Hello,
Xymon 4.3.18 has been released to SourceForge (https://sourceforge.net/projects/xymon/) and should be populating on the mirrors shortly.
4.3.18 fixes a buffer overflow vulnerability in the acknowledge.cgi script (tracked as CVE-2015-1430). Thank you to Mark Felder and Martin Lenko for their assistance in this.
This release also modifies the CGI interface to remove any dependencies on a shell interpreter, as a protection against any future "Shellshock"-type bash vulnerabilities. (Only users running bash as their /bin/sh interpreter would have been affected.) As a result, the Apache configuration for the web interface and your cgioptions.cfg file may need to be adjusted, depending on your configuration.
Several other small bugs have also been addressed. For more details on those, see the Changes file in the distribution.
Regards,
-jc
Wow !
The first order of business will be the official 4.3.18 release, landing shortly,
That's indeed very shortly ;-)
Thanks a lot J.C. !
cheers
martinOn Tue, 3 Feb 2015, J.C. Cleaver wrote:
Hello,
Xymon 4.3.18 has been released to SourceForge (https://sourceforge.net/projects/xymon/) and should be populating on the mirrors shortly. hatnks a
4.3.18 fixes a buffer overflow vulnerability in the acknowledge.cgi script (tracked as CVE-2015-1430). Thank you to Mark Felder and Martin Lenko for their assistance in this.
This release also modifies the CGI interface to remove any dependencies on a shell interpreter, as a protection against any future "Shellshock"-type bash vulnerabilities. (Only users running bash as their /bin/sh interpreter would have been affected.) As a result, the Apache configuration for the web interface and your cgioptions.cfg file may need to be adjusted, depending on your configuration.
Several other small bugs have also been addressed. For more details on those, see the Changes file in the distribution.
Regards,
-jc h
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
On 02/03/2015 04:18 PM, Martin Flemming wrote:
Wow !
The first order of business will be the official 4.3.18 release, landing shortly,
That's indeed very shortly ;-)
heheh That was my exact thought when I went from one thread "Hello... again!" and J.C.'s "4.3.18...landing shortly" message immediately to "Xymon 4.3.18 Released"
hehe
Thanks a lot J.C. !
cheers martin
Yes. Yes, thanks a lot J.C. ! :)
Bill
-- Bill Arlofski Reverse Polarity, LLC http://www.revpol.com/ -- Not responsible for anything below this line --
Hi all,
after installation i have permission problems to access cgi. In the apache logs i have found this message 'symbolic link not allowed or link target not accessible' Solved adding the option 'FollowSymLinks' in xymon-apache
good work J.C.!
M.
Il 05/02/2015 2.25, Bill Arlofski ha scritto:
On 02/03/2015 04:18 PM, Martin Flemming wrote:
Wow !
The first order of business will be the official 4.3.18 release, landing shortly, That's indeed very shortly ;-)
heheh That was my exact thought when I went from one thread "Hello... again!" and J.C.'s "4.3.18...landing shortly" message immediately to "Xymon 4.3.18 Released"
hehe
Thanks a lot J.C. !
cheers martinYes. Yes, thanks a lot J.C. ! :)
Bill
Hobbit version 4.2.3
hobbit-alerts.cfg entry: ..CFG_WHEN=60...# catch all disk HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red MAIL <email address redacted> DURATION>60 REPEAT=15 MAIL <pager email redacted> DURATION>60 REPEAT=15 FORMAT=SMS
testing this with ./hobbitd_alert --test wp-vlauditlog disk --time=1423170000
the epoch time was last night at 21:00 which is within the timeframe for the alerts to happen ie w:1830:2359 00002124 2015-02-05 21:00:00 Matching host:service:page 'wp-vlauditlog:disk:iss' against rule line 242 00002124 2015-02-05 21:00:00 *** Match with 'HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red' *** 00002124 2015-02-05 21:00:00 Matching host:service:page 'wp-vlauditlog:disk:iss' against rule line 243 00002124 2015-02-05 21:00:00 Failed 'MAIL <email address redacted> DURATION>60 REPEAT=15' (min. duration 0<3600) 00002124 2015-02-05 21:00:00 Matching host:service:page 'wp-vlauditlog:disk:iss' against rule line 244 00002124 2015-02-05 21:00:00 Failed 'MAIL <paging email redacted> DURATION>60 REPEAT=15 FORMAT=SMS' (min. duration 0<3600)
I can see that indeed there is a match with the rule HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red
but then there seems to be some error or mismatch with the two MAIL lines following it. Is anyone able to point out what I am doing wrong here? cheers ian
On 6 February 2015 at 21:09, Ian Diddams <didds3 at yahoo.co.uk> wrote:
catch all disk
HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red MAIL <email address redacted> DURATION>60 REPEAT=15 MAIL <pager email redacted> DURATION>60 REPEAT=15 FORMAT=SMS
The log suggests that the parser is treating the "MAIL" recipient lines as if they were "HOST" rule lines. Although I can't find documentation to support me, I think the recipient lines need to be indented, and certainly the examples in the alerts.cfg file I have here, all have the recipient lines indented. It couldn't hurt to try.
Cheers Jeremy
On Fri, Feb 6, 2015, at 03:30, Marco Avvisano wrote:
Hi all,
after installation i have permission problems to access cgi. In the apache logs i have found this message 'symbolic link not allowed or link target not accessible' Solved adding the option 'FollowSymLinks' in xymon-apache
It looks like "FollowSymlinks" is already in the xymon-apache files according to SVN trunk
On Tue, Feb 3, 2015, at 15:07, J.C. Cleaver wrote:
Hello,
Xymon 4.3.18 has been released to SourceForge (https://sourceforge.net/projects/xymon/) and should be populating on the mirrors shortly.
FreeBSD is now using this new / official release of 4.3.18
Thanks for your hard work, JC
Den 03-02-2015 kl. 22:07 skrev J.C. Cleaver:
Hello,
Xymon 4.3.18 has been released to SourceForge (https://sourceforge.net/projects/xymon/) and should be populating on the mirrors shortly. Well done, thanks!
Regards, Henrik
participants (8)
-
cleaver@terabithia.org
-
didds3@yahoo.co.uk
-
feld@feld.me
-
henrik@hswn.dk
-
jlaidman@rebel-it.com.au
-
marco.avvisano@regione.toscana.it
-
martin.flemming@desy.de
-
waa-hobbitml@revpol.com