This commit is contained in:
Joshua Tauberer 2016-08-20 11:42:03 -04:00
parent a14b17794b
commit ba75ff7820
3 changed files with 8 additions and 3 deletions

View file

@ -1,6 +1,11 @@
CHANGELOG
=========
v0.19b (August 20, 2016)
------------------------
This update corrects a security issue introduced in v0.18.
A remote code execution vulnerability is corrected in how the munin system monitoring graphs are generated for the control panel. The vulnerability involves an administrative user visiting a carefully crafted URL.
v0.19a (August 18, 2016)

View file

@ -59,7 +59,7 @@ by me:
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
$ git verify-tag v0.19a
$ git verify-tag v0.19b
gpg: Signature made ..... using RSA key ID C10BDD81
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
gpg: WARNING: This key is not certified with a trusted signature!
@ -72,7 +72,7 @@ and on my [personal homepage](https://razor.occams.info/). (Of course, if this r
Checkout the tag corresponding to the most recent release:
$ git checkout v0.19a
$ git checkout v0.19b
Begin the installation.

View file

@ -7,7 +7,7 @@
#########################################################
if [ -z "$TAG" ]; then
TAG=v0.19a
TAG=v0.19b
fi
# Are we running as root?