This bug was fixed in the package cacti - 0.8.7e-2ubuntu0.1
--------------- cacti (0.8.7e-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: Fix SQL injection vulnerability in templates_export.php (LP: #599892) - debian/patches/CVE-2010-1431.patch: patch derived from upstream patch - CVE-2010-1431 * SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities - debian/patches/CVE-2010-1644.patch: patch derived from upstream patch - CVE-2010-1644 * SECURITY UPDATE: Fix arbitrary command execution vuln - debian/patches/CVE-2010-1645.patch: patch derived from upstream patches - CVE-2010-1645 * SECURITY UPDATE: Fix a SQL injection vulnerability in graph.php - debian/patches/CVE-2010-2092.patch: patch derived from Debian patch - CVE-2010-2092 - DSA-2060 * SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities - debian/patches/CVE-2010-2543.patch: patch derived from upstream patches - CVE-2010-2543 - CVE-2010-2544 - CVE-2010-2545 -- Brian Thomason <email address hidden> Mon, 24 Jan 2011 11:20:13 -0500
This bug was fixed in the package cacti - 0.8.7e-2ubuntu0.1
---------------
cacti (0.8.7e-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: Fix SQL injection vulnerability in templates_ export. php patches/ CVE-2010- 1431.patch: patch derived from upstream patch patches/ CVE-2010- 1644.patch: patch derived from upstream patch patches/ CVE-2010- 1645.patch: patch derived from upstream patches patches/ CVE-2010- 2092.patch: patch derived from Debian patch patches/ CVE-2010- 2543.patch: patch derived from upstream patches
(LP: #599892)
- debian/
- CVE-2010-1431
* SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities
- debian/
- CVE-2010-1644
* SECURITY UPDATE: Fix arbitrary command execution vuln
- debian/
- CVE-2010-1645
* SECURITY UPDATE: Fix a SQL injection vulnerability in graph.php
- debian/
- CVE-2010-2092
- DSA-2060
* SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities
- debian/
- CVE-2010-2543
- CVE-2010-2544
- CVE-2010-2545
-- Brian Thomason <email address hidden> Mon, 24 Jan 2011 11:20:13 -0500