Monitoring

monitoring@federez.net

5453 discussions

Cron <root@dodecagon> /usr/bin/python3 /var/local/re2o-services/dns/main.py

par root＠federez.net

Traceback (most recent call last): File "/var/local/re2o-services/dns/main.py", line 446, in <module> for service in api_client.list("services/regen/"): File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 491, in list params=params File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 321, in get return self._request('get', *args, **kwargs) File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 225, in _request self.log.debug("Token =" + str(self.get_token())) File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 217, in get_token self._force_renew_token() File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 201, in _force_renew_token self.token = self._get_token_from_server() File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 188, in _get_token_from_server response.raise_for_status() File "/usr/lib/python3/dist-packages/requests/models.py", line 940, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: https://re2o.federez.net/api/token-auth

5 années, 1 mois

5 Debian package update(s) for nonagon.federez.net

par root

apticron report [Sat, 25 Apr 2020 13:49:06 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u3 git-man 1:2.20.1-2+deb10u3 libssl1.1 1.1.1d-0+deb10u3 libssl-dev 1.1.1d-0+deb10u3 openssl 1.1.1d-0+deb10u3 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u3) buster-security; urgency=high * new upstream point release (see RelNotes/2.20.4.txt). * Addresses the security issue CVE-2020-11008. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability fixed in 1:2.20.1-2+deb10u2, the credentials are not for a host of the attacker's choosing. Instead, they are for an unspecified host, based on how the configured credential helper handles an absent "host" parameter. The attack has been made impossible by refusing to work with underspecified credential patterns. Thanks to Carlo Arenas for reporting that Git was still vulnerable, Felix Wilhelm for providing the proof of concept demonstrating this issue, and Jeff King for promptly providing a corrected fix. Tested using the proof of concept at https://crbug.com/project-zero/2021. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 19 Apr 2020 17:19:12 -0700 git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 --- Modifications pour openssl (libssl1.1 libssl-dev openssl) --- openssl (1.1.1d-0+deb10u3) buster-security; urgency=medium * CVE-2020-1967 (Segmentation fault in SSL_check_chain). -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Mon, 20 Apr 2020 22:23:01 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron

5 années, 1 mois

Cron <root@dodecagon> /usr/bin/python3 /var/local/re2o-services/dns/main.py

par root＠federez.net

Traceback (most recent call last): File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 159, in _new_conn (self._dns_host, self.port), self.timeout, **extra_kw) File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 57, in create_connection for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM): File "/usr/lib/python3.7/socket.py", line 748, in getaddrinfo for res in _socket.getaddrinfo(host, port, family, type, proto, flags): socket.gaierror: [Errno -2] Name or service not known During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 600, in urlopen chunked=chunked) File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 343, in _make_request self._validate_conn(conn) File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 841, in _validate_conn conn.connect() File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 301, in connect conn = self._new_conn() File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 168, in _new_conn self, "Failed to establish a new connection: %s" % e) urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x7f9f85773e10>: Failed to establish a new connection: [Errno -2] Name or service not known During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/requests/adapters.py", line 449, in send timeout=timeout File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 638, in urlopen _stacktrace=sys.exc_info()[2]) File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 398, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='re2o.federez.net', port=443): Max retries exceeded with url: /api/token-auth (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f9f85773e10>: Failed to establish a new connection: [Errno -2] Name or service not known')) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/var/local/re2o-services/dns/main.py", line 446, in <module> for service in api_client.list("services/regen/"): File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 491, in list params=params File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 321, in get return self._request('get', *args, **kwargs) File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 225, in _request self.log.debug("Token =" + str(self.get_token())) File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 217, in get_token self._force_renew_token() File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 201, in _force_renew_token self.token = self._get_token_from_server() File "/var/local/re2o-services/dns/re2oapi/re2oapi/client.py", line 180, in _get_token_from_server data={'username': self._username, 'password': self._password} File "/usr/lib/python3/dist-packages/requests/api.py", line 116, in post return request('post', url, data=data, json=json, **kwargs) File "/usr/lib/python3/dist-packages/requests/api.py", line 60, in request return session.request(method=method, url=url, **kwargs) File "/usr/lib/python3/dist-packages/requests/sessions.py", line 533, in request resp = self.send(prep, **send_kwargs) File "/usr/lib/python3/dist-packages/requests/sessions.py", line 646, in send r = adapter.send(request, **kwargs) File "/usr/lib/python3/dist-packages/requests/adapters.py", line 516, in send raise ConnectionError(e, request=request) requests.exceptions.ConnectionError: HTTPSConnectionPool(host='re2o.federez.net', port=443): Max retries exceeded with url: /api/token-auth (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f9f85773e10>: Failed to establish a new connection: [Errno -2] Name or service not known'))

5 années, 1 mois

5 Debian package update(s) for nonagon.federez.net

par root

apticron report [Fri, 24 Apr 2020 13:49:05 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u3 git-man 1:2.20.1-2+deb10u3 libssl1.1 1.1.1d-0+deb10u3 libssl-dev 1.1.1d-0+deb10u3 openssl 1.1.1d-0+deb10u3 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u3) buster-security; urgency=high * new upstream point release (see RelNotes/2.20.4.txt). * Addresses the security issue CVE-2020-11008. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability fixed in 1:2.20.1-2+deb10u2, the credentials are not for a host of the attacker's choosing. Instead, they are for an unspecified host, based on how the configured credential helper handles an absent "host" parameter. The attack has been made impossible by refusing to work with underspecified credential patterns. Thanks to Carlo Arenas for reporting that Git was still vulnerable, Felix Wilhelm for providing the proof of concept demonstrating this issue, and Jeff King for promptly providing a corrected fix. Tested using the proof of concept at https://crbug.com/project-zero/2021. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 19 Apr 2020 17:19:12 -0700 git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 --- Modifications pour openssl (libssl1.1 libssl-dev openssl) --- openssl (1.1.1d-0+deb10u3) buster-security; urgency=medium * CVE-2020-1967 (Segmentation fault in SSL_check_chain). -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Mon, 20 Apr 2020 22:23:01 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron

5 années, 1 mois

Cron <root@dodecagon> /usr/bin/python3 /var/local/re2o-services/dns/main.py

par root＠federez.net

5 années, 1 mois

5 Debian package update(s) for nonagon.federez.net

par root

apticron report [Thu, 23 Apr 2020 13:49:05 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u3 git-man 1:2.20.1-2+deb10u3 libssl1.1 1.1.1d-0+deb10u3 libssl-dev 1.1.1d-0+deb10u3 openssl 1.1.1d-0+deb10u3 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u3) buster-security; urgency=high * new upstream point release (see RelNotes/2.20.4.txt). * Addresses the security issue CVE-2020-11008. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability fixed in 1:2.20.1-2+deb10u2, the credentials are not for a host of the attacker's choosing. Instead, they are for an unspecified host, based on how the configured credential helper handles an absent "host" parameter. The attack has been made impossible by refusing to work with underspecified credential patterns. Thanks to Carlo Arenas for reporting that Git was still vulnerable, Felix Wilhelm for providing the proof of concept demonstrating this issue, and Jeff King for promptly providing a corrected fix. Tested using the proof of concept at https://crbug.com/project-zero/2021. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 19 Apr 2020 17:19:12 -0700 git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 --- Modifications pour openssl (libssl1.1 libssl-dev openssl) --- openssl (1.1.1d-0+deb10u3) buster-security; urgency=medium * CVE-2020-1967 (Segmentation fault in SSL_check_chain). -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Mon, 20 Apr 2020 22:23:01 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron

5 années, 1 mois

5 Debian package update(s) for nonagon.federez.net

par root

apticron report [Wed, 22 Apr 2020 13:49:09 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u3 git-man 1:2.20.1-2+deb10u3 libssl1.1 1.1.1d-0+deb10u3 libssl-dev 1.1.1d-0+deb10u3 openssl 1.1.1d-0+deb10u3 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u3) buster-security; urgency=high * new upstream point release (see RelNotes/2.20.4.txt). * Addresses the security issue CVE-2020-11008. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability fixed in 1:2.20.1-2+deb10u2, the credentials are not for a host of the attacker's choosing. Instead, they are for an unspecified host, based on how the configured credential helper handles an absent "host" parameter. The attack has been made impossible by refusing to work with underspecified credential patterns. Thanks to Carlo Arenas for reporting that Git was still vulnerable, Felix Wilhelm for providing the proof of concept demonstrating this issue, and Jeff King for promptly providing a corrected fix. Tested using the proof of concept at https://crbug.com/project-zero/2021. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 19 Apr 2020 17:19:12 -0700 git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 --- Modifications pour openssl (libssl1.1 libssl-dev openssl) --- openssl (1.1.1d-0+deb10u3) buster-security; urgency=medium * CVE-2020-1967 (Segmentation fault in SSL_check_chain). -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Mon, 20 Apr 2020 22:23:01 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron

5 années, 1 mois

2 Debian package update(s) for nonagon.federez.net

par root

apticron report [Tue, 21 Apr 2020 13:49:05 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u3 git-man 1:2.20.1-2+deb10u3 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u3) buster-security; urgency=high * new upstream point release (see RelNotes/2.20.4.txt). * Addresses the security issue CVE-2020-11008. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability fixed in 1:2.20.1-2+deb10u2, the credentials are not for a host of the attacker's choosing. Instead, they are for an unspecified host, based on how the configured credential helper handles an absent "host" parameter. The attack has been made impossible by refusing to work with underspecified credential patterns. Thanks to Carlo Arenas for reporting that Git was still vulnerable, Felix Wilhelm for providing the proof of concept demonstrating this issue, and Jeff King for promptly providing a corrected fix. Tested using the proof of concept at https://crbug.com/project-zero/2021. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 19 Apr 2020 17:19:12 -0700 git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron

5 années, 1 mois

2 Debian package update(s) for nonagon.federez.net

par root

apticron report [Mon, 20 Apr 2020 13:49:05 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u2 git-man 1:2.20.1-2+deb10u2 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron

5 années, 1 mois

Cron <root@dodecagon> /usr/bin/python3 /var/www/re2o/manage.py clean_notyetactive

par root＠federez.net

Deleting 0 users.

5 années, 1 mois

Aller à la page :

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

Monitoring