Monitorix 3.13.1 has been released!
This new version fixes a security bug introduced in the 3.13.0 version
that lead the HTTP built-in server to bypass the Basic Authentication
when the option hosts_deny is not defined, which is the default.
Besides this fix, this version also updates the main configuration file
to add the option hosts_deny = all by default inside the auth
subsection, in an attempt to make the default behavior more clear.
All users using the 3.13.0 version are advised and encouraged to upgrade
to this new version, which resolves the security issue.
--
Jordi Sanfeliu
FIBRANET Network Services Provider
http://www.fibranet.cat
_______________________________________________
Monitorix-general mailing list
Monitorix-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/monitorix-general
