CVE-2017-6188: Local file write vulnerability with CGI graphs enabled
---
>From 2.0.25 till 2.0.33 munin had only bugfix/security releases
https://fossies.org/linux/munin/ChangeLog
community/munin/APKBUILD | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/community/munin/APKBUILD b/community/munin/APKBUILD
index 4b0e09b879..68ad35c188 100644
--- a/community/munin/APKBUILD
@@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Stefan Wagner <stw@bit-strickerei.de>
# Maintainer: Stefan Wagner <stw@bit-strickerei.de>
pkgname=munin
-pkgver=2.0.25
-pkgrel=1
+pkgver=2.0.33
+pkgrel=0
pkgdesc="A distributed monitoring/graphing tool"
url="http://munin-monitoring.org/"
arch="noarch"
@@ -21,6 +22,11 @@ source="http://downloads.munin-monitoring.org/munin/stable/$pkgver/$pkgname-$pkg
$pkgname-node.initd
$pkgname.logrotate
$pkgname-node.logrotate"
+
+# secfixes:
+# 2.0.33-r0:
+# - CVE-2017-6188
+
builddir="$srcdir/$pkgname-$pkgver"
build() {
@@ -59,19 +65,19 @@ node() {
"$subpkgdir"/etc/init.d/$subpkgname
}
-md5sums="b418a667ce42665557329a7ac3bd1b93 munin-2.0.25.tar.gz
+md5sums="0d413df786d8f0b9862ecd794e739edf munin-2.0.33.tar.gz
4fce4fdc2d1c9d5f3f1d9b77afad6027 munin-config.patch
b474180bc97e870be7a80d1824fe1ceb munin.crond
a1bcfd3b2f696b2e56eff81fae5049d8 munin-node.initd
90ec26232e622fe3c708b519543bd937 munin.logrotate
f75f125ee68eb60347eb8d57c616eaa1 munin-node.logrotate"
-sha256sums="6832bc5839d03639e4309178d9370697fc8a80a83d9b6653953f40161e949694 munin-2.0.25.tar.gz
+sha256sums="1c6f994bf62d6dee89554efba0733b6f96d4130ba906162c32f77587088974c4 munin-2.0.33.tar.gz
ceec0ba906ffaaa97621bf11c537cca594c96e8f9c86f2aa254b55ca57546b97 munin-config.patch
f388434231dfd645be85654ac35a09315feac2f923e297f2aa8c11392e2ae4dc munin.crond
59269b33d23813969f7e9700cb3bb60c687fb502fcfed1ce23985e8b673d9da9 munin-node.initd
691b40eff51dafac2a5bef5a9c858f25dcb33e3633196ebfcc13353f203689d7 munin.logrotate
8d1d05ff21328f008acba361d2776651bd2cff44229f7ec570f03c525c9b6d46 munin-node.logrotate"
-sha512sums="a29563cfef26b05237b3813b44b5582563f2f75477ae3c076540cfb4f3e83f89193bd05fd7eae208d9d1bae58aff75977cc2c5f4de81225f0cbb2ba2c41effa9 munin-2.0.25.tar.gz
+sha512sums="aa6df8555dfd09585619376a4e9f20c2c6092e70076041ff3dcf987f6eab3caf2880ce32432f71f7b0493808d9e5dbc11e352aa636c39f22ad355409342feb70 munin-2.0.33.tar.gz
a1c691a4c5d7d2619ea6d2605c71a23eeaa65f9cf533477524927bc3244371e271a4dadf24e71d6630f3ea8d6ad56f26bed83330a22ff0573e67c5cafe66cf17 munin-config.patch
194b742b2ff8312c4c42a8a77d1d9a80bc53ced2343248c36f4229b0b0d366e898487fb5e415f1f5ccea7210a7a86e25de5e45193dbb5d26d2d6a195f0597642 munin.crond
4b2a49a7bcb64eef65eee3b77ce86ca2cd8afef681922fdb830cb382f334c07356576f1151f4423f066ba8ac1c2d9a51cf9ff3d4dd4b18a5c1e2c95abcd9a940 munin-node.initd
--
2.11.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---