Monitoring Septembre 2015

monitoring@federez.net

5 participants
49 discussions

Démarrer une n Nouvelle discussion

Cron <root@quigon> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

par root＠quigon.rez-gif.supelec.fr

/etc/cron.daily/duplicity-backup: du: cannot access '/srv/federez.net': No such file or directory

9 années, 7 mois

11 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Mon, 14 Sep 2015 18:44:14 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libapache2-mod-php5 5.6.13+dfsg-0+deb8u1 php5 5.6.13+dfsg-0+deb8u1 php5-cgi 5.6.13+dfsg-0+deb8u1 php5-cli 5.6.13+dfsg-0+deb8u1 php5-common 5.6.13+dfsg-0+deb8u1 php5-curl 5.6.13+dfsg-0+deb8u1 php5-gd 5.6.13+dfsg-0+deb8u1 php5-ldap 5.6.13+dfsg-0+deb8u1 php5-mysql 5.6.13+dfsg-0+deb8u1 php5-readline 5.6.13+dfsg-0+deb8u1 php-pear 5.6.13+dfsg-0+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour php5 (libapache2-mod-php5 php5 php5-cgi php5-cli php5-common php5-curl php5-gd php5-ldap php5-mysql php5-readline php-pear) --- php5 (5.6.13+dfsg-0+deb8u1) jessie-security; urgency=medium * Imported Upstream version 5.6.13+dfsg - Core: . Fixed bug #69900 (Too long timeout on pipes). . Fixed bug #69487 (SAPI may truncate POST data). . Fixed bug #70198 (Checking liveness does not work as expected). . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). . Fixed bug #70219 (Use after free vulnerability in session deserializer). - CLI server: . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE). . Fixed bug #70264 (CLI server directory traversal). - Date: . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to be optional). . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte). - EXIF: . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). - hash: . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). - MCrypt: . Fixed bug #69833 (mcrypt fd caching not working). - Opcache: . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled). - PCRE: . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string match). . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). - SOAP: . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). - SPL: . Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via ob_start). . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). - Standard: . Fixed bug #70052 (getimagesize() fails for very large and very small WBMP). . Fixed bug #70157 (parse_ini_string() segmentation fault with INI_SCANNER_TYPED). - XSLT: . Fixed bug #69782 (NULL pointer dereference). - ZIP: . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories). * Refresh patches on top of 5.6.13+dfsg release -- Ondřej Surý <ondrej(a)debian.org> Mon, 07 Sep 2015 13:52:45 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 7 mois

14 Debian package update(s) for hexagon.federez.net

par root＠hexagon.federez.net

apticron report [Mon, 14 Sep 2015 10:48:20 +0200] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: libapache2-mod-php5 5.6.13+dfsg-0+deb8u1 php5 5.6.13+dfsg-0+deb8u1 php5-cli 5.6.13+dfsg-0+deb8u1 php5-common 5.6.13+dfsg-0+deb8u1 php5-curl 5.6.13+dfsg-0+deb8u1 php5-gd 5.6.13+dfsg-0+deb8u1 php5-intl 5.6.13+dfsg-0+deb8u1 php5-ldap 5.6.13+dfsg-0+deb8u1 php5-mcrypt 5.6.13+dfsg-0+deb8u1 php5-mysql 5.6.13+dfsg-0+deb8u1 php5-pgsql 5.6.13+dfsg-0+deb8u1 php5-readline 5.6.13+dfsg-0+deb8u1 php5-sqlite 5.6.13+dfsg-0+deb8u1 php-pear 5.6.13+dfsg-0+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour php5 (libapache2-mod-php5 php5 php5-cli php5-common php5-curl php5-gd php5-intl php5-ldap php5-mcrypt php5-mysql php5-pgsql php5-readline php5-sqlite php-pear) --- php5 (5.6.13+dfsg-0+deb8u1) jessie-security; urgency=medium * Imported Upstream version 5.6.13+dfsg - Core: . Fixed bug #69900 (Too long timeout on pipes). . Fixed bug #69487 (SAPI may truncate POST data). . Fixed bug #70198 (Checking liveness does not work as expected). . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). . Fixed bug #70219 (Use after free vulnerability in session deserializer). - CLI server: . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE). . Fixed bug #70264 (CLI server directory traversal). - Date: . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to be optional). . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte). - EXIF: . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). - hash: . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). - MCrypt: . Fixed bug #69833 (mcrypt fd caching not working). - Opcache: . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled). - PCRE: . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string match). . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). - SOAP: . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). - SPL: . Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via ob_start). . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). - Standard: . Fixed bug #70052 (getimagesize() fails for very large and very small WBMP). . Fixed bug #70157 (parse_ini_string() segmentation fault with INI_SCANNER_TYPED). - XSLT: . Fixed bug #69782 (NULL pointer dereference). - ZIP: . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories). * Refresh patches on top of 5.6.13+dfsg release -- Ondřej Surý <ondrej(a)debian.org> Mon, 07 Sep 2015 13:52:45 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron

9 années, 7 mois

Cron <root@quigon> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

par root＠quigon.rez-gif.supelec.fr

/etc/cron.daily/duplicity-backup: du: cannot access '/srv/federez.net': No such file or directory du: cannot access '/srv/federez.net': No such file or directory du: cannot access '/srv/federez.net': No such file or directory

9 années, 7 mois

6 Debian package update(s) for quigon.federez.net

par root＠quigon.rez-gif.supelec.fr

apticron report [Mon, 14 Sep 2015 00:38:13 +0200] ======================================================================== apticron has detected that some packages need upgrading on: quigon.federez.net [ 160.228.155.65 ] The following packages are currently pending an upgrade: libapache2-mod-php5 5.6.13+dfsg-0+deb8u1 php5 5.6.13+dfsg-0+deb8u1 php5-cli 5.6.13+dfsg-0+deb8u1 php5-common 5.6.13+dfsg-0+deb8u1 php5-ldap 5.6.13+dfsg-0+deb8u1 php5-readline 5.6.13+dfsg-0+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour php5 (libapache2-mod-php5 php5 php5-cli php5-common php5-ldap php5-readline) --- php5 (5.6.13+dfsg-0+deb8u1) jessie-security; urgency=medium * Imported Upstream version 5.6.13+dfsg - Core: . Fixed bug #69900 (Too long timeout on pipes). . Fixed bug #69487 (SAPI may truncate POST data). . Fixed bug #70198 (Checking liveness does not work as expected). . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). . Fixed bug #70219 (Use after free vulnerability in session deserializer). - CLI server: . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE). . Fixed bug #70264 (CLI server directory traversal). - Date: . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to be optional). . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte). - EXIF: . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). - hash: . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). - MCrypt: . Fixed bug #69833 (mcrypt fd caching not working). - Opcache: . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled). - PCRE: . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string match). . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). - SOAP: . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). - SPL: . Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via ob_start). . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). - Standard: . Fixed bug #70052 (getimagesize() fails for very large and very small WBMP). . Fixed bug #70157 (parse_ini_string() segmentation fault with INI_SCANNER_TYPED). - XSLT: . Fixed bug #69782 (NULL pointer dereference). - ZIP: . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories). * Refresh patches on top of 5.6.13+dfsg release -- Ondřej Surý <ondrej(a)debian.org> Mon, 07 Sep 2015 13:52:45 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on quigon.federez.net -- apticron

9 années, 7 mois

11 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Sun, 13 Sep 2015 18:44:12 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libapache2-mod-php5 5.6.13+dfsg-0+deb8u1 php5 5.6.13+dfsg-0+deb8u1 php5-cgi 5.6.13+dfsg-0+deb8u1 php5-cli 5.6.13+dfsg-0+deb8u1 php5-common 5.6.13+dfsg-0+deb8u1 php5-curl 5.6.13+dfsg-0+deb8u1 php5-gd 5.6.13+dfsg-0+deb8u1 php5-ldap 5.6.13+dfsg-0+deb8u1 php5-mysql 5.6.13+dfsg-0+deb8u1 php5-readline 5.6.13+dfsg-0+deb8u1 php-pear 5.6.13+dfsg-0+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour php5 (libapache2-mod-php5 php5 php5-cgi php5-cli php5-common php5-curl php5-gd php5-ldap php5-mysql php5-readline php-pear) --- php5 (5.6.13+dfsg-0+deb8u1) jessie-security; urgency=medium * Imported Upstream version 5.6.13+dfsg - Core: . Fixed bug #69900 (Too long timeout on pipes). . Fixed bug #69487 (SAPI may truncate POST data). . Fixed bug #70198 (Checking liveness does not work as expected). . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). . Fixed bug #70219 (Use after free vulnerability in session deserializer). - CLI server: . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE). . Fixed bug #70264 (CLI server directory traversal). - Date: . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to be optional). . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte). - EXIF: . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). - hash: . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). - MCrypt: . Fixed bug #69833 (mcrypt fd caching not working). - Opcache: . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled). - PCRE: . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string match). . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). - SOAP: . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). - SPL: . Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via ob_start). . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). - Standard: . Fixed bug #70052 (getimagesize() fails for very large and very small WBMP). . Fixed bug #70157 (parse_ini_string() segmentation fault with INI_SCANNER_TYPED). - XSLT: . Fixed bug #69782 (NULL pointer dereference). - ZIP: . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories). * Refresh patches on top of 5.6.13+dfsg release -- Ondřej Surý <ondrej(a)debian.org> Mon, 07 Sep 2015 13:52:45 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 7 mois

Cron <root@quigon> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

par root＠quigon.rez-gif.supelec.fr

9 années, 7 mois

Cron <root@baldrick> /opt/phabricator/phabricator/bin/phd start

par root＠baldrick.crans.org

Freeing active task leases... Freed 0 task lease(s). Starting daemons as phd Launching daemons: (Logs will appear in "/var/tmp/phd/log/daemons.log".) PhabricatorRepositoryPullLocalDaemon (Static) PhabricatorTriggerDaemon (Static) PhabricatorTaskmasterDaemon (Autoscaling: group=task, pool=4, reserve=0) Done.

9 années, 7 mois

*** SECURITY information for hexagon.federez.net ***

par bbc＠hexagon.federez.net

hexagon.federez.net : Sep 12 11:05:48 : bbc : 1 incorrect password attempt ; TTY=pts/0 ; PWD=/home/bbc ; USER=root ; COMMAND=/bin/zsh

9 années, 7 mois

*** SECURITY information for hexagon.federez.net ***

par bbc＠hexagon.federez.net

hexagon.federez.net : Sep 12 11:05:21 : bbc : 1 incorrect password attempt ; TTY=pts/0 ; PWD=/home/bbc ; USER=root ; COMMAND=/bin/zsh

9 années, 7 mois

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

Monitoring Septembre 2015