Accepted cacti 1.2.2+ds1-2+deb10u5 (source) into oldstable

[Debian FTP Masters <ftpmaster@ftp-master.debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 29 Dec 2022 22:40:43 +0100
Source: cacti
Architecture: source
Version: 1.2.2+ds1-2+deb10u5
Distribution: buster-security
Urgency: high
Maintainer: Cacti Maintainer <pkg-cacti-maint@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 951832 1008693 1025648
Changes:
 cacti (1.2.2+ds1-2+deb10u5) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2022-46169: A command injection vulnerability allows an unauthenticated
     user to execute arbitrary code on a server running Cacti, if a poller_item
     with the action type POLLER_ACTION_SCRIPT_PHP (2) is configured.
     (Closes: #1025648)
   * CVE-2022-0730: Under certain LDAP conditions, Cacti authentication can be
     bypassed with certain credential types. (Closes: #1008693)
   * CVE-2020-25706: A cross-site scripting (XSS) vulnerability was found in
     templates_import.php.
   * CVE-2020-23226: Multiple Cross Site Scripting (XSS) vulneratiblities were
     found in reports_admin.php (1x), data_queries.php (2x), data_input.php (3x),
     graph_templates.php (4x), graphs.php (5x), reports_admin.php (6x), and
     data_input.php (7x).
   * CVE-2020-8813: A guest user with the graph real-time privilege could execute
     arbitrary OS commands via shell metacharacters in a cookie.  It remains
     unclear how PHP 7.2 and later are affected. (Closes: #951832)
Checksums-Sha1:
 08ea0ddd36d7fa1fbdf5df4f5724bad46c5e8939 2483 cacti_1.2.2+ds1-2+deb10u5.dsc
 5bcf2410f398f22ea55696428dfdc9f033303e0c 12751572 cacti_1.2.2+ds1.orig-docs-source.tar.gz
 d0a763c27c1c9778e782a14abae3075dbfd3c8a7 3702668 cacti_1.2.2+ds1.orig.tar.xz
 7880fe113c6ed9db6a79dff80c5a71cd0c5abcc2 77956 cacti_1.2.2+ds1-2+deb10u5.debian.tar.xz
 4651f8f9f806e8a82b401be6a7f8acdae352a148 6022 cacti_1.2.2+ds1-2+deb10u5_amd64.buildinfo
Checksums-Sha256:
 6359608176695b02cd383f73e4329fb00fb32d38cf9d5f7e39c8c9b3b4d71610 2483 cacti_1.2.2+ds1-2+deb10u5.dsc
 5d94359ea0b15cfe8f96ddc9999394594563cb34de2bb500a54f7b27565b44b4 12751572 cacti_1.2.2+ds1.orig-docs-source.tar.gz
 45d263e2cbc7aa40e162c35adbe45229bd231e16faf082dbc01fb36403140bef 3702668 cacti_1.2.2+ds1.orig.tar.xz
 4e0c38f4c842fbaa611d56c8201d791990c82932e249a0d9070b6cf402895354 77956 cacti_1.2.2+ds1-2+deb10u5.debian.tar.xz
 fae9589002ea62cadfc6a0358e8e8f05eb0e0e3daa58f03a8b82984919584418 6022 cacti_1.2.2+ds1-2+deb10u5_amd64.buildinfo
Files:
 3e20d29e3dd54058215c82bd0586e254 2483 web optional cacti_1.2.2+ds1-2+deb10u5.dsc
 ebdf0461474378c083051b44ce15aa34 12751572 web optional cacti_1.2.2+ds1.orig-docs-source.tar.gz
 b14ae7d08f482659a44d76cbeca91ebd 3702668 web optional cacti_1.2.2+ds1.orig.tar.xz
 be0686d50010938905b3b126af6abbdb 77956 web optional cacti_1.2.2+ds1-2+deb10u5.debian.tar.xz
 ed447d3c6c2aa65c949023540c69e1ca 6022 web optional cacti_1.2.2+ds1-2+deb10u5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmOvdFUACgkQ05pJnDwh
pVJ8Fw//TSUPyYHItZ64hO5x9+X4zCeoty+Qukxxo9sdyNG9aCuNIddBGaVdu5LF
hjtY93MYJkilbJ7bCk9WWdrtGuMvx6dLkbAZ5/8cDwWAVw7+D0pEqo4qfsxEmJTi
STeyZ07jdyi2HNlDKQoLqyhkKfl2OfU9jeIt0xexl1fIr1YtKaXOjaGVOVrOBm/T
Kj/VSDtcYznvYoAn1Vrg7rbhG9eHI96lbvl0A856Iluzw0E1R+CV3KHsyuoxPq+3
ANfpuL3kQMIGEvKV6EzfZvBRl36bRRYjnbixb6qMtoePGVXbgR2SSrZGNUKxuMXL
skEq4bztQvxV5BX7U5IqaOYzjtL/+GFuIORdpEO1o5HXIH/9tDsw+iuQNdQLdafd
hyVQgf7/sMROAR24TIzWoSnrEBGoUACA2UWiDNXyZa7Pg2KOK9+jT9zPiVgoPmVR
m5g+4kRevbRAgAKZB/GzoBTAnL8KJ/l4r2VYIIdJBWJQRnFLMt54oXKGFhzWJ0vZ
ipd22ORGxjmwGnlEuMowyuWIoeczWt8Mdy+qYtQkBWWXItAA3KNFqLQCoS6FFL9W
qd2fGVTmMXvJ8rALjcnVEv5Tv7VxTGEZcg6zp5Q38J9A6r7fjDwmRxT+x8fH31rK
bby5/0QovXDS22KdyAQ2oMhPoUOlpY2W0ZEjACrRzZ7moYYEufQ=
=oyye
-----END PGP SIGNATURE-----