diff options
author | spz <spz@pkgsrc.org> | 2011-10-15 23:07:24 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2011-10-15 23:07:24 +0000 |
commit | e2521d08f9387ae6f1403648736116336cb345ac (patch) | |
tree | 40d62d2ababaa982cb4e904dd2225aeaea0b7253 /net/xymon/MESSAGE | |
parent | 05e3040573822c925475ca1ff9debf198d002230 (diff) | |
download | pkgsrc-e2521d08f9387ae6f1403648736116336cb345ac.tar.gz |
Update xymon and xymonclient to 4.3.5
adjust Makefile to avoid/fix problems found by dholland
Upstream changelog:
Changes from 4.3.4 -> 4.3.5 (9 Sep 2011)
========================================
* rev 6754
* Fix crash in CGI generating the "info" status column.
* Fix broken handling of IGNORE for log-file analysis.
* Fix broken clean-up of obsolete cookies (no user impact).
* Devmon RRD handler: Fix missing initialisation, which
might cause crashes of the RRD handler.
* Fix crashes in xymond caused by faulty new library for
storing cookies and host-information.
* Fix memory corruption/crash in xymond caused by logging
of multi-source statuses.
* New "delayred" and "delayyellow" definitions for a host
can be used to delay change to a yellow/red status for
any status column (replaces the network-specific "badFOO"
definitions).
* analysis.cfg and alerts.cfg: New DISPLAYGROUP setting to
select hosts by the group/group-only/group-except text.
* New HOSTDOCURL setting in xymonserver.cfg. Replaces the
xymongen "--docurl" and "--doccgi" options, and is used
by all tools.
* xymond_history option to control location of PID file.
* Critical Systems view: Optionally show eventlog for the
hosts present on the CS view.
* Critical Systems view: Multiple --config options can
now be used, to display critical systems from multiple
configurations on one page.
* Detailed status display: Speedup by no longer having to
load the hosts.cfg file.
* xymongen and xymonnet: Optionally load the hosts.cfg
from xymond instead of having to read the file.
Changes from 4.3.3 -> 4.3.4 (1 Aug 2011)
========================================
* rev 6722
* Fix crashes and data corruption in Xymon worker modules
(xymond_client, xymond_rrd etc) after handling large
messages.
* Fix xymond lock-up when renaming/deleting hosts
* Fix xymond cookie lookup mechanism
* Webpages: Add new HOSTPOPUP setting to control what values from
hosts.cfg are displayed as a "comment" to the hostname (either
in pop-up's or next to the hostname).
* Fix xymond_client crash if analysis.cfg contains invalid configuration
entries, e.g. expressions that do not compile.
* Fix showgraph CGI crash when legends contain colon.
* xymonnet: Include hostname when reporting erroneous test-spec
* CGI utils: Multiple potential security fixes involving buffer-
overruns when generating responses.
* CGI utils: Fix crash when invoked with HTTP "HEAD"
* CGI utils: Fix crashes on 64-bit platforms due to missing prototype
of "basename()" function.
* svcstatus CGI: Dont crash if history log is not a file.
* Critical systems view CGI: Cross-site scripting fix
* Fix recovery-messages for alerts sent to a GROUP
* RRD "memory" status handler now recognizes the output from the
bb-xsnmp.pl module (for Cisco routers).
* Web templates modified so the menu CSS can override the default
body CSS.
* Acknowledge web page now allows selecting minutes/hours/days
* Enable/Disable webpage enhanced, so when selecting multiple hosts
the "Tests" column only lists the tests those hosts have.
Changes from 4.3.2 -> 4.3.3 (6 May 2011)
========================================
* rev6684
* SECURITY FIX: Some CGI parameters were used to construct
filenames of historical logfiles without being sanitized,
so they could be abused to read files on the webserver.
* SECURITY FIX: More cross-site scripting vulnerabilities.
* Remove extra "," before "History" button on status-view
* Critical view: Shring priority-column to 10% width
* hosts.cfg loader: Check for valid IP spec (nibbles in
0-255 range). Large numbers in a nibble were accepted,
triggering problems when trying to ping the host.
* Alert macros no longer limited to 8kB
Diffstat (limited to 'net/xymon/MESSAGE')
-rw-r--r-- | net/xymon/MESSAGE | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/xymon/MESSAGE b/net/xymon/MESSAGE index 66f4469ef19..471e5d1dda9 100644 --- a/net/xymon/MESSAGE +++ b/net/xymon/MESSAGE @@ -1,9 +1,9 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.2 2011/04/22 14:52:18 spz Exp $ +$NetBSD: MESSAGE,v 1.3 2011/10/15 23:07:24 spz Exp $ Please note that the ${SECCGIDIR} -directory has been created with all permissions removed for security +directory and its contents had most of their permissions removed for security reasons. Check what the scripts do and enable those that are useful to you and of acceptable security impact. |