Security update for monit
This update for monit fixes the following issues:
- CVE-2016-7067: A malicious attacker could have used a cross-site request forgery
vulnerability to trick an authenticated user to perform monit
actions.
Monit was updated to 5.20, containing all upstream improvements and bug fixes.
The following tracked packaging bugs were fixed:
- disable sslv3 according to RFC7568 (boo#974763)
- fixed pid file directory (boo#971647)
-
Submitted by
David Liedke (dliedke)
Fixed bugs
bnc#971647
monit pid file directory not set properly
bnc#974763
Disable SSLv3 in Monit
bnc#1007455
VUL-0: CVE-2016-7067: monit: CSRF vulnerability
