Ubuntu
cacti package

  1. Bug #1210822
  2. Comment #1

Comment 1 for bug 1210822

Revision history for this message
Paul Gevers (paul-climbing) wrote : Re: Please import 0.8.8b+dfsg-2 from Debian and backport security fixes to 12.04 LTS

This bug was fixed in the package cacti - 0.8.8b+dfsg-2

---------------
cacti (0.8.8b+dfsg-2) unstable; urgency=low

  * CVE-2013-1435 fix cause a regression in the handling of empty COMMENT
    lines in the rrd legend. Fixed by upstream:
    fix_COMMENT_in_graph_regression_from_CVE-2013-1435.patch (Closes: #719156)
  * Update jquery stylesheet to provide the cacti background color

 -- Paul Gevers <email address hidden> Fri, 09 Aug 2013 22:34:26 +0200

cacti (0.8.8b+dfsg-1) unstable; urgency=low

  * New upstream release
    - Fixes SQL or command line injection via snmp settings or
      graph creation or edition that allows privileged users to execute
      arbitrary SQL commands or command line commands. CVE-2013-1434 and
      CVE-2013-1435
    - poller_cache_rebuild_on_install.patch included
  * Add d/rules get-orig-source target and accompanying script
  * Update japanese translation, thank victory (Closes: #717203)
  * Update vcs-* fields (thanks lintian)
  * Update standards (no changes needed)
  * Update years and my address in d/copyright
  * Allow any php5 SAPI provider to satify cacti dependency, thanks
    Ondřej Surý (php5 maintainer). Thus reverting the solution to bug
    #654843 as the original report was not a bug but a reporter mistake.
    libapache2-mod-fcgid does not provide php5 SAPI.

 -- Paul Gevers <email address hidden> Wed, 07 Aug 2013 20:46:58 +0200