[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DLA 40-1] cacti security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : cacti
Version        : 0.8.7g-1+squeeze5
CVE ID         : CVE-2014-5025 CVE-2014-5026 CVE-2014-5261 CVE-2014-5262
Debian Bug     : 755032

Multiple security issues (cross-site scripting, missing input sanitizing
and SQL injection) have been discovered in Cacti, a web interface for
graphing of monitoring systems.

Furthermore, the fix for CVE-2014-4002 in the previous security update
has been brought in-line with the upstream fix as it caused a
regression for people using the plug-in system.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQEcBAEBCAAGBQJT94GLAAoJEJxcmesFvXUKg+wH/jM/pcc+ntFYq4/35hA5+yzM
HZ3RPyVhmTsViYaPogozOzuq2+oSbWyvg+Z6OVDAkEko4stK/SJ554z0ZG0KyfNE
fxZONv8fljAKvgWhyKY9HFLPyeGfUJLN0JNyvurVZjRofQZ7n4cn84+m+Tw+p4KI
KzEvc/RWRujLxSd8SiNvTXefdJle2oEpgFue97FE1xjYH7Icjy105wPp85e4nK3Q
pQipT6/rtvnQhWDXgyoXdjoq9ov/ZjJBIzaExaDVYYtOr5QaQh8r291mcHxb5YBV
rT519gguUOPb6y8fpNiV+l2TaOQ3oF7fQl73WEa4vBs6ECjwalhdWybrRXUHhfk=
=qHgE
-----END PGP SIGNATURE-----
Reply to: