[Xymon] Xymon 4.3.29 Released - Important Security Update

Japheth Cleaver cleaver at terabithia.org
Mon Aug 12 21:16:38 CEST 2019 

Richard:
Can you provide the output of --debug on a xymonnet run off-list? This 
could be a parsing issue somewhere, but from glancing at the code I'm 
not sure where the logic might be diverging.

Robert:

So far I haven't been able to duplicate this one. Do you happen to have 
./configure output in scrollback? While an IP that doesn't match 
hostname or isn't up *could* affect something, the compilation check for 
SSL support seems totally distinct. Were other SSL tests also failing? 
Alternatively, is there a chance the SSL versioning/cypher lockdown 
might be different on this endpoint?

-jc


On 8/9/2019 7:47 AM, Richard L. Hamilton wrote:
> I think I had to add login and password to the URL for an http test 
> (to something that required those), where previously an entry in 
> $HOME/server/etc/netrc sufficed.  In other words, the behavior changed 
> with the update.
>
>> On Aug 9, 2019, at 09:23, Robert Herron <robert.herron at gmail.com 
>> <mailto:robert.herron at gmail.com>> wrote:
>>
>> I had a similar issue with the HTTPS test. I found specifying the 
>> Xymon server's IP during the configure script caused the problem. The 
>> OpenSSL info didn't show up on the xymonnet page.  Rerunning 
>> configure, leaving 127.0.0.1 for the IP, rebuilding, and reinstalling 
>> fixed it.
>>
>> I still had other issues so I reverted my test server back to 4.3.28 
>> since I was leaving for vacation.
>>
>> Running on Oracle Linux 6.x, used the patches available thru last 
>> Friday but don't recall if libtirpc-devel is installed.
>>
>>
>>
>> On Fri, Aug 9, 2019, 12:15 AM Bruce Ferrell <bferrell at baywinds.org 
>> <mailto:bferrell at baywinds.org>> wrote:
>>
>>
>>     I did the same thing and did it from source.
>>
>>     After removing the #pragma statements and adding libtirpc-devel
>>     to get it to compile, I found the https sites failed.  They do
>>     pass the sslcert test.
>>
>>     I just rolled back to 4.3.28
>>
>>     I'll figure it out later, after I figure out how the rollback
>>     screwed up the built in SNMP support that I so painfully got
>>     working and was still documenting.
>>
>>     sigh
>>
>>
>>
>>     On 8/5/19 6:19 AM, Dirk Kastens wrote:
>>     > Hi,
>>     >
>>     > I just upgraded our xymon server on Scientific Linux release
>>     6.10 frpm xymon 4.3.28 to 4.3.29.
>>     >
>>     > Two things are not working any longer:
>>     >
>>     > http authentication: I defined the login information in the
>>     file /etc/xymon/netrc, which worked before the upgrade. Now the
>>     http test are red with the message "Authorization
>>     > Required".
>>     >
>>     > history files cannot be opened any more. When I click on the
>>     history button of a test, I get an empty page with the message
>>     "Cannot open history file"
>>     >
>>     > Am 29.07.2019 um 19:41 schrieb Japheth Cleaver:
>>     >> The Terabithia Xymon 4.3.29-1 packages have been updated in
>>     the production repositories and should be available for download
>>     at https://terabithia.org/rpms/xymon/
>>     >>
>>     >> As a reminder, EL3 and EL4 and Fedora 18-27 have been retired
>>     -- those repos have been moved to the /retired/ directory.
>>     >>
>>     >> As EPEL8 has not yet been released, an fping package is
>>     available in the EL8 repository, as well as man2html (needed for
>>     rebuilds).
>>     >
>>     >
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20190812/e2b8fe40/attachment.htm>

More information about the Xymon mailing list