Branches for Oneiric

Author: Chuck Short
Revision Date: 2011-04-05 14:57:44 UTC

debian/patches/upstream_bug_1009.patch: Backport
ipv6 patch. (LP: #713646)

Author: Marc Deslauriers
Revision Date: 2012-10-17 08:26:39 UTC

* SECURITY UPDATE: symlink vulnerability in qmailscan plugin
  - debian/patches/CVE-2012-2103.patch: remove the use of tempfiles in
    plugins/node.d/qmailscan.in.
  - CVE-2012-2103
* SECURITY UPDATE: privilege escalation via root running plugins
  - debian/patches/CVE-2012-3512.patch: run each plugin in their own
    state directory in Makefile, Makefile.config,
    node/lib/Munin/Node/{OS,Service}.pm, plugins/lib/Munin/Plugin.pm,
    plugins/node.d/*.in,plugins/node.d.linux/*.in.
  - debian/patches/CVE-2012-3512-regression.patch: Don't rely on
    MUNIN_PLUGSTATE being in the environment as these scripts also get
    run by a cron job in plugins/node.d.linux/apt_all.in,
    plugins/node.d.linux/apt.in.
  - CVE-2012-3512
* debian/Makefile.config: added new plugin state directory location.
* debian/munin-node.{postinst,postrm}: Remove old plugin state directory
  override, also remove new plugin state directory.

Author: Marc Deslauriers
Revision Date: 2012-10-17 08:26:39 UTC

* SECURITY UPDATE: symlink vulnerability in qmailscan plugin
  - debian/patches/CVE-2012-2103.patch: remove the use of tempfiles in
    plugins/node.d/qmailscan.in.
  - CVE-2012-2103
* SECURITY UPDATE: privilege escalation via root running plugins
  - debian/patches/CVE-2012-3512.patch: run each plugin in their own
    state directory in Makefile, Makefile.config,
    node/lib/Munin/Node/{OS,Service}.pm, plugins/lib/Munin/Plugin.pm,
    plugins/node.d/*.in,plugins/node.d.linux/*.in.
  - debian/patches/CVE-2012-3512-regression.patch: Don't rely on
    MUNIN_PLUGSTATE being in the environment as these scripts also get
    run by a cron job in plugins/node.d.linux/apt_all.in,
    plugins/node.d.linux/apt.in.
  - CVE-2012-3512
* debian/Makefile.config: added new plugin state directory location.
* debian/munin-node.{postinst,postrm}: Remove old plugin state directory
  override, also remove new plugin state directory.

Author: Marc Deslauriers
Revision Date: 2012-10-17 08:26:39 UTC

* SECURITY UPDATE: symlink vulnerability in qmailscan plugin
  - debian/patches/CVE-2012-2103.patch: remove the use of tempfiles in
    plugins/node.d/qmailscan.in.
  - CVE-2012-2103
* SECURITY UPDATE: privilege escalation via root running plugins
  - debian/patches/CVE-2012-3512.patch: run each plugin in their own
    state directory in Makefile, Makefile.config,
    node/lib/Munin/Node/{OS,Service}.pm, plugins/lib/Munin/Plugin.pm,
    plugins/node.d/*.in,plugins/node.d.linux/*.in.
  - debian/patches/CVE-2012-3512-regression.patch: Don't rely on
    MUNIN_PLUGSTATE being in the environment as these scripts also get
    run by a cron job in plugins/node.d.linux/apt_all.in,
    plugins/node.d.linux/apt.in.
  - CVE-2012-3512
* debian/Makefile.config: added new plugin state directory location.
* debian/munin-node.{postinst,postrm}: Remove old plugin state directory
  override, also remove new plugin state directory.

Author: Ben Howard
Revision Date: 2011-09-19 20:53:38 UTC

debian/munin-node.upstart: corrected upstart start level (LP: #820669)