There's a remotely exploitable vulnerability in Monit < 4.1.1 .
Current stable and unstable versions in the portage tree are vulnerable.
Please upgrade Monit to 4.1.1 ASAP.
Bumping the version number in the ebuild is enough, I've been extensively testing it.
http://www.tildeslash.com/monit/secadv_20031121.txt contains the vuln. posting.
Markus -- 4.2 is ~masked in portage. Can you see if we can bump that to stable?
The only arch that 4.1 is even keyworded for is x86, so we don't need to worry about other arches for this particular bug.
Aida -- can you draft a GLSA for this one?
GLSA in progress.
4.2 marked stbale on x86. Should run without any issues, else blame me.
GLSA 200403-14 sent