head	1.2;
access;
symbols
	pkgsrc-2026Q1:1.2.0.82
	pkgsrc-2026Q1-base:1.2
	pkgsrc-2025Q4:1.2.0.80
	pkgsrc-2025Q4-base:1.2
	pkgsrc-2025Q3:1.2.0.78
	pkgsrc-2025Q3-base:1.2
	pkgsrc-2025Q2:1.2.0.76
	pkgsrc-2025Q2-base:1.2
	pkgsrc-2025Q1:1.2.0.74
	pkgsrc-2025Q1-base:1.2
	pkgsrc-2024Q4:1.2.0.72
	pkgsrc-2024Q4-base:1.2
	pkgsrc-2024Q3:1.2.0.70
	pkgsrc-2024Q3-base:1.2
	pkgsrc-2024Q2:1.2.0.68
	pkgsrc-2024Q2-base:1.2
	pkgsrc-2024Q1:1.2.0.66
	pkgsrc-2024Q1-base:1.2
	pkgsrc-2023Q4:1.2.0.64
	pkgsrc-2023Q4-base:1.2
	pkgsrc-2023Q3:1.2.0.62
	pkgsrc-2023Q3-base:1.2
	pkgsrc-2023Q2:1.2.0.60
	pkgsrc-2023Q2-base:1.2
	pkgsrc-2023Q1:1.2.0.58
	pkgsrc-2023Q1-base:1.2
	pkgsrc-2022Q4:1.2.0.56
	pkgsrc-2022Q4-base:1.2
	pkgsrc-2022Q3:1.2.0.54
	pkgsrc-2022Q3-base:1.2
	pkgsrc-2022Q2:1.2.0.52
	pkgsrc-2022Q2-base:1.2
	pkgsrc-2022Q1:1.2.0.50
	pkgsrc-2022Q1-base:1.2
	pkgsrc-2021Q4:1.2.0.48
	pkgsrc-2021Q4-base:1.2
	pkgsrc-2021Q3:1.2.0.46
	pkgsrc-2021Q3-base:1.2
	pkgsrc-2021Q2:1.2.0.44
	pkgsrc-2021Q2-base:1.2
	pkgsrc-2021Q1:1.2.0.42
	pkgsrc-2021Q1-base:1.2
	pkgsrc-2020Q4:1.2.0.40
	pkgsrc-2020Q4-base:1.2
	pkgsrc-2020Q3:1.2.0.38
	pkgsrc-2020Q3-base:1.2
	pkgsrc-2020Q2:1.2.0.34
	pkgsrc-2020Q2-base:1.2
	pkgsrc-2020Q1:1.2.0.14
	pkgsrc-2020Q1-base:1.2
	pkgsrc-2019Q4:1.2.0.36
	pkgsrc-2019Q4-base:1.2
	pkgsrc-2019Q3:1.2.0.32
	pkgsrc-2019Q3-base:1.2
	pkgsrc-2019Q2:1.2.0.30
	pkgsrc-2019Q2-base:1.2
	pkgsrc-2019Q1:1.2.0.28
	pkgsrc-2019Q1-base:1.2
	pkgsrc-2018Q4:1.2.0.26
	pkgsrc-2018Q4-base:1.2
	pkgsrc-2018Q3:1.2.0.24
	pkgsrc-2018Q3-base:1.2
	pkgsrc-2018Q2:1.2.0.22
	pkgsrc-2018Q2-base:1.2
	pkgsrc-2018Q1:1.2.0.20
	pkgsrc-2018Q1-base:1.2
	pkgsrc-2017Q4:1.2.0.18
	pkgsrc-2017Q4-base:1.2
	pkgsrc-2017Q3:1.2.0.16
	pkgsrc-2017Q3-base:1.2
	pkgsrc-2017Q2:1.2.0.12
	pkgsrc-2017Q2-base:1.2
	pkgsrc-2017Q1:1.2.0.10
	pkgsrc-2017Q1-base:1.2
	pkgsrc-2016Q4:1.2.0.8
	pkgsrc-2016Q4-base:1.2
	pkgsrc-2016Q3:1.2.0.6
	pkgsrc-2016Q3-base:1.2
	pkgsrc-2016Q2:1.2.0.4
	pkgsrc-2016Q2-base:1.2
	pkgsrc-2016Q1:1.2.0.2
	pkgsrc-2016Q1-base:1.2
	pkgsrc-2015Q4:1.1.0.34
	pkgsrc-2015Q4-base:1.1
	pkgsrc-2015Q3:1.1.0.32
	pkgsrc-2015Q3-base:1.1
	pkgsrc-2015Q2:1.1.0.30
	pkgsrc-2015Q2-base:1.1
	pkgsrc-2015Q1:1.1.0.28
	pkgsrc-2015Q1-base:1.1
	pkgsrc-2014Q4:1.1.0.26
	pkgsrc-2014Q4-base:1.1
	pkgsrc-2014Q3:1.1.0.24
	pkgsrc-2014Q3-base:1.1
	pkgsrc-2014Q2:1.1.0.22
	pkgsrc-2014Q2-base:1.1
	pkgsrc-2014Q1:1.1.0.20
	pkgsrc-2014Q1-base:1.1
	pkgsrc-2013Q4:1.1.0.18
	pkgsrc-2013Q4-base:1.1
	pkgsrc-2013Q3:1.1.0.16
	pkgsrc-2013Q3-base:1.1
	pkgsrc-2013Q2:1.1.0.14
	pkgsrc-2013Q2-base:1.1
	pkgsrc-2013Q1:1.1.0.12
	pkgsrc-2013Q1-base:1.1
	pkgsrc-2012Q4:1.1.0.10
	pkgsrc-2012Q4-base:1.1
	pkgsrc-2012Q3:1.1.0.8
	pkgsrc-2012Q3-base:1.1
	pkgsrc-2012Q2:1.1.0.6
	pkgsrc-2012Q2-base:1.1
	pkgsrc-2012Q1:1.1.0.4
	pkgsrc-2012Q1-base:1.1
	pkgsrc-2011Q4:1.1.0.2
	pkgsrc-2011Q4-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2016.02.16.05.58.57;	author spz;	state Exp;
branches;
next	1.1;
commitid	Vfrd1em47kHQo6Vy;

1.1
date	2011.10.15.23.04.51;	author spz;	state Exp;
branches;
next	;


desc
@@


1.2
log
@update of xymon and xymonclient from 4.3.17 to 4.3.25

The following security issues are fixed with this update:
* Resolve buffer overflow when handling "config" file requests (CVE-2016-2054)
* Restrict "config" files to regular files inside the $XYMONHOME/etc/ directory
  (symlinks disallowed) (CVE-2016-2055). Also, require that the initial filename
  end in '.cfg' by default
* Resolve shell command injection vulnerability in useradm and chpasswd CGIs
  (CVE-2016-2056)
* Tighten permissions on the xymond BFQ used for message submission to restrict
  access to the xymon user and group. It is now 0620. (CVE-2016-2057)
* Restrict javascript execution in current and historical status messages by
  the addition of appropriate Content-Security-Policy headers to prevent XSS
  attacks. (CVE-2016-2058)
* Fix CVE-2015-1430, a buffer overflow in the acknowledge.cgi script.
  Thank you to Mark Felder for noting the impact and Martin Lenko
  for the original patch.
* Mitigate CVE-2014-6271 (bash 'Shell shock' vulnerability) by
  eliminating the shell script CGI wrappers

Please refer to
https://sourceforge.net/projects/xymon/files/Xymon/4.3.25/Changes/download
for further information on fixes and new features.
@
text
@$NetBSD: patch-configure,v 1.1 2011/10/15 23:04:51 spz Exp $

Make sure the toplevel configure script exits on failure.

--- configure.orig	2011-03-08 17:20:28.000000000 +0000
+++ configure
@@@@ -14,11 +14,11 @@@@ chmod 755 $BASEDIR/configure* $BASEDIR/b
 
 case "$TARGET" in
   "--client")
-	exec $BASEDIR/configure.client $*
+	exec $BASEDIR/configure.client "$@@" || exit 1
 	;;
 
   "--server"|"")
-	exec $BASEDIR/configure.server $*
+	exec $BASEDIR/configure.server "$@@" || exit 1
 	;;
 
   "--help")
@


1.1
log
@reanimate dhollands changes that play ok with 4.3.5
@
text
@d1 1
a1 1
$NetBSD$
d11 2
a12 2
-	$BASEDIR/configure.client $*
+	$BASEDIR/configure.client "$@@" || exit 1
d16 2
a17 2
-	$BASEDIR/configure.server $*
+	$BASEDIR/configure.server "$@@" || exit 1
@