- update to bugfix release 1.4.7

- fixed CVE-2012-2147 (bnc#759910)

- new upstream version <1.4.5>
 * bugfix release

- new upstream version <1.4.4>

- new upstream release <1.4.3>

- new upstream release <1.4.2>

- new upstream release <1.4.1>

- new upstream release <1.4.0>

- add UTF8 patch

- new upstream release <1.2.6>

- new upstream release <1.2.5>

- Fixed missing /sbin/rcmunin-node

- First build for packman

- 1.2.3 release

- 1.2.2 release
- Fixed SF bug 1164481 (missing /srv/www/htdocs/munin)

OBS-URL: https://build.opensuse.org/package/show/server:monitoring/munin?expand=0&rev=2
This commit is contained in:
Wolfgang Rosenauer 2012-05-03 15:10:52 +00:00 committed by Git OBS Bridge
parent bfb3f398c9
commit f1179fd085
5 changed files with 210 additions and 4 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4f8632713c5267e282b091cf7ef5163c5de321536e76dbaab2204aa23c957138
size 1231622

3
munin-1.4.7.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9a87356b1f8662f444a7a2a86ff36809124ffe787c442de0ea35850194d602af
size 1236273

39
munin-CVE-2012-2147.patch Normal file
View File

@ -0,0 +1,39 @@
diff --git a/common/lib/Munin/Common/Config.pm b/common/lib/Munin/Common/Config.pm
index 81b1dc8..76ff088 100644
--- a/common/lib/Munin/Common/Config.pm
+++ b/common/lib/Munin/Common/Config.pm
@@ -37,6 +37,7 @@ my %legal = map { $_ => 1 } (
"cdef_name", "graphable", "process", "realname",
"onlynullcdef", "group_order", "pipe", "pipe_command",
"unknown_limit", "num_unknowns", "dropdownlimit",
+ "max_size_x", "max_size_y",
"max_graph_jobs", "max_cgi_graph_jobs", "munin_cgi_graph_jobs",
"max_html_jobs", "num_messages");
diff --git a/master/_bin/munin-cgi-graph.in b/master/_bin/munin-cgi-graph.in
index 72a13ba..f09ca17 100755
--- a/master/_bin/munin-cgi-graph.in
+++ b/master/_bin/munin-cgi-graph.in
@@ -265,6 +265,22 @@ sub verify_parameters
exit 1;
}
}
+
+ # Checks the image size requested.
+ if (( CGI::param("size_x") || "") =~ m/^(\d+)/) {
+ my $max_size_x = ( $config->{max_size_x} || 4000);
+ if ($1 > $max_size_x) {
+ print STDERR "Warning: Asked image size x too large : $1 > $max_size_x. Bailing out.\n";
+ exit 1;
+ }
+ }
+ if (( CGI::param("size_y") || "") =~ m/^(\d+)/) {
+ my $max_size_y = ($config->{max_size_y} || 4000);
+ if ($1 > $max_size_y) {
+ print STDERR "Warning: Asked image size y too large : $1 > $max_size_y. Bailing out.\n";
+ exit 1;
+ }
+ }
}

165
munin.changes Normal file
View File

@ -0,0 +1,165 @@
-------------------------------------------------------------------
Thu May 3 15:09:14 UTC 2012 - wr@rosenauer.org
- update to bugfix release 1.4.7
- fixed CVE-2012-2147 (bnc#759910)
-------------------------------------------------------------------
Wed Jun 9 00:00:00 UTC 2010 - detlef@links2linux.de
- new upstream version <1.4.5>
* bugfix release
-------------------------------------------------------------------
Sat Mar 6 00:00:00 UTC 2010 - detlef@links2linux.de
- new upstream version <1.4.4>
-------------------------------------------------------------------
Thu Dec 31 00:00:00 UTC 2009 - detlef@links2linux.de
- new upstream release <1.4.3>
-------------------------------------------------------------------
Mon Dec 21 00:00:00 UTC 2009 - detlef@links2linux.de
- new upstream release <1.4.2>
-------------------------------------------------------------------
Mon Dec 7 00:00:00 UTC 2009 - detlef@links2linux.de
- new upstream release <1.4.1>
-------------------------------------------------------------------
Sat Nov 28 00:00:00 UTC 2009 - detlef@links2linux.de
- new upstream release <1.4.0>
-------------------------------------------------------------------
Sat Dec 27 00:00:00 UTC 2008 - detlef@links2linux.de
- add UTF8 patch
-------------------------------------------------------------------
Sat Jul 19 00:00:00 UTC 2008 - detlef@links2linux.de
- new upstream release <1.2.6>
-------------------------------------------------------------------
Wed Aug 15 00:00:00 UTC 2007 - detlef@links2linux.de
- new upstream release <1.2.5>
-------------------------------------------------------------------
Mon Oct 17 00:00:00 UTC 2005 - detlef@links2linux.de
- Fixed missing /sbin/rcmunin-node
-------------------------------------------------------------------
Sun Oct 16 00:00:00 UTC 2005 - detlef@links2linux.de
- First build for packman
-------------------------------------------------------------------
Sun Apr 3 00:00:00 UTC 2005 - runesk@linpro.no
- 1.2.3 release
-------------------------------------------------------------------
Fri Apr 1 00:00:00 UTC 2005 - runesk@linpro.no
- 1.2.2 release
- Fixed SF bug 1164481 (missing /srv/www/htdocs/munin)
- Fixed SF bug 1164477 (patch for Net::Domain on PPC64)
-------------------------------------------------------------------
Fri Mar 11 00:00:00 UTC 2005 - runesk@linpro.no
- 1.2.1 release
-------------------------------------------------------------------
Wed Mar 9 00:00:00 UTC 2005 - runesk@linpro.no
- Fixed erronumous path to web directory
- Added start of node if not running
-------------------------------------------------------------------
Tue Mar 8 00:00:00 UTC 2005 - runesk@linpro.no
- Fixed some build path problems
-------------------------------------------------------------------
Thu Feb 24 00:00:00 UTC 2005 - runesk@linpro.no
- New major release
-------------------------------------------------------------------
Wed Feb 9 00:00:00 UTC 2005 - runesk@linpro.no
- Updated to version 1.2.0rc2.
- Removed Nagios stuff
- Added noreplace for some central configuration files
-------------------------------------------------------------------
Thu Nov 18 00:00:00 UTC 2004 - runesk@linpro.no
- Updated to version 1.0.4
-------------------------------------------------------------------
Mon Nov 8 00:00:00 UTC 2004 - runesk@linpro.no
- Updated version 1.0.3 / sync with redhat-build
-------------------------------------------------------------------
Wed Aug 4 00:00:00 UTC 2004 - runesk@linpro.no
- Initial SuSE build
-------------------------------------------------------------------
Sun Feb 1 00:00:00 UTC 2004 - ingvar@linpro.no
- Sync with CVS. Version 1.0.0pre2
-------------------------------------------------------------------
Sun Jan 18 00:00:00 UTC 2004 - ingvar@linpro.no
- Sync with CVS. Change names to munin.
-------------------------------------------------------------------
Fri Oct 31 00:00:00 UTC 2003 - ingvar@linpro.no
- Lot of small fixes. Now builds on more RPM distros
-------------------------------------------------------------------
Wed May 21 00:00:00 UTC 2003 - ingvar@linpro.no
- Sync with CVS
- 0.9.5-1
-------------------------------------------------------------------
Tue Apr 1 00:00:00 UTC 2003 - ingvar@linpro.no
- Sync with CVS
- Makefile-based install of core files
- Build doc (only pod2man)
-------------------------------------------------------------------
Thu Jan 9 00:00:00 UTC 2003 - ingvar@linpro.no
- Sync with CVS, auto rpmbuild
-------------------------------------------------------------------
Thu Jan 2 00:00:00 UTC 2003 - ingvar@linpro.no
- Fix spec file for RedHat 8.0 and new version of lrrd
-------------------------------------------------------------------
Wed Sep 4 00:00:00 UTC 2002 - ingvar@linpro.no
- Small bugfixes in the rpm package
-------------------------------------------------------------------
Tue Jun 18 00:00:00 UTC 2002 - kjetilho@linpro.no
- new package

View File

@ -8,7 +8,7 @@
Name: munin
Version: 1.4.5
Version: 1.4.7
Release: 1
Summary: Network-wide graphing framework (grapher/gatherer)
License: GPL
@ -22,6 +22,7 @@ Source4: munin.logrotate
Source5: munin-node.logrotate
Source6: munin-node.cron.d
Source7: plugins.conf
Patch0: munin-CVE-2012-2147.patch
Requires: perl-base = %{perl_version}
Requires: perl-HTML-Template perl-Log-Log4perl perl-Net-Server perl-Net-SNMP
%if %suse_version >= 1110
@ -88,6 +89,7 @@ RRDtool. To see a real example of Munin in action, take a peek at
%prep
%setup -q
cp %{SOURCE1} .
%patch0 -p1
%build