[Xymon] [EXT] Re: Xymon 4.3.29 Released - Important Security Update

Tom Schmidt (tschmidt) tschmidt at micron.com
Fri Aug 2 18:43:13 CEST 2019 

SebA,
    I have not checked every branch of Xymon to see that my previous patch for do_temperature.c was removed (or if it was even added).  I’ve applied this patch to my own build as older system using BB rather than Xymon client for temperature monitoring would include the bold and italic HTML tags on sensor names when they were in an alarm state.  As this only strips those tags on temperature sensor names, it should be a safe patch to apply.  Without this patch applied, RRD graphs could include the HTML tag in the sensor name, so graphs might show lines for “CPU 1” and “<B>CPU 1</B>” even though they are the same sensor.

Tom


[http://collab.micron.com/corp/brand/SiteAssets/Micron.png]<http://www.micron.com/>
Tom Schmidt
Sr Manager, IT, Product Engineering
IT ETD Eng Sites US
Micron Technology, Inc.
Office: +1 (208) 368-4058  Fax: (208)368-2807
Email: tschmidt at micron.com<mailto:tschmidt at micron.com>  Website: micron.com<http://www.micron.com/>
Micron Technology, Inc., Confidential and Proprietary.


From: SebA <spah at syntec.co.uk>
Sent: Friday, August 2, 2019 4:28 AM
To: Tom Schmidt (tschmidt) <tschmidt at micron.com>
Cc: Japheth Cleaver <cleaver at terabithia.org>; xymon at xymon.com
Subject: Re: [Xymon] [EXT] Re: Xymon 4.3.29 Released - Important Security Update

Tom,
Oh, did your patch to do_temperature.c get removed in r8050.  Looks like it might have done, but it's not obvious why.

Kind regards,

SebA


On Fri, 2 Aug 2019 at 11:21, SebA <spah at syntec.co.uk<mailto:spah at syntec.co.uk>> wrote:
I'm not going to make any judgement on the merit of your patches, Tom, but I did discover that you tried to get some of them merged some years ago and Henrik rejected (some of) them:
https://lists.xymon.com/archive/2013-July/037941.html<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.xymon.com%2Farchive%2F2013-July%2F037941.html&data=02%7C01%7Ctschmidt%40micron.com%7Cc91ac0adc0244a18022f08d717343027%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637003385241312336&sdata=cZX3cDhB5WJS7tOzMHyPS%2BfYaXpQmtkM7JI4et4G1u0%3D&reserved=0>
However, he did say he merged one of the ones you're resubmitting, so either it didn't actually get merged, or there's an issue with your e-mail and/or patch.  From that e-mail in 2013:

> ./xymond/rrd/do_temperature.c

>      Strip leading bold and italic HTML tags from sensor names (seen

> on

> yellow and red alerts from BB tests)



OK, applied.
----------------

I couldn't find any response from you to Henrik, but maybe it was private or not in the following 2 months.

Kind regards,

SebA


On Thu, 1 Aug 2019 at 22:30, Tom Schmidt (tschmidt) <tschmidt at micron.com<mailto:tschmidt at micron.com>> wrote:
Japheth and Xymon 4.3.29 users,
     Attached is a context diff patch file for the Xymon 4.3.29 release to address the following issues:

Bug Fixes:
- build/Makefile.Linux
   Use tirpc replacement only on glibc 2.26 and later.  This fixes compiling and RPC issues on RHEL6 and RHEL7 platforms.

- lib/*.c files and xymonnet/xymonnet.c:
   Only use the "#pragma GCC diagnostic" options on gcc 4.5 and later. This fixes compiling on RHEL6.


Enhancements:
- web/showgraph.c:
   Change underscore to space as this is a common mangling on temperature and lic backends

- xymond/etcfiles/graphs.cfg and xymond/rrd/do_disk.c:
   Change disk sizes from KB to auto-scaling (i.e. GB, TB)
   Add FlexLM license graph for lic backend.

- xymond/rrd/do_temperature.c:
   - Strip off any bold and italic HTML tags on temperature sensor name


Thank you again for maintaining Xymon once again.  Please include my recommend patches so the it compiles on RHEL6/7 platforms without issue.


Tom Schmidt
Sr Manager, IT, Product Engineering
IT ETD Eng Sites US
Micron Technology, Inc.
Office: +1 (208) 368-4058  Fax: (208)368-2807
Email: tschmidt at micron.com<mailto:tschmidt at micron.com>  Website: micron.com<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmicron.com&data=02%7C01%7Ctschmidt%40micron.com%7Cc91ac0adc0244a18022f08d717343027%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637003385241322325&sdata=jX7Hng9UhPrlgyobzDlC1HaIeZJtuNIdH2T02qLSZ4w%3D&reserved=0>
Micron Technology, Inc., Confidential and Proprietary.


-----Original Message-----
From: Xymon <xymon-bounces at xymon.com<mailto:xymon-bounces at xymon.com>> On Behalf Of Japheth Cleaver
Sent: Wednesday, July 24, 2019 7:40 PM
To: Stephen Carville (xymon list) <scarville at lereta.com<mailto:scarville at lereta.com>>; xymon at xymon.com<mailto:xymon at xymon.com>
Subject: [EXT] Re: [Xymon] Xymon 4.3.29 Released - Important Security Update

On 7/24/2019 7:01 AM, Stephen Carville (xymon list) wrote:
> On 7/23/19 9:08 AM, Japheth Cleaver wrote:
>> Lereta Email Checkpoint: External email. Please make sure you trust
>> this source before clicking links or opening attachments.
>>
>> *********************************************************************
>> *
>>
> Just an FYI.  When I updated my CentOS 7 xymon server by building from
> source, it refused to include the openssl libraries until I installed
> the libtirpc-devel package.  Not sure why it is necessary.
>

Thanks, I'll make a note of that on the RPM site. The underlying reason here is that GCC's rpc interface was removed after a long deprecation, in favor of libtirpc. It was easier to simply test for that and move forward on use. This will also be necessary for 4.4 (IPv6) and was the main cause of the recent Fedora FTBFS's.

https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedoraproject.org%2Fwiki%2FChanges%2FSunRPCRemoval&data=02%7C01%7Ctschmidt%40micron.com%7C5ba545ffc6bf46e2b2a508d710a109bd%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C636996156155520395&sdata=piP%2FSxXJ6rgvDb4Bea6PRKuxHE%2BPlAfvLehL0xGkZSw%3D&reserved=0<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedoraproject.org%2Fwiki%2FChanges%2FSunRPCRemoval&data=02%7C01%7Ctschmidt%40micron.com%7Cc91ac0adc0244a18022f08d717343027%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637003385241322325&sdata=AaWya%2BkG0h3l%2FTHce6pq07tNL9Oy4JqOjgStPHkTT5Q%3D&reserved=0>

Regards,
-jc

_______________________________________________
Xymon mailing list
Xymon at xymon.com<mailto:Xymon at xymon.com>
https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.xymon.com%2Fmailman%2Flistinfo%2Fxymon&data=02%7C01%7Ctschmidt%40micron.com%7C5ba545ffc6bf46e2b2a508d710a109bd%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C636996156155520395&sdata=Hdf4nWPmhqYAeZ7KL%2BB3ihwdbd%2FY2ZaA9tmYgY9PjE8%3D&reserved=0<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.xymon.com%2Fmailman%2Flistinfo%2Fxymon&data=02%7C01%7Ctschmidt%40micron.com%7Cc91ac0adc0244a18022f08d717343027%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637003385241332319&sdata=PLJcmpr81O2XTGYOb9v%2FJsS81mOolq%2BgcCX0fiY2aVw%3D&reserved=0>
_______________________________________________
Xymon mailing list
Xymon at xymon.com<mailto:Xymon at xymon.com>
http://lists.xymon.com/mailman/listinfo/xymon<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.xymon.com%2Fmailman%2Flistinfo%2Fxymon&data=02%7C01%7Ctschmidt%40micron.com%7Cc91ac0adc0244a18022f08d717343027%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637003385241332319&sdata=PLJcmpr81O2XTGYOb9v%2FJsS81mOolq%2BgcCX0fiY2aVw%3D&reserved=0>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20190802/aff74ac8/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5852 bytes
Desc: image001.png
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20190802/aff74ac8/attachment.png>

More information about the Xymon mailing list