[Pkg-cacti-maint] cacti_0.8.8a+dfsg-5+deb7u1_amd64.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Wed Aug 21 21:03:35 UTC 2013
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 10 Aug 2013 07:30:37 +0200
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.8a+dfsg-5+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Cacti Maintainer <pkg-cacti-maint at lists.alioth.debian.org>
Changed-By: Paul Gevers <elbrus at debian.org>
Description:
cacti - web interface for graphing of monitoring systems
Changes:
cacti (0.8.8a+dfsg-5+deb7u1) wheezy-security; urgency=high
.
* Security upload
* Add patches to fix SQL or command line injection via snmp settings or
graph creation or edition that allows privileged users to execute
arbitrary SQL commands or command line commands.
- CVE-2013-1434
cacti_snmp_sql_injection_CVE-2013-1434.patch
- CVE-2013-1435
cacti_snmp_escape_string_CVE-2013-1435.patch
fix_quoting_in_rrd_command_CVE-2013-1435.patch
* CVE-2013-1435 fix causes a regression in the handling of empty COMMENT
lines in the rrd legend. Fixed by upstream:
fix_COMMENT_in_graph_regression_from_CVE-2013-1435.patch
Checksums-Sha1:
8e23e336f5d9049d0b57c519d79aa61f55b04ccf 1683 cacti_0.8.8a+dfsg-5+deb7u1.dsc
4345484327a663043f2c25cc14da763ed0b10bce 2262792 cacti_0.8.8a+dfsg.orig.tar.gz
68f412be08c31184f06a5b66e59f1156eb26f7e8 108510 cacti_0.8.8a+dfsg-5+deb7u1.debian.tar.gz
66934338e16d7260e2196d43dc1e95dd1282daaf 2141388 cacti_0.8.8a+dfsg-5+deb7u1_all.deb
Checksums-Sha256:
05204020df56df487c769a29379362f97240660bda732ffd1adbf146385dd7f7 1683 cacti_0.8.8a+dfsg-5+deb7u1.dsc
18575e99b5be11edb150a5a20a8a63f8cbf50be0adb0c4892db3be68ca1fcf74 2262792 cacti_0.8.8a+dfsg.orig.tar.gz
57a7f925d00aeed782c4c2e323e95227a4bc941cc4f9becd2c577facb869332e 108510 cacti_0.8.8a+dfsg-5+deb7u1.debian.tar.gz
3621897e82f456bce05d3cb14f4299c69d0e418a4b6e6393656549ea9aea93d8 2141388 cacti_0.8.8a+dfsg-5+deb7u1_all.deb
Files:
c6cbdbf4d4a9eedf6c3ebbadb939437a 1683 web extra cacti_0.8.8a+dfsg-5+deb7u1.dsc
45ef51a85ee91bf9212478cc4af1c5de 2262792 web extra cacti_0.8.8a+dfsg.orig.tar.gz
dcc2a9d9daa40b7749636f0b638dc160 108510 web extra cacti_0.8.8a+dfsg-5+deb7u1.debian.tar.gz
6b0d58181691148837e5af454d815a6d 2141388 web extra cacti_0.8.8a+dfsg-5+deb7u1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJSCUAMAAoJEJxcmesFvXUKjDoH/0Fuba/ELYQ30ZRY7UVMETHN
FO8Z7duyl/GFDTs0yCw5Q+4sXv5adCnKKH977NRtlolqJpcJEJe5mY/kP0QdFdN8
diN87P/Mgi2eZrshPaqPg3gfTQTOjFxdsFOSJrAKXX/qCJYNmrPM1KoojYV0JUoY
VaTrq7ewt8LjWRtER2OeOMjJigveAsFjCJrdRti09HecGho0TTSgTQ5AUw6xOf3U
ClADZp6C3u84JwtVvUHt4Prpf2+tMh6GdNKBsRWItltZFdgthj3bjG9xRQylyqZa
zv9tkkS7+gUY9bjNIeCknE28OFUHOMl35rTu+YEgA9ZPcFqstrydAOnypyefxCo=
=H1FT
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-cacti-maint
mailing list