[Bug 1786910] Re: Latest patch breaks command line 'restart all'

nyet Thu, 27 Sep 2018 14:02:04 -0700

This makes zero sense.

I see this in the changelog:
monit (1:5.16-2ubuntu0.1) xenial-security; urgency=medium


  * SECURITY UPDATE: CSRF vulnerability
    - debian/patches/CVE-2016-7067.patch: The following http services 
      are no longer implemented for GET method and require CSRF 
      protected POST: _doaction, _viewlog
    - CVE-2016-7067

 -- Eduardo Barretto <eduardo.barre...@canonical.com>  Fri, 10 Aug 2018
12:24:19 -0300

but monit shows CVE 2016-7067 already patched long before then:

https://bitbucket.org/tildeslash/monit/commits/c6ec3820e627f85417053e6336de2987f2d863e3?at=master

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1786910

Title:
  Latest patch breaks command line 'restart all'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/monit/+bug/1786910/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1786910] Re: Latest patch breaks command line 'restart all'

Reply via email to