Re: cacti security update
Am 15.07.2014 um 09:22 schrieb Paul Gevers <elbrus@debian.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Package : cacti
> Version : 0.8.7g-1+squeeze4
> CVE ID : CVE-2014-2326 CVE-2014-2327 CVE-2014-2328
> CVE-2014-2708 CVE-2014-2709 CVE-2014-4002
> Debian Bug : 742768 743565 752573
>
> Multiple security issues (cross-site scripting, cross-site request
> forgery, SQL injections, missing input sanitising) have been found in
> Cacti, a web frontend for RRDTool.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Icedove - http://www.enigmail.net/
>
> iQEcBAEBCAAGBQJTxNa0AAoJEJxcmesFvXUKwI4IAJjZuZtsgkWStCQwv8OxOJrv
> YwYiqrC7XcR11J0mGTEtQoBTKkpwdtuYEbMf1+ylxHpWuTk9QKphct7Dif+7WAf0
> 8in1g2bPn/w6cuklKtzYTYyoEh3dDcmNy3tVx6e6UPOP+dE18cnidEd9YW5inCi1
> 7UuR5/j76TWo9zY/wF48kamSY/0uM3gqGwvyndvShYSppEanrK6oSJWDiOYk1bWv
> ZWAZ2yYkr4n6z1hfw6700Hp7zA5Qf2/SnKD0z+44Ilxx+/Nw0K5iiAGTdBAM7MyL
> zE3jsoN7doSiqr3TU7+Ua0hNYDTm3r7uLqfvFRuRCGsUbACO6zBKe+MTacPq5iM=
> =TrDw
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-lts-announce-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: https://lists.debian.org/53C4D6B7.30708@debian.org
>
--
Stefan Gundel
Senior Systems Engineer
NETWAYS Managed Services GmbH | Deutschherrnstr. 15-19 | D-90429 Nuernberg
Tel: +49 911 92885-0 | Fax: +49 911 92885-77
GF: Julian Hein, Bernd Erk | AG Nuernberg HRB25207
http://www.netways.de | stefan.gundel@netways.de
** Open Source Backup Conference 2014 - September - osbconf.org **
** Puppet Camp Duesseldorf 2014 - Oktober - netways.de/puppetcamp **
** OSMC 2014 - November - netways.de/osmc **
** OpenNebula Conf 2014 - Dezember - opennebulaconf.com **
Reply to: