[Git][security-tracker-team/security-tracker][master] CVE-2025-24368/cacti: reference initial fix and regression

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Fri Feb 7 16:05:34 GMT 2025 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb0267a0 by Sylvain Beucler at 2025-02-07T17:04:33+01:00
CVE-2025-24368/cacti: reference initial fix and regression

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2587,9 +2587,11 @@ CVE-2025-24533 (Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Re
 CVE-2025-24368 (Cacti is an open source performance and fault management framework. So ...)
 	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-f9c7-7rc3-574c
-	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0 (release/1.2.29)
-	NOTE: Follow-up #1: https://github.com/Cacti/cacti/commit/94526a92b96c01848748602977819cd403932f0a (1.2.x)
+	NOTE: Backend fixed by: https://github.com/Cacti/cacti/commit/8b516cb9a73322ad532231e74000c2ee097b495e (release/1.2.27)
+	NOTE: Frontend fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0 (release/1.2.29)
+	NOTE: Frontend follow-up #1: https://github.com/Cacti/cacti/commit/94526a92b96c01848748602977819cd403932f0a (1.2.x)
 	NOTE: Possible follow-up #2: https://github.com/Cacti/cacti/pull/6094
+	NOTE: Regression: https://github.com/Cacti/cacti/issues/6090
 CVE-2025-24367 (Cacti is an open source performance and fault management framework. An ...)
 	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb0267a07f205b820b516e567c7a71838fedd995

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb0267a07f205b820b516e567c7a71838fedd995
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250207/4e94e476/attachment.htm>

More information about the debian-security-tracker-commits mailing list