Up to [cvs.NetBSD.org] / pkgsrc / net / xymonclient
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.17 / (download) - annotate - [select for diffs], Sun Nov 24 20:16:55 2019 UTC (8 months, 2 weeks ago) by spz
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, HEAD
Changes since 1.16: +6 -6 lines
Diff to previous 1.16 (colored)
Update xymon and xymonclient to version 4.3.29. Add patches to xymon from the xymon code repository to fix compatibility issues in 4.3.29. Upstream changelog: Changes for 4.3.29 ================== Several buffer overflow security issues have been resolved, as well as a potential XSS attack on certain CGI interfaces. Although the ability to exploit is limited, all users are urged to upgrade. The assigned CVE numbers are: CVE-2019-13451, CVE-2019-13452, CVE-2019-13455, CVE-2019-13473, CVE-2019-13474, CVE-2019-13484, CVE-2019-13485, CVE-2019-13486 In addition, revisions have been made to a number of places throughout the code to convert the most common sprintf statements to snprintf for safer processing, which should reduce the impact of similar parsing. Additional work on this will continue in the future. The affected CGIs are: history.c (overflow of histlogfn) = CVE-2019-13451 reportlog.c (overflow of histlogfn) = CVE-2019-13452 csvinfo.c (overflow of dbfn) = CVE-2019-13273 csvinfo.c (reflected XSS) = CVE-2019-13274 acknowledge.c (overflow of msgline) = CVE-2019-13455 appfeed.c (overflow of errtxt) = CVE-2019-13484 history.c (overflow of selfurl) = CVE-2019-13485 svcstatus.c (overflow of errtxt) = CVE-2019-13486 We would like to thank the University of Cambridge Computer Security Incident Response Team for their assistance in reporting and helping resolve these issues. Additional Changes: On Linux, a few additional tmpfs volumes are ignored by default on new (or unmodified) installs. This includes /run/user/<uid>, which is a transient, per-session tmpfs on some systems. To re- enable monitoring for this (if you are running services under a user with a login session), you may need to edit the analysis.cfg(5) file. After upgrade, these partitions will no longer be alerted on or tracked, and their associated RRD files may also be removed: /run/user/<uid> (but NOT /run) /dev (but NOT /dev/shm) /sys/fs/cgroup /lib/init/rw The default hard limit for an incoming message has been raised from 10MB to 64MB The secure apache config snippet no longer requires a xymongroups file to be present (and module loaded), since it's not used by default. This will not affect existing installs. A --no-cpu-listing option has been added to xymond_client to suppress the 'top' output in cpu test status messages. The conversation used in SMTP checks has been adjusted to perform a proper "EHLO" greeting against servers, using the host string 'xymonnet'. If the string needs to be adjusted, however, see protocols.cfg(5) "Actual" memory usage (as a percentage) may be >100% on some platforms in certain situations. This alone will not be tagged as "invalid" data and should be graphed in RRD.
Revision 1.16 / (download) - annotate - [select for diffs], Thu Sep 28 10:40:35 2017 UTC (2 years, 10 months ago) by spz
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.15: +20 -8 lines
Diff to previous 1.15 (colored)
update xymon + xymonclient to 4.3.28 notable changes: OpenSSL 1.1.0 is now supported, and c-ares has been updated While touching the package anyhow, it has been taught to pass down hardening flags, so that the various PKGSRC_USE_ flags now have effect.
Revision 1.15 / (download) - annotate - [select for diffs], Fri Dec 9 21:08:34 2016 UTC (3 years, 8 months ago) by spz
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.14: +5 -5 lines
Diff to previous 1.14 (colored)
Revision 1.14 / (download) - annotate - [select for diffs], Tue Feb 16 05:58:57 2016 UTC (4 years, 5 months ago) by spz
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1
Changes since 1.13: +6 -6 lines
Diff to previous 1.13 (colored)
Revision 1.13 / (download) - annotate - [select for diffs], Wed Nov 4 00:35:46 2015 UTC (4 years, 9 months ago) by agc
CVS Tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.12: +2 -1 lines
Diff to previous 1.12 (colored)
Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-220.127.116.11.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Revision 1.12 / (download) - annotate - [select for diffs], Thu Feb 27 20:22:41 2014 UTC (6 years, 5 months ago) by spz
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.11: +8 -8 lines
Diff to previous 1.11 (colored)
Update to 4.3.17. The last two teeny versions were for bug fixes. Also contains the inode check expansion for NetBSD from PR 48575 Upstream changelog: Changes for 4.3.15 - 4.3.17 =========================== No significant changes. Changes for 4.3.14 ================== In previous Xymon versions, a client-only configuration (i.e. one configured with "./configure --client") would place the client files in a "client" subdirectory below the directory specified during configuration. This is the same directory layout as a server installation, where the server and client parts of Xymon are in separate subdirectories. In 4.3.14, the default has changed so a client-only installation now installs in the directory given during the configure-step. The "/client" has been eliminated, so if you are upgrading an existing client you must either move the old client installation one level up from the "client/" directory, or change the Makefile generated by "configure --client" and add "/client" to the XYMONTOPDIR setting. The SNI support added in 4.3.13 causes problems with some older webservers, whose SSL implementation cannot handshake correctly when SNI is used. The failed handshake causes Xymon to report the site as down. In 4.3.14, the default is changed so SNI is disabled. A new "--sni" option was added to xymonnet to control the default setting, and two new tags "sni" and "nosni" can be used in hosts.cfg to control SNI for each host that is tested. Changes for 4.3.13 ================== This is mostly a bugfix release. Apart from simple bugs (see the Changes file), there are some enhancements: Alerts sent via e-mail have <CR><NL> line-endings converted to plain <NL>, since the carriage-return characters would cause some mailers to send alerts as a (binary) attachment to an empty mail message. https-URL's can be forced to use TLS only, by using "httpst://..." similar to how SSLv2 and SSLv3 can be chosen. SSL connections (e.g. for https URL's) now use the TLS "Server Name Indication" (SNI) if your OpenSSL library supports it. This allows testing of systems that have multiple SSL websites located on the same physical IP+port (i.e. virtual name-based hosts). Changes for 4.3.12 ================== NOTE: This release includes a bugfix for a security issue in the xymond_history and xymond_rrd modules. A "drophost" command sent to the xymond port (default: 1984) from an IP listed in the --admin-senders access control list can be used to delete files owned by the user running the xymond daemon. This is allowed by default, so it is highly recommended to install this update. Changes for 4.3.2 - 4.3.11 ========================== See the Changes file for a list of significant changes. These releases are mostly to fix bugs. NOTE: Some configuration parameters have changed, so you must regenerate the top-level Makefile by running the "configure" script before compiling the new version. The inode-check introduced in 4.3.8 and 4.3.10 requires that you update both the Xymon server installation and the Xymon client on the systems where you want to monitor how many inodes are being used.
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jan 11 00:05:05 2013 UTC (7 years, 7 months ago) by joerg
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
NetBSD/current needs sysctl/vmmeter.h explicitly included.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Oct 11 18:42:19 2012 UTC (7 years, 10 months ago) by spz
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.9: +11 -12 lines
Diff to previous 1.9 (colored)
- fix FreeBSD/Dragonfly properly - update to newest version Upstream changelog: Xymon release 4.3.10 - released on Aug 6 2012 ============================================= Main features in this release is the addition of inode-checks on all major platforms, and a series of enhancements to the build procedure. Also, building Xymon on most common platforms is now explicitly described in the "install" document. * Fix build problems with "errno" * Fix build problems with OpenSSL in non-default locations * Fix build problems with certain LDAP configurations * Fix build problems with RRDtool on FreeBSD / OpenBSD * Fix problem with ifstat data from Fedora in graphs * "inode" check on FreeBSD, OpenBSD, OSX, Solaris, HP/UX, AIX in addition to existing support for Linux * Document building and installing Xymon on common platforms (Linux, FreeBSD, OpenBSD, Solaris) * Enhance xymoncfg so it can be used to import Xymon configuration settings into shell-scripts. Xymon release 4.3.9 - released on Jul 24 2012 ============================================= This release is mainly a bug-fix release. * Fix crash when XYMSRV is undefined but XYMSERVERS is * Fix error in calculating combo-status messages with forward references * Fix error in disable-until-TIME or disable-until-OK code * Fix documentation of DURATION in alerts.cfg / xymond_alert so it is consistenly listed as being in "minutes". * Permit explicit use of ">" and ">=" in alerts.cfg * Permit building without the RRDtool libraries, e.g. for a network-tester build, but with trend-graphing disabled. * Full compiler-warning cleanup * Various configuration/build-script issues fixed. Xymon release 4.3.8 - released on Jul 15 2012 ============================================= This release is mainly a bug-fix release. Bugfixes * Workaround for DNS timeout handling, now fixed at approximately 25 seconds. * "hostinfo" command for xymond documented * confreport only shows processes that are monitored * analysis.cfg parsing of COLOR for UP rules was broken * RRD handlers no longer crash after receiving 1 billion updates * Using .netrc for authentication could crash xymonnet * "directory" includes would report the wrong filename for missing directories. * useradm CGI would invoke htpassword twice * "include" and "directory" now ignores trailing whitespace * SSLv2 support disabled if SSL-library does not support it * Minor bugfixes and cleanups of compiler warnings. Enhancements * Service status on info page now links to the detailed status page. * Add RRDGRAPHOPTS setting to permit global user-specified RRD options, e.g. for font to showgraph CGI * Add check for the size of public keys used in SSL certificates (enabled via --sslkeysize=N option for xymonnet) * Optionally disable the display of SSL ciphers in the sslcert status (the --no-cipherlist option for xymonnet) * Improved build-scripts works on newer systems with libraries in new and surprising places * Reduce xymonnet memory usage and runtime for ping tests when there are multiple hosts.cfg entries with the same IP-address. * Add code for inode-monitoring on Linux. Does not currently work on any other client platform. * Added the ability to disable tests until a specific time, instead of for some interval. Disabling a test also now computes the expire time for the disable to happen at the next closest minute.
Revision 1.9 / (download) - annotate - [select for diffs], Mon Aug 13 17:28:24 2012 UTC (8 years ago) by marino
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)
net/xymonclient: Add DragonFly support / fix FreeBSD * Add Makefile.DragonFly * Add xymonclient-dragonfly.sh * Fix sha2.c #include <stdint.h>. On last, nothing sets HAVE_STDINT_H and passing -DHAVE_STDINT_H through cflags fails. Just switch it based on __FreeBSD__ and __DragonFly__. There is a placeholder for dragonfly-meminfo. It's possible that freebsd-meminfo.c can be used without modification, but it needs verification before building it.
Revision 1.8 / (download) - annotate - [select for diffs], Tue Aug 7 06:51:58 2012 UTC (8 years ago) by sbd
Changes since 1.7: +4 -4 lines
Diff to previous 1.7 (colored)
Installed files fixes (two files were being installed to '/'): 1) Make sure INSTALLLOCALDIR is define/passed down to the client directory install target. 2) Install 'localclient.cfg' INSTALLETCDIR and add it as a config file. Update PLIST. Bump PKGREVISION.
Revision 1.7 / (download) - annotate - [select for diffs], Sat Apr 28 20:55:31 2012 UTC (8 years, 3 months ago) by gendalia
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.6: +5 -5 lines
Diff to previous 1.6 (colored)
Update xymon to 4.3.7 Upstream changelog: Changes from 4.3.6 -> 4.3.7 (13 Dec 2011) ========================================= * rev 6803 * Fix acknowledge CGI (broken in 4.3.6) * Fix broken uptime calculation for systems reporting "1 day" * Workaround Solaris breakage in the LFS-support detection * Fix/add links to the HTML man-page index. * Fix "Stop after" value not being shown on the "info" page. * Fix broken alert texts when using FORMAT=SMS * Fix wrong description of xymondboard CRITERIA in xymon(1) * Fix missing columnname in analysis.cfg(5) DS example * Fix missing space in output from disk IGNORE rules in xymond_client --dump-config * Fix overwrite of xymon-apache.conf when upgrading * Fix installation so it does not remove include/directory lines from configuration files. * Add client/local/ directory for custom client script Changes from 4.3.5 -> 4.3.6 (5 Dec 2011) ======================================== * rev 6788 * Optionally choose the color for the "cpu" status when it goes non-green due to uptime or clock offset. * Allow for "include" and "directory" in combo.cfg and protocols.cfg * New INTERFACES definition in hosts.cfg to select which network interfaces are tracked in graphs. * New access control mechanism for some CGI scripts returning host-specific information. Access optionally checked against an Apache-style "group" file (see xymonwebaccess(5) CGI manpage). * New "vertical" page-definitions (vpage, vsubpage,vsubparent) for listing hosts across and tests down on a page. * Fix hostlist CGI crash when called with HTTP "HEAD" * Fix svcstatus CGI crash when called with non-existing hostname * Fix "ackinfo" updates being cleared when host hits a DOWNTIME period. * Fix compile-errors on Solaris due to network libraries not being included. * Fix "logrotate" messages not being sent to some channels. * Fix problem with loading the hosts.cfg file. * STATUSLIFETIME now provides the default time a status is valid (in xymond). * Critical systems view: Use priority 99 for un-categorised priorities (imported from NK tags) and show this as 'No priority' on the webpage. * useradm CGI: Sort usernames * New xymond module - xymond_distribute - can forward administrative commands (drop, rename, disable, enable) from one Xymon server to another. * New tool: appfeed CGI provides data for the Android "xymonQV" app by Darrik Mazey.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Nov 16 21:45:01 2011 UTC (8 years, 8 months ago) by spz
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)
fix ommission found by gendalia@: df of ptyfs and fdesc is rather not interesting and may lead to false alarms
Revision 1.5 / (download) - annotate - [select for diffs], Sat Oct 15 23:07:24 2011 UTC (8 years, 9 months ago) by spz
Changes since 1.4: +6 -5 lines
Diff to previous 1.4 (colored)
Update xymon and xymonclient to 4.3.5 adjust Makefile to avoid/fix problems found by dholland Upstream changelog: Changes from 4.3.4 -> 4.3.5 (9 Sep 2011) ======================================== * rev 6754 * Fix crash in CGI generating the "info" status column. * Fix broken handling of IGNORE for log-file analysis. * Fix broken clean-up of obsolete cookies (no user impact). * Devmon RRD handler: Fix missing initialisation, which might cause crashes of the RRD handler. * Fix crashes in xymond caused by faulty new library for storing cookies and host-information. * Fix memory corruption/crash in xymond caused by logging of multi-source statuses. * New "delayred" and "delayyellow" definitions for a host can be used to delay change to a yellow/red status for any status column (replaces the network-specific "badFOO" definitions). * analysis.cfg and alerts.cfg: New DISPLAYGROUP setting to select hosts by the group/group-only/group-except text. * New HOSTDOCURL setting in xymonserver.cfg. Replaces the xymongen "--docurl" and "--doccgi" options, and is used by all tools. * xymond_history option to control location of PID file. * Critical Systems view: Optionally show eventlog for the hosts present on the CS view. * Critical Systems view: Multiple --config options can now be used, to display critical systems from multiple configurations on one page. * Detailed status display: Speedup by no longer having to load the hosts.cfg file. * xymongen and xymonnet: Optionally load the hosts.cfg from xymond instead of having to read the file. Changes from 4.3.3 -> 4.3.4 (1 Aug 2011) ======================================== * rev 6722 * Fix crashes and data corruption in Xymon worker modules (xymond_client, xymond_rrd etc) after handling large messages. * Fix xymond lock-up when renaming/deleting hosts * Fix xymond cookie lookup mechanism * Webpages: Add new HOSTPOPUP setting to control what values from hosts.cfg are displayed as a "comment" to the hostname (either in pop-up's or next to the hostname). * Fix xymond_client crash if analysis.cfg contains invalid configuration entries, e.g. expressions that do not compile. * Fix showgraph CGI crash when legends contain colon. * xymonnet: Include hostname when reporting erroneous test-spec * CGI utils: Multiple potential security fixes involving buffer- overruns when generating responses. * CGI utils: Fix crash when invoked with HTTP "HEAD" * CGI utils: Fix crashes on 64-bit platforms due to missing prototype of "basename()" function. * svcstatus CGI: Dont crash if history log is not a file. * Critical systems view CGI: Cross-site scripting fix * Fix recovery-messages for alerts sent to a GROUP * RRD "memory" status handler now recognizes the output from the bb-xsnmp.pl module (for Cisco routers). * Web templates modified so the menu CSS can override the default body CSS. * Acknowledge web page now allows selecting minutes/hours/days * Enable/Disable webpage enhanced, so when selecting multiple hosts the "Tests" column only lists the tests those hosts have. Changes from 4.3.2 -> 4.3.3 (6 May 2011) ======================================== * rev6684 * SECURITY FIX: Some CGI parameters were used to construct filenames of historical logfiles without being sanitized, so they could be abused to read files on the webserver. * SECURITY FIX: More cross-site scripting vulnerabilities. * Remove extra "," before "History" button on status-view * Critical view: Shring priority-column to 10% width * hosts.cfg loader: Check for valid IP spec (nibbles in 0-255 range). Large numbers in a nibble were accepted, triggering problems when trying to ping the host. * Alert macros no longer limited to 8kB
Revision 1.4 / (download) - annotate - [select for diffs], Fri Apr 22 15:37:02 2011 UTC (9 years, 3 months ago) by spz
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.3: +9 -9 lines
Diff to previous 1.3 (colored)
package update to 4.3.2: contains a lot of filename cleanup work (no more bb and hobbit)
Revision 1.3 / (download) - annotate - [select for diffs], Mon Feb 7 20:36:59 2011 UTC (9 years, 6 months ago) by spz
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
create the log dir in the configured location (instead of the default) fixes PR pkg/44530 thanks for the report :)
Revision 1.2 / (download) - annotate - [select for diffs], Thu Oct 21 09:33:39 2010 UTC (9 years, 9 months ago) by spz
CVS Tags: pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
... and update distinfo for changed patch-ab
Revision 18.104.22.168 / (download) - annotate - [select for diffs] (vendor branch), Sun Feb 14 16:11:11 2010 UTC (10 years, 5 months ago) by spz
CVS Tags: pkgsrc-base, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
xymon is the successor to hobbit. This is the client (aka agent) package. It's a beta, handle with care.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Feb 14 16:11:11 2010 UTC (10 years, 5 months ago) by spz
This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.