Christoph Biedl reported that Munin 2.0.18 fixes two denial of service flaws: * CVE-2013-6048, a node could cause excessive memory consumption on the Munin master. * CVE-2013-6359, a malicious plug-in could prevent data collection for the node. References: https://github.com/munin-monitoring/munin/blob/2.0.18/ChangeLog
Created munin tracking bugs for this issue: Affects: fedora-all [bug 1037889] Affects: epel-all [bug 1037890]
Package munin-2.0.19-1: * should fix your issue, * was pushed to the Fedora + EPEL testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing munin-2.0.19-1' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-22968/munin-2.0.19-1.fc20 then log in and leave karma (feedback). Was also pushed for EL5 / EL6 / F18 / F19 / F20: https://admin.fedoraproject.org/updates/munin
munin-2.0.19-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.19-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.19-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.19-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.19-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.20-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.20-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.20-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
munin-2.0.20-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.