Ubuntu Security Notice 3215-2 - USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user.
aa1f24b6f532f9a94b446eecce1f85748ef6ebca90324dbc5b1f133dce50088f