~alpine/aports

[alpine-aports] [PATCH v3.5] community/munin: security upgrade to 2.0.33 - fixes #6952

Sergei Lukin <sergej.lukin@gmail.com>
Details
Message ID
<20170403111813.20307-1-sergej.lukin@gmail.com>
Sender timestamp
1491218293
DKIM signature
missing
Download raw message
7 years ago
Patch: +11 -5 
CVE-2017-6188: Local file write vulnerability with CGI graphs enabled
---
>From 2.0.25 till 2.0.33 munin had only bugfix/security releases
https://fossies.org/linux/munin/ChangeLog

 community/munin/APKBUILD | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/community/munin/APKBUILD b/community/munin/APKBUILD
index 4b0e09b879..68ad35c188 100644
--- a/community/munin/APKBUILD
+++ b/community/munin/APKBUILD
@@ -1,8 +1,9 @@
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Stefan Wagner <stw@bit-strickerei.de>
# Maintainer: Stefan Wagner <stw@bit-strickerei.de>
pkgname=munin
pkgver=2.0.25
pkgrel=1
pkgver=2.0.33
pkgrel=0
pkgdesc="A distributed monitoring/graphing tool"
url="http://munin-monitoring.org/"
arch="noarch"
@@ -21,6 +22,11 @@ source="http://downloads.munin-monitoring.org/munin/stable/$pkgver/$pkgname-$pkg
	$pkgname-node.initd
	$pkgname.logrotate
	$pkgname-node.logrotate"

# secfixes:
#   2.0.33-r0:
#   - CVE-2017-6188

builddir="$srcdir/$pkgname-$pkgver"

build() {
@@ -59,19 +65,19 @@ node() {
		"$subpkgdir"/etc/init.d/$subpkgname
}

md5sums="b418a667ce42665557329a7ac3bd1b93  munin-2.0.25.tar.gz
md5sums="0d413df786d8f0b9862ecd794e739edf  munin-2.0.33.tar.gz
4fce4fdc2d1c9d5f3f1d9b77afad6027  munin-config.patch
b474180bc97e870be7a80d1824fe1ceb  munin.crond
a1bcfd3b2f696b2e56eff81fae5049d8  munin-node.initd
90ec26232e622fe3c708b519543bd937  munin.logrotate
f75f125ee68eb60347eb8d57c616eaa1  munin-node.logrotate"
sha256sums="6832bc5839d03639e4309178d9370697fc8a80a83d9b6653953f40161e949694  munin-2.0.25.tar.gz
sha256sums="1c6f994bf62d6dee89554efba0733b6f96d4130ba906162c32f77587088974c4  munin-2.0.33.tar.gz
ceec0ba906ffaaa97621bf11c537cca594c96e8f9c86f2aa254b55ca57546b97  munin-config.patch
f388434231dfd645be85654ac35a09315feac2f923e297f2aa8c11392e2ae4dc  munin.crond
59269b33d23813969f7e9700cb3bb60c687fb502fcfed1ce23985e8b673d9da9  munin-node.initd
691b40eff51dafac2a5bef5a9c858f25dcb33e3633196ebfcc13353f203689d7  munin.logrotate
8d1d05ff21328f008acba361d2776651bd2cff44229f7ec570f03c525c9b6d46  munin-node.logrotate"
sha512sums="a29563cfef26b05237b3813b44b5582563f2f75477ae3c076540cfb4f3e83f89193bd05fd7eae208d9d1bae58aff75977cc2c5f4de81225f0cbb2ba2c41effa9  munin-2.0.25.tar.gz
sha512sums="aa6df8555dfd09585619376a4e9f20c2c6092e70076041ff3dcf987f6eab3caf2880ce32432f71f7b0493808d9e5dbc11e352aa636c39f22ad355409342feb70  munin-2.0.33.tar.gz
a1c691a4c5d7d2619ea6d2605c71a23eeaa65f9cf533477524927bc3244371e271a4dadf24e71d6630f3ea8d6ad56f26bed83330a22ff0573e67c5cafe66cf17  munin-config.patch
194b742b2ff8312c4c42a8a77d1d9a80bc53ced2343248c36f4229b0b0d366e898487fb5e415f1f5ccea7210a7a86e25de5e45193dbb5d26d2d6a195f0597642  munin.crond
4b2a49a7bcb64eef65eee3b77ce86ca2cd8afef681922fdb830cb382f334c07356576f1151f4423f066ba8ac1c2d9a51cf9ff3d4dd4b18a5c1e2c95abcd9a940  munin-node.initd
-- 
2.11.1



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)