Xymon Mailing List Archive search

Xymon 4.3.29 Released - Important Security Update

list Japheth Cleaver
Mon, 12 Aug 2019 12:16:38 -0700
Message-Id: <user-036065256c3f@xymon.invalid>

Richard:
Can you provide the output of --debug on a xymonnet run off-list? This could be a parsing issue somewhere, but from glancing at the code I'm not sure where the logic might be diverging.

Robert:

So far I haven't been able to duplicate this one. Do you happen to have ./configure output in scrollback? While an IP that doesn't match hostname or isn't up *could* affect something, the compilation check for SSL support seems totally distinct. Were other SSL tests also failing? Alternatively, is there a chance the SSL versioning/cypher lockdown might be different on this endpoint?

-jc


On 8/9/2019 7:47 AM, Richard L. Hamilton wrote:
I think I had to add login and password to the URL for an http test (to something that required those), where previously an entry in $HOME/server/etc/netrc sufficed. ?In other words, the behavior changed with the update.

On Aug 9, 2019, at 09:23, Robert Herron <user-8b27ea4290da@xymon.invalid <mailto:user-8b27ea4290da@xymon.invalid>> wrote:

I had a similar issue with the HTTPS test. I found specifying the Xymon server's IP during the configure script caused the problem. The OpenSSL info didn't show up on the xymonnet page.? Rerunning configure, leaving 127.0.0.1 for the IP, rebuilding, and reinstalling fixed it.

I still had other issues so I reverted my test server back to 4.3.28 since I was leaving for vacation.

Running on Oracle Linux 6.x, used the patches available thru last Friday but don't recall if libtirpc-devel is installed.


On Fri, Aug 9, 2019, 12:15 AM Bruce Ferrell <user-24fbf1912cfe@xymon.invalid <mailto:user-24fbf1912cfe@xymon.invalid>> wrote:


    I did the same thing and did it from source.

    After removing the #pragma statements and adding libtirpc-devel
    to get it to compile, I found the https sites failed.? They do
    pass the sslcert test.

    I just rolled back to 4.3.28

    I'll figure it out later, after I figure out how the rollback
    screwed up the built in SNMP support that I so painfully got
    working and was still documenting.

    sigh


    On 8/5/19 6:19 AM, Dirk Kastens wrote:
Hi,

I just upgraded our xymon server on Scientific Linux release
    6.10 frpm xymon 4.3.28 to 4.3.29.
Two things are not working any longer:

http authentication: I defined the login information in the
    file /etc/xymon/netrc, which worked before the upgrade. Now the
    http test are red with the message "Authorization
Required".

history files cannot be opened any more. When I click on the
    history button of a test, I get an empty page with the message
    "Cannot open history file"
Am 29.07.2019 um 19:41 schrieb Japheth Cleaver:
The Terabithia Xymon 4.3.29-1 packages have been updated in
    the production repositories and should be available for download
    at https://terabithia.org/rpms/xymon/

As a reminder, EL3 and EL4 and Fedora 18-27 have been retired
    -- those repos have been moved to the /retired/ directory.
As EPEL8 has not yet been released, an fping package is
    available in the EL8 repository, as well as man2html (needed for
    rebuilds).