Accepted cacti 0.8.7b-2.1+lenny4 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 09 Jan 2012 02:30:39 +0700
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.7b-2.1+lenny4
Distribution: lenny-security
Urgency: high
Maintainer: Sean Finney <seanius@debian.org>
Changed-By: Mahyuddin Susanto <udienz@ubuntu.com>
Description:
cacti - Frontend to rrdtool for monitoring systems and services
Closes: 624516 652371
Changes:
cacti (0.8.7b-2.1+lenny4) lenny-security; urgency=high
.
[ Paul Gevers ]
* Patch for CVE-2010-1644: XSS issues in host.php and data_sources.php
Closes: #624516
* Patch for CVE-2010-1645: which allows execution of arbitrary commands
by admins
* Patch for CVE-2010-2543: XSS issues in include/top_graph_header.php
* Patch for CVE-2010-2545: XSS issues in multiple files
.
[ Mahyuddin Susanto ]
* [SECURITY] Fixes SQL injection vulnerability in auth_login.php that allows
remote attackers to execute arbitrary SQL commands via the login_username
parameter. (Closes: #652371)
- debian/patches/CVE-2011-4824.patch
- CVE-2011-4824
Checksums-Sha1:
f4f3700ac4e7206036bb05920170db9c35b033b6 1117 cacti_0.8.7b-2.1+lenny4.dsc
55676c01d38c21718a1b9a2b1bd4e9a2f3b185e4 54204 cacti_0.8.7b-2.1+lenny4.diff.gz
88e98c2f4c00f145d9474636d2ed5ca8961b046d 1858138 cacti_0.8.7b-2.1+lenny4_all.deb
Checksums-Sha256:
6378ad9a79be93e5891913a7bd62e260dcd2d72b66b1afd600cf1f2816f8f132 1117 cacti_0.8.7b-2.1+lenny4.dsc
8302a04ae93c31ad1fca5c336703a1645d7badf90a9532561ae58672335c5c7d 54204 cacti_0.8.7b-2.1+lenny4.diff.gz
a8400cbfd20396532788ce962870fc9d7b21a2cf3e9d255de257c1c524aa35c1 1858138 cacti_0.8.7b-2.1+lenny4_all.deb
Files:
ce153cfe059970a8e6d5d397cc40933d 1117 web extra cacti_0.8.7b-2.1+lenny4.dsc
806e5fbc69010e44c1ddc8260eaa1f6a 54204 web extra cacti_0.8.7b-2.1+lenny4.diff.gz
25857fbf4dfeef3f3e976afa0ffd824d 1858138 web extra cacti_0.8.7b-2.1+lenny4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk8KDcQACgkQ5UTeB5t8Mo0V4QCgjwfTqT3d/v6l72wYEIDGzsxI
6rMAoKRgIXSfWIsH5TuUHB5y/cPctvu5
=PZ/k
-----END PGP SIGNATURE-----
Accepted:
cacti_0.8.7b-2.1+lenny4.diff.gz
to main/c/cacti/cacti_0.8.7b-2.1+lenny4.diff.gz
cacti_0.8.7b-2.1+lenny4.dsc
to main/c/cacti/cacti_0.8.7b-2.1+lenny4.dsc
cacti_0.8.7b-2.1+lenny4_all.deb
to main/c/cacti/cacti_0.8.7b-2.1+lenny4_all.deb
Reply to: