-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 16 Dec 2009 11:32:08 +0100
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.6i-3.6
Distribution: oldstable-security
Urgency: high
Maintainer: sean finney <seanius@debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description:
cacti - Frontend to rrdtool for monitoring systems and services
Closes: 429224
Changes:
cacti (0.8.6i-3.6) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix several cross-site scriptings via different vectors
Fixes: CVE-2009-4032
* Fix denial of service via the graph_start, graph_end, graph_height
and graph_width parameters (Closes: #429224)
Fixes: CVE-2007-3112 CVE-2007-3113
Files:
bb8fb25c6db1cd6a2a785f879943d969 590 web extra cacti_0.8.6i-3.6.dsc
4ee9e373817ebc32297e1c3de8fee10d 38419 web extra cacti_0.8.6i-3.6.diff.gz
9093e9f9abaa6c3dbbedad24cc1d4f7e 962816 web extra cacti_0.8.6i-3.6_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAksovlkACgkQ62zWxYk/rQcRKgCgncvKXzzZFObziIJYZRf0Bzvb
hPMAoJM/1lJTahbwBz3O9xN4wPKjuWT/
=aMFj
-----END PGP SIGNATURE-----
Accepted:
cacti_0.8.6i-3.6.diff.gz
to main/c/cacti/cacti_0.8.6i-3.6.diff.gz
cacti_0.8.6i-3.6.dsc
to main/c/cacti/cacti_0.8.6i-3.6.dsc
cacti_0.8.6i-3.6_all.deb
to main/c/cacti/cacti_0.8.6i-3.6_all.deb