Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 43967 - Security flaw : please upgrade monit ASAP
Summary: Security flaw : please upgrade monit ASAP
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All All
: High critical (vote)
Assignee: Gentoo Security
Depends on:
Reported: 2004-03-07 09:59 UTC by Jedi/Sector One
Modified: 2004-04-01 07:04 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---
klieber: Assigned_To? (aescriva)


Note You need to log in before you can comment on or make changes to this bug.
Description Jedi/Sector One 2004-03-07 09:59:18 UTC
There's a remotely exploitable vulnerability in Monit < 4.1.1 .
Current stable and unstable versions in the portage tree are vulnerable.
Please upgrade Monit to 4.1.1 ASAP.
Bumping the version number in the ebuild is enough, I've been extensively testing it.
Comment 1 Kurt Lieber (RETIRED) gentoo-dev 2004-03-30 00:16:55 UTC contains the vuln. posting.

Markus -- 4.2 is ~masked in portage.  Can you see if we can bump that to stable?

The only arch that 4.1 is even keyworded for is x86, so we don't need to worry about other arches for this particular bug.
Comment 2 Kurt Lieber (RETIRED) gentoo-dev 2004-03-30 00:18:53 UTC
Aida -- can you draft a GLSA for this one?
Comment 3 Aida Escriva-Sammer (RETIRED) gentoo-dev 2004-03-30 04:38:54 UTC
GLSA in progress. 
Comment 4 Markus Nigbur (RETIRED) gentoo-dev 2004-03-30 13:10:18 UTC
4.2 marked stbale on x86. Should run without any issues, else blame me.
Comment 5 Thierry Carrez (RETIRED) gentoo-dev 2004-04-01 07:04:52 UTC
GLSA 200403-14 sent