Mail archive
alpine-aports

[alpine-aports] [PATCH edge] community/munin: security upgrade to 2.0.33 - fixes #6951

From: Sergei Lukin <sergej.lukin_at_gmail.com>
Date: Fri, 3 Mar 2017 15:01:04 +0000

CVE-2017-6188: Local file write vulnerability with CGI graphs enabled
---
 community/munin/APKBUILD | 21 +++++----------------
 1 file changed, 5 insertions(+), 16 deletions(-)
diff --git a/community/munin/APKBUILD b/community/munin/APKBUILD
index 4b0e09b879..d16dbf6ffd 100644
--- a/community/munin/APKBUILD
+++ b/community/munin/APKBUILD
_at_@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin_at_gmail.com>
 # Contributor: Stefan Wagner <stw_at_bit-strickerei.de>
 # Maintainer: Stefan Wagner <stw_at_bit-strickerei.de>
 pkgname=munin
-pkgver=2.0.25
-pkgrel=1
+pkgver=2.0.33
+pkgrel=0
 pkgdesc="A distributed monitoring/graphing tool"
 url="http://munin-monitoring.org/"
 arch="noarch"
_at_@ -11,7 +12,7 @@ _perl_modules="perl-rrd perl-net-snmp perl-log-log4perl perl-html-template
 	perl-net-ssleay perl-net-server perl-date-manip perl-io-socket-inet6
 	perl-file-copy-recursive perl-fcgi perl-uri"
 depends="$pkgname-node"
-makedepends="bash rrdtool perl perl-module-build $_perl_modules"
+makedepends="bash rrdtool perl-dev perl-module-build $_perl_modules"
 pkgusers=munin
 pkggroups=munin
 subpackages="$pkgname-node"
_at_@ -59,19 +60,7 @@ node() {
 		"$subpkgdir"/etc/init.d/$subpkgname
 }
 
-md5sums="b418a667ce42665557329a7ac3bd1b93  munin-2.0.25.tar.gz
-4fce4fdc2d1c9d5f3f1d9b77afad6027  munin-config.patch
-b474180bc97e870be7a80d1824fe1ceb  munin.crond
-a1bcfd3b2f696b2e56eff81fae5049d8  munin-node.initd
-90ec26232e622fe3c708b519543bd937  munin.logrotate
-f75f125ee68eb60347eb8d57c616eaa1  munin-node.logrotate"
-sha256sums="6832bc5839d03639e4309178d9370697fc8a80a83d9b6653953f40161e949694  munin-2.0.25.tar.gz
-ceec0ba906ffaaa97621bf11c537cca594c96e8f9c86f2aa254b55ca57546b97  munin-config.patch
-f388434231dfd645be85654ac35a09315feac2f923e297f2aa8c11392e2ae4dc  munin.crond
-59269b33d23813969f7e9700cb3bb60c687fb502fcfed1ce23985e8b673d9da9  munin-node.initd
-691b40eff51dafac2a5bef5a9c858f25dcb33e3633196ebfcc13353f203689d7  munin.logrotate
-8d1d05ff21328f008acba361d2776651bd2cff44229f7ec570f03c525c9b6d46  munin-node.logrotate"
-sha512sums="a29563cfef26b05237b3813b44b5582563f2f75477ae3c076540cfb4f3e83f89193bd05fd7eae208d9d1bae58aff75977cc2c5f4de81225f0cbb2ba2c41effa9  munin-2.0.25.tar.gz
+sha512sums="aa6df8555dfd09585619376a4e9f20c2c6092e70076041ff3dcf987f6eab3caf2880ce32432f71f7b0493808d9e5dbc11e352aa636c39f22ad355409342feb70  munin-2.0.33.tar.gz
 a1c691a4c5d7d2619ea6d2605c71a23eeaa65f9cf533477524927bc3244371e271a4dadf24e71d6630f3ea8d6ad56f26bed83330a22ff0573e67c5cafe66cf17  munin-config.patch
 194b742b2ff8312c4c42a8a77d1d9a80bc53ced2343248c36f4229b0b0d366e898487fb5e415f1f5ccea7210a7a86e25de5e45193dbb5d26d2d6a195f0597642  munin.crond
 4b2a49a7bcb64eef65eee3b77ce86ca2cd8afef681922fdb830cb382f334c07356576f1151f4423f066ba8ac1c2d9a51cf9ff3d4dd4b18a5c1e2c95abcd9a940  munin-node.initd
-- 
2.11.1
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Fri Mar 03 2017 - 15:01:04 GMT