Xymon 4.3.18 Released 🔗 link

Hello,

Xymon 4.3.18 has been released to SourceForge
(https://sourceforge.net/projects/xymon/) and should be populating on the
mirrors shortly.


4.3.18 fixes a buffer overflow vulnerability in the acknowledge.cgi script
(tracked as CVE-2015-1430). Thank you to Mark Felder and Martin Lenko for
their assistance in this.


This release also modifies the CGI interface to remove any dependencies on
a shell interpreter, as a protection against any future "Shellshock"-type
bash vulnerabilities. (Only users running bash as their /bin/sh
interpreter would have been affected.) As a result, the Apache
configuration for the web interface and your cgioptions.cfg file may need
to be adjusted, depending on your configuration.


Several other small bugs have also been addressed. For more details on
those, see the Changes file in the distribution.


Regards,

-jc

Wow !

The first order of business will be the official 4.3.18 release, landing shortly,

That's indeed very shortly  ;-)


Thanks a lot J.C. !

    cheers
 		martin

On Tue, 3 Feb 2015, J.C. Cleaver wrote:

hatnks a

h

On Tue, Feb 3, 2015, at 15:07, J.C. Cleaver wrote:

FreeBSD is now using this new / official release of 4.3.18


Thanks for your hard work, JC

Den 03-02-2015 kl. 22:07 skrev J.C. Cleaver:

Well done, thanks!


Regards,
Henrik

On 02/03/2015 04:18 PM, Martin Flemming wrote:

heheh  That was my exact thought when I went from one thread "Hello... again!"
and J.C.'s "4.3.18...landing shortly" message immediately to "Xymon 4.3.18
Released"

hehe

Thanks a lot J.C. !

   cheers
        martin

Yes.  Yes, thanks a lot J.C. !  :)

Bill

-- 
Bill Arlofski
Reverse Polarity, LLC
http://www.revpol.com/
-- Not responsible for anything below this line --

Hi all,

after installation i have permission problems to access cgi.
In the apache logs i have found this message
'symbolic link not allowed or link target not accessible'
Solved adding the option 'FollowSymLinks' in xymon-apache

good work J.C.!

M.

Il 05/02/2015 2.25, Bill Arlofski ha scritto:

Hobbit version 4.2.3


hobbit-alerts.cfg entry:
..CFG_WHEN=60...# catch all disk
HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red
MAIL <email address redacted> DURATION>60 REPEAT=15
MAIL <pager email redacted> DURATION>60 REPEAT=15 FORMAT=SMS

testing this with
 ./hobbitd_alert --test wp-vlauditlog disk --time=1423170000

the epoch time was last night at 21:00 which is within the timeframe for the alerts to happen ie w:1830:2359
00002124 2015-02-05 21:00:00 Matching host:service:page 'wp-vlauditlog:disk:iss' against rule line 242
00002124 2015-02-05 21:00:00 *** Match with 'HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red' ***
00002124 2015-02-05 21:00:00 Matching host:service:page 'wp-vlauditlog:disk:iss' against rule line 243
00002124 2015-02-05 21:00:00 Failed 'MAIL <email address redacted> DURATION>60 REPEAT=15' (min. duration 0<3600)
00002124 2015-02-05 21:00:00 Matching host:service:page 'wp-vlauditlog:disk:iss' against rule line 244
00002124 2015-02-05 21:00:00 Failed 'MAIL <paging email redacted>  DURATION>60 REPEAT=15 FORMAT=SMS' (min. duration 0<3600)

I can see that indeed there is a match with the rule HOST=* SERVICE=disk TIME=w:1830:2359,$CFG_WHEN:0800:2359 COLOR=red

but then there seems to be some error or mismatch with the two MAIL lines following it.
Is anyone able to point out what I am doing wrong here?
cheers
ian

On Fri, Feb 6, 2015, at 03:30, Marco Avvisano wrote:

It looks like "FollowSymlinks" is already in the xymon-apache files
according to SVN trunk

On 6 February 2015 at 21:09, Ian Diddams <user-7fbf34ed5219@xymon.invalid> wrote:

The log suggests that the parser is treating the "MAIL" recipient lines as
if they were "HOST" rule lines.  Although I can't find documentation to
support me, I think the recipient lines need to be indented, and certainly
the examples in the alerts.cfg file I have here, all have the recipient
lines indented.  It couldn't hurt to try.

Cheers
Jeremy