CVE-2022-26563: An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization. The fix commit doesn't seem to be in any tag?
Not sure how 5.31 was selected as the fixed version? ~/git/monit $ git tag --contains 6ecaab1d375f33165fe98d06d92f36c949c0ea11 release-5-32-0 release-5-33-0 release-5-34-0
Cleaned up. commit 6fb945e1c0c68ed0fdcc859debe631f933f9cd67 Author: Patrick Lauer <patrick@gentoo.org> Date: Thu Jul 11 04:39:26 2024 +0000 app-admin/monit: drop 5.29.0, 5.31.0, 5.32.0 Signed-off-by: Patrick Lauer <patrick@gentoo.org> app-admin/monit/Manifest | 3 --- app-admin/monit/monit-5.29.0.ebuild | 60 ------------------------------------------------------------ app-admin/monit/monit-5.31.0.ebuild | 60 ------------------------------------------------------------ app-admin/monit/monit-5.32.0.ebuild | 60 ------------------------------------------------------------ 4 files changed, 183 deletions(-)
