head 1.23; access; symbols pkgsrc-2023Q4:1.22.0.10 pkgsrc-2023Q4-base:1.22 pkgsrc-2023Q3:1.22.0.8 pkgsrc-2023Q3-base:1.22 pkgsrc-2023Q2:1.22.0.6 pkgsrc-2023Q2-base:1.22 pkgsrc-2023Q1:1.22.0.4 pkgsrc-2023Q1-base:1.22 pkgsrc-2022Q4:1.22.0.2 pkgsrc-2022Q4-base:1.22 pkgsrc-2022Q3:1.21.0.8 pkgsrc-2022Q3-base:1.21 pkgsrc-2022Q2:1.21.0.6 pkgsrc-2022Q2-base:1.21 pkgsrc-2022Q1:1.21.0.4 pkgsrc-2022Q1-base:1.21 pkgsrc-2021Q4:1.21.0.2 pkgsrc-2021Q4-base:1.21 pkgsrc-2021Q3:1.19.0.6 pkgsrc-2021Q3-base:1.19 pkgsrc-2021Q2:1.19.0.4 pkgsrc-2021Q2-base:1.19 pkgsrc-2021Q1:1.19.0.2 pkgsrc-2021Q1-base:1.19 pkgsrc-2020Q4:1.18.0.10 pkgsrc-2020Q4-base:1.18 pkgsrc-2020Q3:1.18.0.8 pkgsrc-2020Q3-base:1.18 pkgsrc-2020Q2:1.18.0.6 pkgsrc-2020Q2-base:1.18 pkgsrc-2020Q1:1.18.0.2 pkgsrc-2020Q1-base:1.18 pkgsrc-2019Q4:1.18.0.4 pkgsrc-2019Q4-base:1.18 pkgsrc-2019Q3:1.17.0.16 pkgsrc-2019Q3-base:1.17 pkgsrc-2019Q2:1.17.0.14 pkgsrc-2019Q2-base:1.17 pkgsrc-2019Q1:1.17.0.12 pkgsrc-2019Q1-base:1.17 pkgsrc-2018Q4:1.17.0.10 pkgsrc-2018Q4-base:1.17 pkgsrc-2018Q3:1.17.0.8 pkgsrc-2018Q3-base:1.17 pkgsrc-2018Q2:1.17.0.6 pkgsrc-2018Q2-base:1.17 pkgsrc-2018Q1:1.17.0.4 pkgsrc-2018Q1-base:1.17 pkgsrc-2017Q4:1.17.0.2 pkgsrc-2017Q4-base:1.17 pkgsrc-2017Q3:1.16.0.10 pkgsrc-2017Q3-base:1.16 pkgsrc-2017Q2:1.16.0.6 pkgsrc-2017Q2-base:1.16 pkgsrc-2017Q1:1.16.0.4 pkgsrc-2017Q1-base:1.16 pkgsrc-2016Q4:1.16.0.2 pkgsrc-2016Q4-base:1.16 pkgsrc-2016Q3:1.15.0.6 pkgsrc-2016Q3-base:1.15 pkgsrc-2016Q2:1.15.0.4 pkgsrc-2016Q2-base:1.15 pkgsrc-2016Q1:1.15.0.2 pkgsrc-2016Q1-base:1.15 pkgsrc-2015Q4:1.14.0.2 pkgsrc-2015Q4-base:1.14 pkgsrc-2015Q3:1.13.0.10 pkgsrc-2015Q3-base:1.13 pkgsrc-2015Q2:1.13.0.8 pkgsrc-2015Q2-base:1.13 pkgsrc-2015Q1:1.13.0.6 pkgsrc-2015Q1-base:1.13 pkgsrc-2014Q4:1.13.0.4 pkgsrc-2014Q4-base:1.13 pkgsrc-2014Q3:1.13.0.2 pkgsrc-2014Q3-base:1.13 pkgsrc-2014Q2:1.12.0.4 pkgsrc-2014Q2-base:1.12 pkgsrc-2014Q1:1.12.0.2 pkgsrc-2014Q1-base:1.12 pkgsrc-2013Q4:1.11.0.8 pkgsrc-2013Q4-base:1.11 pkgsrc-2013Q3:1.11.0.6 pkgsrc-2013Q3-base:1.11 pkgsrc-2013Q2:1.11.0.4 pkgsrc-2013Q2-base:1.11 pkgsrc-2013Q1:1.11.0.2 pkgsrc-2013Q1-base:1.11 pkgsrc-2012Q4:1.10.0.2 pkgsrc-2012Q4-base:1.10 pkgsrc-2012Q3:1.9.0.2 pkgsrc-2012Q3-base:1.9 pkgsrc-2012Q2:1.8.0.2 pkgsrc-2012Q2-base:1.8 pkgsrc-2012Q1:1.7.0.4 pkgsrc-2012Q1-base:1.7 pkgsrc-2011Q4:1.7.0.2 pkgsrc-2011Q4-base:1.7 pkgsrc-2011Q3:1.2.0.4 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.1.1.1.0.10 pkgsrc-2011Q1-base:1.1.1.1 pkgsrc-2010Q4:1.1.1.1.0.8 pkgsrc-2010Q4-base:1.1.1.1 pkgsrc-2010Q3:1.1.1.1.0.6 pkgsrc-2010Q3-base:1.1.1.1 pkgsrc-2010Q2:1.1.1.1.0.4 pkgsrc-2010Q2-base:1.1.1.1 pkgsrc-2010Q1:1.1.1.1.0.2 pkgsrc-2010Q1-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.23 date 2024.03.11.10.47.29; author jperkin; state Exp; branches; next 1.22; commitid eCJm0eB7Fq6BmJ1F; 1.22 date 2022.12.07.08.15.59; author jperkin; state Exp; branches; next 1.21; commitid KkaPsPvh2RoEiB4E; 1.21 date 2021.10.26.11.07.13; author nia; state Exp; branches; next 1.20; commitid G83yJyZF8er6kjeD; 1.20 date 2021.10.07.14.43.05; author nia; state Exp; branches; next 1.19; commitid EMvsIaZgYm1t8TbD; 1.19 date 2021.03.14.14.26.12; author spz; state Exp; branches; next 1.18; commitid B1bNN9tK92ByHhLC; 1.18 date 2019.11.24.20.16.55; author spz; state Exp; branches; next 1.17; commitid yw1jnpcuVajUV8MB; 1.17 date 2017.09.28.10.40.35; author spz; state Exp; branches; next 1.16; commitid BU7Bs7S3QRcr2X8A; 1.16 date 2016.12.09.21.08.34; author spz; state Exp; branches; next 1.15; commitid nCYQ46xQQYTsWlxz; 1.15 date 2016.02.16.05.58.56; author spz; state Exp; branches; next 1.14; commitid Vfrd1em47kHQo6Vy; 1.14 date 2015.11.04.00.35.46; author agc; state Exp; branches; next 1.13; commitid K5R8pkzReRJy0IHy; 1.13 date 2014.09.21.14.49.45; author spz; state Exp; branches; next 1.12; commitid vWgZxS78Lvm8RdRx; 1.12 date 2014.02.27.20.22.41; author spz; state Exp; branches; next 1.11; commitid EBfiybNpMYHLkMqx; 1.11 date 2013.03.29.07.19.05; author sbd; state Exp; branches; next 1.10; 1.10 date 2012.10.11.18.42.19; author spz; state Exp; branches; next 1.9; 1.9 date 2012.08.13.18.47.40; author marino; state Exp; branches; next 1.8; 1.8 date 2012.04.28.18.26.19; author gendalia; state Exp; branches; next 1.7; 1.7 date 2011.11.16.21.12.34; author spz; state Exp; branches; next 1.6; 1.6 date 2011.10.16.15.19.08; author spz; state Exp; branches; next 1.5; 1.5 date 2011.10.15.23.07.24; author spz; state Exp; branches; next 1.4; 1.4 date 2011.10.15.18.09.28; author dholland; state Exp; branches; next 1.3; 1.3 date 2011.10.15.16.28.22; author dholland; state Exp; branches; next 1.2; 1.2 date 2011.04.22.14.52.18; author spz; state Exp; branches; next 1.1; 1.1 date 2010.02.14.22.58.57; author spz; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2010.02.14.22.58.57; author spz; state Exp; branches; next ; desc @@ 1.23 log @xymon: Further fixes to use system c-ares. @ text @$NetBSD: distinfo,v 1.22 2022/12/07 08:15:59 jperkin Exp $ BLAKE2s (xymon-4.3.30.tar.gz) = 03a385a0e32188d4ca6fdbaa55bbb92d053ec706ee70ca0bcf483c3f5611a85f SHA512 (xymon-4.3.30.tar.gz) = f3f16ff55293d7d76cb0355151a82545a2b1ad708b59c031640c240379807228dca4ffa9c48a4e20ab75e270bda18b7306ea165b65eb18c9c6471b395fda7b62 Size (xymon-4.3.30.tar.gz) = 3549653 bytes SHA1 (patch-aa) = 7a1455860d5a65aec4b2c226400bf33afc01b78a SHA1 (patch-ab) = 39a6af51ec216bb8cbdb57a3c07d82fce559b27f SHA1 (patch-ac) = 518abacafb7f082ab2de6bcaace27d3e3d4de633 SHA1 (patch-ad) = 4b5413ee14d035fb1b588207b86ebaf0ac122951 SHA1 (patch-ae) = 7519eaeecab9f5d4b6956e0fd426548ec7990a0b SHA1 (patch-af) = e8c3fd4ed1de6f7a74db8fac152534a1fe9f29f5 SHA1 (patch-ah) = db3ea148759f970d9c5e3ef600836751b7aafe12 SHA1 (patch-build_Makefile.AIX) = e3a06992b075507a02f77a6b04ee4425cc2f8dd1 SHA1 (patch-build_Makefile.Darwin) = 3b86292fba80a05c03e8ace424cddfb726a974fc SHA1 (patch-build_Makefile.FreeBSD) = 6ebfa5bab2955eaa42b0021de085eb7ba536432b SHA1 (patch-build_Makefile.HP-UX) = bdd713b83f3670096bb10def6c59036d0a4aa377 SHA1 (patch-build_Makefile.IRIX) = b0ce34295d199ffd1e9008569667abbe436a2355 SHA1 (patch-build_Makefile.Linux) = bddfea6c8400fdd7d8a83a6958f1e4139ef988b6 SHA1 (patch-build_Makefile.OSF1) = 1a7afce4beeef249b2435c2ef14f45b2c2dbf8a2 SHA1 (patch-build_Makefile.OSX) = a72b748600b043f458452ab37175c38087375559 SHA1 (patch-build_Makefile.OpenBSD) = cf40c7839ba6290d349328e2e01a20bdaf274fc6 SHA1 (patch-build_Makefile.SunOS) = 71d134a30825a2d36fbb17731e722c89c79da807 SHA1 (patch-build_Makefile.generic) = e96d5ee29630c9133caebfa752880be90726607c SHA1 (patch-build_c-ares.sh) = c958992639b45431056d91939a345e703131ca2d SHA1 (patch-build_rrd.sh) = cfafece75defb13b413917bfddedb41cb9bb3c8b SHA1 (patch-build_snmp.sh) = 4141c6e2bebea078ac662b7585e579f2af8ee64f SHA1 (patch-common_Makefile) = 32b7da06cd9d22f98ee0f83bb36ed6441c066707 SHA1 (patch-configure) = 3754b9056c365b8664e5fc9620b17c4e13453b2e SHA1 (patch-web_Makefile) = a27fbb7e97ce0c2f30093d5b05b0af2708fb594b SHA1 (patch-xymond_client_netbsd.c) = 9034777cbf12e3e168cf1598bfd444468e3a5086 SHA1 (patch-xymond_rrd_do__disk.c) = e72cb0364e4e949e02a045da0abca46083624253 SHA1 (patch-xymond_rrd_do__vmstat.c) = 8062acc24e9b0e767c5abd3373641aa7b9a5b2ae SHA1 (patch-xymonproxy_Makefile) = 8ecfa4ceb66f66b7d5f40c01339479b26865746e @ 1.22 log @xymon: Use pkgsrc/system c-ares instead of bundled. Fixes build on systems that happen to put link libraries in LDFLAGS due to incredibly strict configure script. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2021/10/26 11:07:13 nia Exp $ d24 1 @ 1.21 log @ net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2021/10/07 14:43:05 nia Exp $ d6 1 a6 1 SHA1 (patch-aa) = 227b631c6e002712ebf6019d8473ca4b44904e4a @ 1.20 log @net: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2021/03/14 14:26:12 spz Exp $ d3 1 a3 1 RMD160 (xymon-4.3.30.tar.gz) = 510fc85c87c30d39dcf4ccc31a334f66440b7bfb @ 1.19 log @update xymon and xymonclient to version 4.3.30 Upstream release notes: Changes for 4.3.30 ================== Various crashes and bugs relating to string handling changes have been fixed, including problems with hostnames with dashes in them. Combostatus tests propagated up from other combostatus tests should now display properly. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2019/11/24 20:16:55 spz Exp $ a2 1 SHA1 (xymon-4.3.30.tar.gz) = ae7a10fc9a9ddf64162dbc6150402f4d377fa325 @ 1.18 log @Update xymon and xymonclient to version 4.3.29. Add patches to xymon from the xymon code repository to fix compatibility issues in 4.3.29. Upstream changelog: Changes for 4.3.29 ================== Several buffer overflow security issues have been resolved, as well as a potential XSS attack on certain CGI interfaces. Although the ability to exploit is limited, all users are urged to upgrade. The assigned CVE numbers are: CVE-2019-13451, CVE-2019-13452, CVE-2019-13455, CVE-2019-13473, CVE-2019-13474, CVE-2019-13484, CVE-2019-13485, CVE-2019-13486 In addition, revisions have been made to a number of places throughout the code to convert the most common sprintf statements to snprintf for safer processing, which should reduce the impact of similar parsing. Additional work on this will continue in the future. The affected CGIs are: history.c (overflow of histlogfn) = CVE-2019-13451 reportlog.c (overflow of histlogfn) = CVE-2019-13452 csvinfo.c (overflow of dbfn) = CVE-2019-13273 csvinfo.c (reflected XSS) = CVE-2019-13274 acknowledge.c (overflow of msgline) = CVE-2019-13455 appfeed.c (overflow of errtxt) = CVE-2019-13484 history.c (overflow of selfurl) = CVE-2019-13485 svcstatus.c (overflow of errtxt) = CVE-2019-13486 We would like to thank the University of Cambridge Computer Security Incident Response Team for their assistance in reporting and helping resolve these issues. Additional Changes: On Linux, a few additional tmpfs volumes are ignored by default on new (or unmodified) installs. This includes /run/user/, which is a transient, per-session tmpfs on some systems. To re- enable monitoring for this (if you are running services under a user with a login session), you may need to edit the analysis.cfg(5) file. After upgrade, these partitions will no longer be alerted on or tracked, and their associated RRD files may also be removed: /run/user/ (but NOT /run) /dev (but NOT /dev/shm) /sys/fs/cgroup /lib/init/rw The default hard limit for an incoming message has been raised from 10MB to 64MB The secure apache config snippet no longer requires a xymongroups file to be present (and module loaded), since it's not used by default. This will not affect existing installs. A --no-cpu-listing option has been added to xymond_client to suppress the 'top' output in cpu test status messages. The conversation used in SMTP checks has been adjusted to perform a proper "EHLO" greeting against servers, using the host string 'xymonnet'. If the string needs to be adjusted, however, see protocols.cfg(5) "Actual" memory usage (as a percentage) may be >100% on some platforms in certain situations. This alone will not be tagged as "invalid" data and should be graphed in RRD. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2017/09/28 10:40:35 spz Exp $ d3 4 a6 4 SHA1 (xymon-4.3.29.tar.gz) = faf18c75839b4ec0863cbf309651c54bb2890988 RMD160 (xymon-4.3.29.tar.gz) = 5a1bac0ae5674db6e3d810a25597373fdc6b7238 SHA512 (xymon-4.3.29.tar.gz) = 63db006baa0cf0a4e3b85d2cbe0a6e230f87922d0b9cc21792672a1551d40f60ea371a34337a93df248456731709a91bafdb630a219a25ba9d76043e54ded196 Size (xymon-4.3.29.tar.gz) = 3548283 bytes a28 10 SHA1 (patch-lib_acklog.c) = 053e63b7b5d55345360c49279eacc7ae470cc3a4 SHA1 (patch-lib_availability.c) = 04d6133f00811afd1aa1263a00ae6396df5202e3 SHA1 (patch-lib_availability.h) = 89ac49779c9bd5090718dfdc24949c6eb67b5705 SHA1 (patch-lib_eventlog.c) = b1b8ee4ffb211f2461cc3d6e3055d9ee045a4da0 SHA1 (patch-lib_holidays.c) = 980d42b5780e37a483fde6a2059294e050abba85 SHA1 (patch-lib_htmllog.c) = 7184ec5014f9b19916541b5ac4c7b7f393623a4d SHA1 (patch-lib_misc.c) = 2ee78934dfb5c25f78fc9c5400baadd3e2e7b70b SHA1 (patch-lib_stackio.c) = 6e97fde074ce41b39c29bf280c560b01d885f875 SHA1 (patch-lib_timefunc.c) = 7e7d7e17252a8ea2e4b7d5bd8e5c2fa7247b9287 SHA1 (patch-lib_tree.c) = 13f8d0d89cb0e0cb9e023734b60f9d67707b0a99 a29 3 SHA1 (patch-web_history.c) = cdddc0230efdb79dbae3055a93e252f43dc49524 SHA1 (patch-web_reportlog.c) = 78068e40253ab295dced37368f19bf1bbe5bd747 SHA1 (patch-web_showgraph.c) = 9c5542975ffd65aff9d2fd03a3d63fde10648ad4 a30 1 SHA1 (patch-xymond_combostatus.c) = cce34cc01bfaba9f171e7d90d3ec398a97e4c4d5 a31 1 SHA1 (patch-xymond_rrd_do__temperature.c) = bf78c81b6f189e6424574eae53921cf44d653a0d a32 2 SHA1 (patch-xymond_xymond__history.c) = 4fadebc1caaba9a0368de7626ed389040718d1ac SHA1 (patch-xymonnet_xymonnet.c) = 849cb3c3f3e673dc3927ce34195f9bc6c594d895 @ 1.17 log @update xymon + xymonclient to 4.3.28 notable changes: OpenSSL 1.1.0 is now supported, and c-ares has been updated While touching the package anyhow, it has been taught to pass down hardening flags, so that the various PKGSRC_USE_ flags now have effect. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2016/12/09 21:08:34 spz Exp $ d3 4 a6 4 SHA1 (xymon-4.3.28.tar.gz) = 9b134af41549e46f46f310b315f70ce42e6668a7 RMD160 (xymon-4.3.28.tar.gz) = 7d2426a6639c52b0a1f6e3d2e5c4e4607090809d SHA512 (xymon-4.3.28.tar.gz) = 589230ee05028c2131d1ddf32dd1a5f302bfcdbf8276bc6ee0fb9590ae2bfe218bf49d931cfa68491160c35818d0bee93b7fcea47b85f924a4f991a5ff608477 Size (xymon-4.3.28.tar.gz) = 3966200 bytes d19 1 a19 1 SHA1 (patch-build_Makefile.Linux) = 3dd75b6613fbf268411ec177f8be5acd48ac8c27 d29 10 d40 3 d44 1 d46 1 d48 2 @ 1.16 log @update xymon and xymonclient to the current version, 4.3.27 Upstream relnotes: Changes for 4.3.27 ================== Fixes for CGI acknowledgements and NK/criticalview web redirects. Xymon should now properly check for lack of SSLv3 (or v2) support at compile- time and exclude the openssl options as needed. Completely empty directories (on Windows) are no longer considered errors. Changes for 4.3.26 ================== This is mostly a bug fix release for javascript issues on the info and trends pages, along with the enable / disable CGI. Several browsers had difficulty with the new CSP rules introduced in 4.3.25. XYMWEBREFRESH is now used as the default refresh interval for dynamic status pages and various other xymongen destinations. Non-svcstatus pages can be overridden by altering the appropriate *_header template files, but svcstatus refresh interval uses this value. (default: 60s) Set in xymonserver.cfg(5). Incoming test names are now restricted to alphanumeric characters, colons dashes, underscores, and slashes. Slashes and colons may be restricted in a future release. Unconfigured (ghost) host names are now restricted to alphanumerics, colons, commas, periods, dashes, and underscores. It is strongly recommended to use only valid hostnames and DNS components in servers names. Files matched multiple times by logfetch in the client config retrieved from config-local.cfg (such as a file matching multiple globs) will now only be scanned once and only use the ignore/trigger rules from its first entry. (Note: A future version of Xymon may combine all matching rules for a file together.) CLASS groupings in analysis.cfg and alerts.cfg will now reliably work for hosts with a CLASS override in hosts.cfg. Previous, this class was not used in favor of the class type sent in on any specific client message. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2016/02/16 05:58:56 spz Exp $ d3 4 a6 4 SHA1 (xymon-4.3.27.tar.gz) = 76055c6b1b60f1d2f86859d1de8fec70ce59e538 RMD160 (xymon-4.3.27.tar.gz) = 585b9e5f49444eee255db62d1510fc67f2539f96 SHA512 (xymon-4.3.27.tar.gz) = bb48fce02e20f040675d3cf8e32596855b57c8ad1ed12c684550458cc286a6d214814ba596a670539d137e238a9e02ff9f8ffe2522571b95445db5b81b12d0f1 Size (xymon-4.3.27.tar.gz) = 3000255 bytes d9 2 a10 2 SHA1 (patch-ac) = a44d1c7471d6aafe36931fa8dd001c0d3b7d7b72 SHA1 (patch-ad) = 218ef05eb3d51d779230c357d731b2f904d4559f d13 12 a24 3 SHA1 (patch-ah) = 03fee4b97cc3301339ace1ce459e7b679b83f96a SHA1 (patch-build_Makefile.FreeBSD) = e58b50f35068cba6fed89cc21bcc4eb7d30efd23 SHA1 (patch-build_Makefile.Linux) = eea6d1ced23a622d115aa97dc10d352f9dd622b0 d27 3 a29 1 SHA1 (patch-configure) = b654e6da62e1aabdad4b8bfb0fd3e87de89de6d5 d33 1 @ 1.15 log @update of xymon and xymonclient from 4.3.17 to 4.3.25 The following security issues are fixed with this update: * Resolve buffer overflow when handling "config" file requests (CVE-2016-2054) * Restrict "config" files to regular files inside the $XYMONHOME/etc/ directory (symlinks disallowed) (CVE-2016-2055). Also, require that the initial filename end in '.cfg' by default * Resolve shell command injection vulnerability in useradm and chpasswd CGIs (CVE-2016-2056) * Tighten permissions on the xymond BFQ used for message submission to restrict access to the xymon user and group. It is now 0620. (CVE-2016-2057) * Restrict javascript execution in current and historical status messages by the addition of appropriate Content-Security-Policy headers to prevent XSS attacks. (CVE-2016-2058) * Fix CVE-2015-1430, a buffer overflow in the acknowledge.cgi script. Thank you to Mark Felder for noting the impact and Martin Lenko for the original patch. * Mitigate CVE-2014-6271 (bash 'Shell shock' vulnerability) by eliminating the shell script CGI wrappers Please refer to https://sourceforge.net/projects/xymon/files/Xymon/4.3.25/Changes/download for further information on fixes and new features. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2015/11/04 00:35:46 agc Exp $ d3 4 a6 4 SHA1 (xymon-4.3.25.tar.gz) = 049bf7e908032e9780e3c67fd5e10dd399c811f3 RMD160 (xymon-4.3.25.tar.gz) = 1c8315e88a5b418d77e7c6e1c4f5f2e034f049e3 SHA512 (xymon-4.3.25.tar.gz) = c438ecaac18ca64222643fa361254e7c7a27c60ca3bb27fc092da8182e7c1c7862677b544e4d634ae73bbaa7954a3bb0920ce570d99e8ffd899419119075a940 Size (xymon-4.3.25.tar.gz) = 2996840 bytes @ 1.14 log @Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2014/09/21 14:49:45 spz Exp $ d3 4 a6 4 SHA1 (xymon-4.3.17.tar.gz) = 1a8ba9e42f27fe3ce4625be745a41bd16ed2d1f9 RMD160 (xymon-4.3.17.tar.gz) = 09b88d228633daa0f904567102a4c697b5651b73 SHA512 (xymon-4.3.17.tar.gz) = 4fcea3763c310f6b201fe02a54adcc2dd2537798e80dbea2a15ae6da57c864ae1c6dd955b934fd38ab3eabe93f04c09975910ecc01dc6fbb5cd0d970830e4737 Size (xymon-4.3.17.tar.gz) = 2772765 bytes d18 1 a18 1 SHA1 (patch-configure) = 7b71ed7a567124a2aa36d9bf9188209649e88a4d @ 1.13 log @fix inode checks for NetBSD fix inode check result rrd handling for all BSDish systems; if you use xymon-4.3.17nb1 on *BSD you may have lots of inode.rrd files in /var/xymon/rrd, since it used iavail instead of the name of the filesystem mount to identify the inode usage stats. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2014/02/27 20:22:41 spz Exp $ d5 1 @ 1.12 log @Update to 4.3.17. The last two teeny versions were for bug fixes. Also contains the inode check expansion for NetBSD from PR 48575 Upstream changelog: Changes for 4.3.15 - 4.3.17 =========================== No significant changes. Changes for 4.3.14 ================== In previous Xymon versions, a client-only configuration (i.e. one configured with "./configure --client") would place the client files in a "client" subdirectory below the directory specified during configuration. This is the same directory layout as a server installation, where the server and client parts of Xymon are in separate subdirectories. In 4.3.14, the default has changed so a client-only installation now installs in the directory given during the configure-step. The "/client" has been eliminated, so if you are upgrading an existing client you must either move the old client installation one level up from the "client/" directory, or change the Makefile generated by "configure --client" and add "/client" to the XYMONTOPDIR setting. The SNI support added in 4.3.13 causes problems with some older webservers, whose SSL implementation cannot handshake correctly when SNI is used. The failed handshake causes Xymon to report the site as down. In 4.3.14, the default is changed so SNI is disabled. A new "--sni" option was added to xymonnet to control the default setting, and two new tags "sni" and "nosni" can be used in hosts.cfg to control SNI for each host that is tested. Changes for 4.3.13 ================== This is mostly a bugfix release. Apart from simple bugs (see the Changes file), there are some enhancements: Alerts sent via e-mail have line-endings converted to plain , since the carriage-return characters would cause some mailers to send alerts as a (binary) attachment to an empty mail message. https-URL's can be forced to use TLS only, by using "httpst://..." similar to how SSLv2 and SSLv3 can be chosen. SSL connections (e.g. for https URL's) now use the TLS "Server Name Indication" (SNI) if your OpenSSL library supports it. This allows testing of systems that have multiple SSL websites located on the same physical IP+port (i.e. virtual name-based hosts). Changes for 4.3.12 ================== NOTE: This release includes a bugfix for a security issue in the xymond_history and xymond_rrd modules. A "drophost" command sent to the xymond port (default: 1984) from an IP listed in the --admin-senders access control list can be used to delete files owned by the user running the xymond daemon. This is allowed by default, so it is highly recommended to install this update. Changes for 4.3.2 - 4.3.11 ========================== See the Changes file for a list of significant changes. These releases are mostly to fix bugs. NOTE: Some configuration parameters have changed, so you must regenerate the top-level Makefile by running the "configure" script before compiling the new version. The inode-check introduced in 4.3.8 and 4.3.10 requires that you update both the Xymon server installation and the Xymon client on the systems where you want to monitor how many inodes are being used. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2013/03/29 07:19:05 sbd Exp $ d18 2 a19 1 SHA1 (patch-xymond_client_netbsd.c) = 9f1c69d1c7c187c9221061df52569837add6070b @ 1.11 log @Add extra compiler flags to build correctly on Linux. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2012/10/11 18:42:19 spz Exp $ d3 6 a8 6 SHA1 (xymon-4.3.10.tar.gz) = d37765da5741adc4282e081e3ad59862eb22353f RMD160 (xymon-4.3.10.tar.gz) = df5e01ab4528bc1146cdf784bbf69616f743bfa1 Size (xymon-4.3.10.tar.gz) = 2754807 bytes SHA1 (patch-aa) = c74991627bfc4286a67f66e45915c3af69b38c2f SHA1 (patch-ab) = 2914624fde86a888639be356c6f28eefd47b5eb6 SHA1 (patch-ac) = f65831af9899167e291aabd691945e9e4fc1d44b d18 1 @ 1.10 log @- fix FreeBSD/Dragonfly properly - update to newest version Upstream changelog: Xymon release 4.3.10 - released on Aug 6 2012 ============================================= Main features in this release is the addition of inode-checks on all major platforms, and a series of enhancements to the build procedure. Also, building Xymon on most common platforms is now explicitly described in the "install" document. * Fix build problems with "errno" * Fix build problems with OpenSSL in non-default locations * Fix build problems with certain LDAP configurations * Fix build problems with RRDtool on FreeBSD / OpenBSD * Fix problem with ifstat data from Fedora in graphs * "inode" check on FreeBSD, OpenBSD, OSX, Solaris, HP/UX, AIX in addition to existing support for Linux * Document building and installing Xymon on common platforms (Linux, FreeBSD, OpenBSD, Solaris) * Enhance xymoncfg so it can be used to import Xymon configuration settings into shell-scripts. Xymon release 4.3.9 - released on Jul 24 2012 ============================================= This release is mainly a bug-fix release. * Fix crash when XYMSRV is undefined but XYMSERVERS is * Fix error in calculating combo-status messages with forward references * Fix error in disable-until-TIME or disable-until-OK code * Fix documentation of DURATION in alerts.cfg / xymond_alert so it is consistenly listed as being in "minutes". * Permit explicit use of ">" and ">=" in alerts.cfg * Permit building without the RRDtool libraries, e.g. for a network-tester build, but with trend-graphing disabled. * Full compiler-warning cleanup * Various configuration/build-script issues fixed. Xymon release 4.3.8 - released on Jul 15 2012 ============================================= This release is mainly a bug-fix release. Bugfixes * Workaround for DNS timeout handling, now fixed at approximately 25 seconds. * "hostinfo" command for xymond documented * confreport only shows processes that are monitored * analysis.cfg parsing of COLOR for UP rules was broken * RRD handlers no longer crash after receiving 1 billion updates * Using .netrc for authentication could crash xymonnet * "directory" includes would report the wrong filename for missing directories. * useradm CGI would invoke htpassword twice * "include" and "directory" now ignores trailing whitespace * SSLv2 support disabled if SSL-library does not support it * Minor bugfixes and cleanups of compiler warnings. Enhancements * Service status on info page now links to the detailed status page. * Add RRDGRAPHOPTS setting to permit global user-specified RRD options, e.g. for font to showgraph CGI * Add check for the size of public keys used in SSL certificates (enabled via --sslkeysize=N option for xymonnet) * Optionally disable the display of SSL ciphers in the sslcert status (the --no-cipherlist option for xymonnet) * Improved build-scripts works on newer systems with libraries in new and surprising places * Reduce xymonnet memory usage and runtime for ping tests when there are multiple hosts.cfg entries with the same IP-address. * Add code for inode-monitoring on Linux. Does not currently work on any other client platform. * Added the ability to disable tests until a specific time, instead of for some interval. Disabling a test also now computes the expire time for the disable to happen at the next closest minute. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2012/08/13 18:47:40 marino Exp $ d14 1 @ 1.9 log @net/xymon: Add DragonFly support / fix FreeBSD * Add Makefile.DragonFly * Fix sha2.c #include . On last, nothing sets HAVE_STDINT_H and passing -DHAVE_STDINT_H through cflags fails. Just switch it based on __FreeBSD__ and __DragonFly__. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2012/04/28 18:26:19 gendalia Exp $ d3 3 a5 3 SHA1 (xymon-4.3.7.tar.gz) = 29339157a1a6155d134ed1ad9985391d43034ee8 RMD160 (xymon-4.3.7.tar.gz) = 9547eac47a5893f978cace54b5761e9cabe75941 Size (xymon-4.3.7.tar.gz) = 2740378 bytes d7 1 a7 1 SHA1 (patch-ab) = d6079a2f09c38f701c553ab9744731050f66772c d9 2 a10 2 SHA1 (patch-ad) = dadd2d81ed55c70f03994b2d868cfe643969a8ba SHA1 (patch-ae) = aa29eefcf9f0fa87014166692dcf146cebd70ef5 d12 3 a14 2 SHA1 (patch-ah) = 29942670246f55cf4e703b028cd9a0dcb0acb681 SHA1 (patch-build_rrd.sh) = 6c9393b93265d3c6d5bda801a875ec66f3759b01 a16 1 SHA1 (patch-lib_sha2.c) = 363b1680bfb70acfd5a4f768fb9688f4511846be @ 1.8 log @Update xymon to 4.3.7 Upstream changelog: Changes from 4.3.6 -> 4.3.7 (13 Dec 2011) ========================================= * rev 6803 * Fix acknowledge CGI (broken in 4.3.6) * Fix broken uptime calculation for systems reporting "1 day" * Workaround Solaris breakage in the LFS-support detection * Fix/add links to the HTML man-page index. * Fix "Stop after" value not being shown on the "info" page. * Fix broken alert texts when using FORMAT=SMS * Fix wrong description of xymondboard CRITERIA in xymon(1) * Fix missing columnname in analysis.cfg(5) DS example * Fix missing space in output from disk IGNORE rules in xymond_client --dump-config * Fix overwrite of xymon-apache.conf when upgrading * Fix installation so it does not remove include/directory lines from configuration files. * Add client/local/ directory for custom client script Changes from 4.3.5 -> 4.3.6 (5 Dec 2011) ======================================== * rev 6788 * Optionally choose the color for the "cpu" status when it goes non-green due to uptime or clock offset. * Allow for "include" and "directory" in combo.cfg and protocols.cfg * New INTERFACES definition in hosts.cfg to select which network interfaces are tracked in graphs. * New access control mechanism for some CGI scripts returning host-specific information. Access optionally checked against an Apache-style "group" file (see xymonwebaccess(5) CGI manpage). * New "vertical" page-definitions (vpage, vsubpage,vsubparent) for listing hosts across and tests down on a page. * Fix hostlist CGI crash when called with HTTP "HEAD" * Fix svcstatus CGI crash when called with non-existing hostname * Fix "ackinfo" updates being cleared when host hits a DOWNTIME period. * Fix compile-errors on Solaris due to network libraries not being included. * Fix "logrotate" messages not being sent to some channels. * Fix problem with loading the hosts.cfg file. * STATUSLIFETIME now provides the default time a status is valid (in xymond). * Critical systems view: Use priority 99 for un-categorised priorities (imported from NK tags) and show this as 'No priority' on the webpage. * useradm CGI: Sort usernames * New xymond module - xymond_distribute - can forward administrative commands (drop, rename, disable, enable) from one Xymon server to another. * New tool: appfeed CGI provides data for the Android "xymonQV" app by Darrik Mazey. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2011/11/16 21:12:34 spz Exp $ d16 1 @ 1.7 log @fix bugs found by gendalia@@: - transition from BBHOME etc to XYMONHOME etc needed to also happen in files/xymon.sh - vmstat on NetBSD has not shown 3 disks in a while already, so vmstat trending for NetBSD clients was off. The disk names that remain are left unchanged since for existing rrds a change would cause failing data submission @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2011/10/16 15:19:08 spz Exp $ d3 3 a5 3 SHA1 (xymon-4.3.5.tar.gz) = cd49d689bbf9c27ed4d2010cf75223d7f43f656e RMD160 (xymon-4.3.5.tar.gz) = 31110454d30835f758d844e3c142066566546548 Size (xymon-4.3.5.tar.gz) = 2715187 bytes d8 1 a8 1 SHA1 (patch-ac) = 0c191268606b1bc8547a0403b440e7628b6e2928 @ 1.6 log @fix build issues when building with non-standard PREFIX (found by dholland) introduce options allow optional building with net-snmp support pkglint cosmetics @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2011/10/15 23:07:24 spz Exp $ d16 1 @ 1.5 log @Update xymon and xymonclient to 4.3.5 adjust Makefile to avoid/fix problems found by dholland Upstream changelog: Changes from 4.3.4 -> 4.3.5 (9 Sep 2011) ======================================== * rev 6754 * Fix crash in CGI generating the "info" status column. * Fix broken handling of IGNORE for log-file analysis. * Fix broken clean-up of obsolete cookies (no user impact). * Devmon RRD handler: Fix missing initialisation, which might cause crashes of the RRD handler. * Fix crashes in xymond caused by faulty new library for storing cookies and host-information. * Fix memory corruption/crash in xymond caused by logging of multi-source statuses. * New "delayred" and "delayyellow" definitions for a host can be used to delay change to a yellow/red status for any status column (replaces the network-specific "badFOO" definitions). * analysis.cfg and alerts.cfg: New DISPLAYGROUP setting to select hosts by the group/group-only/group-except text. * New HOSTDOCURL setting in xymonserver.cfg. Replaces the xymongen "--docurl" and "--doccgi" options, and is used by all tools. * xymond_history option to control location of PID file. * Critical Systems view: Optionally show eventlog for the hosts present on the CS view. * Critical Systems view: Multiple --config options can now be used, to display critical systems from multiple configurations on one page. * Detailed status display: Speedup by no longer having to load the hosts.cfg file. * xymongen and xymonnet: Optionally load the hosts.cfg from xymond instead of having to read the file. Changes from 4.3.3 -> 4.3.4 (1 Aug 2011) ======================================== * rev 6722 * Fix crashes and data corruption in Xymon worker modules (xymond_client, xymond_rrd etc) after handling large messages. * Fix xymond lock-up when renaming/deleting hosts * Fix xymond cookie lookup mechanism * Webpages: Add new HOSTPOPUP setting to control what values from hosts.cfg are displayed as a "comment" to the hostname (either in pop-up's or next to the hostname). * Fix xymond_client crash if analysis.cfg contains invalid configuration entries, e.g. expressions that do not compile. * Fix showgraph CGI crash when legends contain colon. * xymonnet: Include hostname when reporting erroneous test-spec * CGI utils: Multiple potential security fixes involving buffer- overruns when generating responses. * CGI utils: Fix crash when invoked with HTTP "HEAD" * CGI utils: Fix crashes on 64-bit platforms due to missing prototype of "basename()" function. * svcstatus CGI: Dont crash if history log is not a file. * Critical systems view CGI: Cross-site scripting fix * Fix recovery-messages for alerts sent to a GROUP * RRD "memory" status handler now recognizes the output from the bb-xsnmp.pl module (for Cisco routers). * Web templates modified so the menu CSS can override the default body CSS. * Acknowledge web page now allows selecting minutes/hours/days * Enable/Disable webpage enhanced, so when selecting multiple hosts the "Tests" column only lists the tests those hosts have. Changes from 4.3.2 -> 4.3.3 (6 May 2011) ======================================== * rev6684 * SECURITY FIX: Some CGI parameters were used to construct filenames of historical logfiles without being sanitized, so they could be abused to read files on the webserver. * SECURITY FIX: More cross-site scripting vulnerabilities. * Remove extra "," before "History" button on status-view * Critical view: Shring priority-column to 10% width * hosts.cfg loader: Check for valid IP spec (nibbles in 0-255 range). Large numbers in a nibble were accepted, triggering problems when trying to ping the host. * Alert macros no longer limited to 8kB @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2011/10/15 18:09:28 dholland Exp $ d6 3 a8 3 SHA1 (patch-aa) = 7e78416fe7bb3b0bc15397f7b4025bc1baa20a24 SHA1 (patch-ab) = 9a8edca943211101f387e5a21d638d44a23cf6a7 SHA1 (patch-ac) = c894c809ec4584636bb9705a521a0208dc2dbc05 d11 4 a14 3 SHA1 (patch-af) = d486344e3f7fe05f61ea8ec0f811052a56ceb52f SHA1 (patch-ah) = 152d3b993559b349f241e0a2f6419721bfb3c4b3 SHA1 (patch-build_rrd.sh) = 5abb10a959e0721b64d666c62e573e856a3404a9 @ 1.4 log @revert previous -- maintainer objected @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2011/04/22 14:52:18 spz Exp $ d3 4 a6 4 SHA1 (xymon-4.3.2.tar.gz) = 6663470565545d1801d2ff05cab78bc89695a821 RMD160 (xymon-4.3.2.tar.gz) = 45b75a7d3b8a57518aa12f12ee36c6de6de96aae Size (xymon-4.3.2.tar.gz) = 2698224 bytes SHA1 (patch-aa) = aa0634088b82ad045435321e354d39923c67873e d9 1 a9 1 SHA1 (patch-ad) = 5073ccab556b2b6c787bcc640cd4c8b112f0c97d d13 2 @ 1.3 log @Fix most of xymon's build issues: - use the right environment variable to pass the rrdtool location; - remove some stray commas from the NetBSD build config; - make the toplevel configure script stop on error. @ text @d9 1 a9 1 SHA1 (patch-ad) = dadd2d81ed55c70f03994b2d868cfe643969a8ba a12 1 SHA1 (patch-configure) = 36a968ab13bdbf80a6c9e950624b38ae4eb2d019 @ 1.2 log @package update to 4.3.2: + fixes cross-site scripting vulnerabilities (SA44036) + contains a lot of filename cleanup work (no more bb and hobbit) please read upgrade-to-430.txt when upgrading from a previous pkg (see also the install message) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2010/02/14 22:58:57 spz Exp $ d9 1 a9 1 SHA1 (patch-ad) = 5073ccab556b2b6c787bcc640cd4c8b112f0c97d d13 1 @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2006/10/09 13:29:00 ben Exp $ d3 10 a12 9 SHA1 (xymon-4.3.0-beta2.tar.gz) = 484ab668358856c7bbc7ba85bfe2afa7c0fa2f10 RMD160 (xymon-4.3.0-beta2.tar.gz) = ab8db88d1e2cb7363c8a9b35396094ea921cc5b5 Size (xymon-4.3.0-beta2.tar.gz) = 2405826 bytes SHA1 (patch-aa) = ce534d384fe0936f7ad6e1a2601c0f4cb1fc3346 SHA1 (patch-ab) = 255892c607845790641924a4febea18a030685cb SHA1 (patch-ac) = 653f3496ce2a6107f0c5f30d50b8d7ecc947b196 SHA1 (patch-ad) = e5a42cbc6537e23a5a44ed343c86e121adadb139 SHA1 (patch-ae) = 8be66af4b877958f2bc64e18494c67a73acd4360 SHA1 (patch-af) = a81d3e73ffd6718e20320c6bd59c56ac4616524a @ 1.1.1.1 log @xymon is the successor to hobbit. This is the server package. It's a beta, so handle with care. @ text @@