Ubuntu
cacti package

  1. Bug #599892
  2. Comment #18

Comment 18 for bug 599892

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cacti - 0.8.7e-2ubuntu0.1

---------------
cacti (0.8.7e-2ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Fix SQL injection vulnerability in templates_export.php
    (LP: #599892)
    - debian/patches/CVE-2010-1431.patch: patch derived from upstream patch
    - CVE-2010-1431
  * SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities
    - debian/patches/CVE-2010-1644.patch: patch derived from upstream patch
    - CVE-2010-1644
  * SECURITY UPDATE: Fix arbitrary command execution vuln
    - debian/patches/CVE-2010-1645.patch: patch derived from upstream patches
    - CVE-2010-1645
  * SECURITY UPDATE: Fix a SQL injection vulnerability in graph.php
    - debian/patches/CVE-2010-2092.patch: patch derived from Debian patch
    - CVE-2010-2092
    - DSA-2060
  * SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities
    - debian/patches/CVE-2010-2543.patch: patch derived from upstream patches
    - CVE-2010-2543
    - CVE-2010-2544
    - CVE-2010-2545
 -- Brian Thomason <email address hidden> Mon, 24 Jan 2011 11:20:13 -0500