Debian Security Advisory
DLA-1767-1 monit -- LTS security update
- Date Reported:
- 26 Apr 2019
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2019-11454, CVE-2019-11455.
- More information:
Zack Flack found several issues in monit, a utility for monitoring and managing daemons or similar programs.
An XSS vulnerabilitty has been reported that could be prevented by HTML escaping the log file content when viewed via Monit GUI.
A buffer overrun vulnerability has been reported in URL decoding.
For Debian 8
Jessie, these problems have been fixed in version 1:5.9-1+deb8u2.
We recommend that you upgrade your monit packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS