---
- branch: MAIN
  date: Sat Oct 15 23:07:24 UTC 2011
  files:
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/net/xymon/MESSAGE
    pathrev: pkgsrc/net/xymon/MESSAGE@1.3
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/net/xymon/PLIST
    pathrev: pkgsrc/net/xymon/PLIST@1.3
    type: modified
  - new: '1.13'
    old: '1.12'
    path: pkgsrc/net/xymon/Makefile
    pathrev: pkgsrc/net/xymon/Makefile@1.13
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/net/xymon/distinfo
    pathrev: pkgsrc/net/xymon/distinfo@1.5
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/net/xymon/patches/patch-aa
    pathrev: pkgsrc/net/xymon/patches/patch-aa@1.3
    type: modified
  - new: '1.1'
    old: '0'
    path: pkgsrc/net/xymon/patches/patch-build_rrd.sh
    pathrev: pkgsrc/net/xymon/patches/patch-build_rrd.sh@1.1
    type: added
  - new: '1.9'
    old: '1.8'
    path: pkgsrc/net/xymonclient/Makefile
    pathrev: pkgsrc/net/xymonclient/Makefile@1.9
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/net/xymonclient/distinfo
    pathrev: pkgsrc/net/xymonclient/distinfo@1.5
    type: modified
  id: 20111015T230724Z.c7fde9cd015d4fa71490a6a687024c9cea9aaef9
  log: |
    Update xymon and xymonclient to 4.3.5
    adjust Makefile to avoid/fix problems found by dholland

    Upstream changelog:

    Changes from 4.3.4 -> 4.3.5 (9 Sep 2011)
    ========================================
    * rev 6754
    * Fix crash in CGI generating the "info" status column.
    * Fix broken handling of IGNORE for log-file analysis.
    * Fix broken clean-up of obsolete cookies (no user impact).
    * Devmon RRD handler: Fix missing initialisation, which
      might cause crashes of the RRD handler.
    * Fix crashes in xymond caused by faulty new library for
      storing cookies and host-information.
    * Fix memory corruption/crash in xymond caused by logging
      of multi-source statuses.
    * New "delayred" and "delayyellow" definitions for a host
      can be used to delay change to a yellow/red status for
      any status column (replaces the network-specific "badFOO"
      definitions).
    * analysis.cfg and alerts.cfg: New DISPLAYGROUP setting to
      select hosts by the group/group-only/group-except text.
    * New HOSTDOCURL setting in xymonserver.cfg. Replaces the
      xymongen "--docurl" and "--doccgi" options, and is used
      by all tools.
    * xymond_history option to control location of PID file.
    * Critical Systems view: Optionally show eventlog for the
      hosts present on the CS view.
    * Critical Systems view: Multiple --config options can
      now be used, to display critical systems from multiple
      configurations on one page.
    * Detailed status display: Speedup by no longer having to
      load the hosts.cfg file.
    * xymongen and xymonnet: Optionally load the hosts.cfg
      from xymond instead of having to read the file.

    Changes from 4.3.3 -> 4.3.4 (1 Aug 2011)
    ========================================
    * rev 6722
    * Fix crashes and data corruption in Xymon worker modules
      (xymond_client, xymond_rrd etc) after handling large
      messages.
    * Fix xymond lock-up when renaming/deleting hosts
    * Fix xymond cookie lookup mechanism
    * Webpages: Add new HOSTPOPUP setting to control what values from
      hosts.cfg are displayed as a "comment" to the hostname (either
      in pop-up's or next to the hostname).
    * Fix xymond_client crash if analysis.cfg contains invalid configuration
      entries, e.g. expressions that do not compile.
    * Fix showgraph CGI crash when legends contain colon.
    * xymonnet: Include hostname when reporting erroneous test-spec
    * CGI utils: Multiple potential security fixes involving buffer-
      overruns when generating responses.
    * CGI utils: Fix crash when invoked with HTTP "HEAD"
    * CGI utils: Fix crashes on 64-bit platforms due to missing prototype
      of "basename()" function.
    * svcstatus CGI: Dont crash if history log is not a file.
    * Critical systems view CGI: Cross-site scripting fix
    * Fix recovery-messages for alerts sent to a GROUP
    * RRD "memory" status handler now recognizes the output from the
      bb-xsnmp.pl module (for Cisco routers).
    * Web templates modified so the menu CSS can override the default
      body CSS.
    * Acknowledge web page now allows selecting minutes/hours/days
    * Enable/Disable webpage enhanced, so when selecting multiple hosts
      the "Tests" column only lists the tests those hosts have.

    Changes from 4.3.2 -> 4.3.3 (6 May 2011)
    ========================================
    * rev6684
    * SECURITY FIX: Some CGI parameters were used to construct
      filenames of historical logfiles without being sanitized,
      so they could be abused to read files on the webserver.
    * SECURITY FIX: More cross-site scripting vulnerabilities.
    * Remove extra "," before "History" button on status-view
    * Critical view: Shring priority-column to 10% width
    * hosts.cfg loader: Check for valid IP spec (nibbles in
      0-255 range). Large numbers in a nibble were accepted,
      triggering problems when trying to ping the host.
    * Alert macros no longer limited to 8kB
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/net'
  unixtime: '1318720044'
  user: spz