[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2855-1] monit security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2855-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
December 27, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : monit
Version        : 1:5.20.0-6+deb9u2
CVE ID         : CVE-2019-11454 CVE-2019-11455
Debian Bug     : 927775

Two vulnerabilities were fixed in monit, a utility for monitoring and 
managing Unix systems.

CVE-2019-11454

    Persistent cross-site scripting in http/cervlet.c

CVE-2019-11455

    Buffer over-read in Util_urlDecode in util.c

For Debian 9 stretch, these problems have been fixed in version
1:5.20.0-6+deb9u2.

We recommend that you upgrade your monit packages.

For the detailed security status of monit please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/monit

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmHKEYQACgkQiNJCh6LY
mLHZRA/8CeDnL7MklFtIaYe/gle1v3d+uepa8qflBP+ev7/uKu6I6yo6k6oYBfiZ
rICvlwJvxBhQl0svaCEzdKzB3tOq/9TYfY8pbGFsmkUjJ7uNVtEAUPjV/EQjQRyf
050PjNNTTzLaGih1/JOE/EpZIUYr3dcGoDgPtOzZvG8FUPz5PkpxOX24yqg1LP5l
cJHCJLiI5MPgpyqNKRrJrtEbcY7Dwgp44UGhRblWAVD27IEitMIRlVfQIcjr09zG
zf5eGaXf5Pyjn6NE04RaHkyZhoW37w4o09AND4pU2phcnaTuCkm1c9KntYbRGgEd
HYOGml1uaJxJ/qxiqrdpCEUQcdfGPcwuySSHDsiOTpJ+NKUQcpCuzY8YYUvBpciG
x1JAdYoi0Slxo3lNxUdIf8Htnfn+lF0OryyNOZi6i8ijX4XKzJ+cEtMsCxQ0qXcJ
sIMrzN4GH0k8tWI6s/pxqgTQfzPC8FRYG/nidhUOkJl8L7T1urPfvJVir4KVeuBA
9G5d9rtHPXS2d6sEmL6MtRX06Cz7R915ujR0VlUAaHPVvOdYGBcMKH/CXZwtSk1n
aEzs2ClHmvDTLP8yrJxIxMT4fbhVLKnv/4ehBWBAE84qIhTuZwNordhn2aa4tajZ
DTd6sH6B15n3FHZnZxr109BVGco5+dHcVTtx8xRGOagUvVOtUMY=
=x7Im
-----END PGP SIGNATURE-----


Reply to: