergey B Kirpichev)
[2018-06-06] monit 1:5.25.2-1 MIGRATED to testing (Debian testing watch)
[2018-06-01] Accepted monit 1:5.25.2-1 (source amd64) into unstable (Sergey B Kirpichev)
[2017-12-03] monit 1:5.25.1-1 MIGRATED to testing (Debian testing watch)
[2017-11-28] Accepted monit 1:5.25.1-1 (source) into unstable (Sergey B Kirpichev)
[2017-09-04] monit 1:5.23.0-4 MIGRATED to testing (Debian testing watch)
[2017-08-29] Accepted monit 1:5.23.0-4 (source) into unstable (Sergey B Kirpichev)
[2017-08-28] Accepted monit 1:5.23.0-3 (source amd64) into unstable (Sergey B Kirpichev)
[2017-07-13] monit 1:5.23.0-2 MIGRATED to testing (Debian testing watch)
[2017-07-08] Accepted monit 1:5.23.0-2 (source amd64) into unstable (Sergey B Kirpichev)
[2017-07-07] Accepted monit 1:5.23.0-1 (source amd64) into unstable (Sergey B Kirpichev)
[2017-06-20] monit 1:5.22.0-1 MIGRATED to testing (Debian testing watch)
[2017-04-22] Accepted monit 1:5.22.0-1 (source amd64) into unstable (Sergey B Kirpichev)
[2017-04-13] Accepted monit 1:5.21.0-1 (source amd64) into unstable (Sergey B Kirpichev)
[2017-01-22] monit 1:5.20.0-6 MIGRATED to testing (Debian testing watch)
[2017-01-11] Accepted monit 1:5.20.0-6 (source amd64) into unstable (Sergey B Kirpichev)
[2017-01-09] Accepted monit 1:5.20.0-5 (source amd64) into unstable (Sergey B Kirpichev)
[2016-12-12] Accepted monit 1:5.4-2+deb7u3 (source amd64) into oldstable (Jonas Meurer)
[2016-12-08] monit 1:5.20.0-4 MIGRATED to testing (Debian testing watch)
[2016-12-06] Accepted monit 1:5.4-2+deb7u2 (source amd64) into oldstable (Jonas Meurer)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:5.26.0-1
10 bugs (2 patches)