[Pkg-cacti-maint] cacti_1.2.2+ds1-2+deb10u4_source.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Jan 23 15:47:07 GMT 2021
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 21 Jan 2021 20:16:38 +0100
Source: cacti
Architecture: source
Version: 1.2.2+ds1-2+deb10u4
Distribution: buster
Urgency: medium
Maintainer: Cacti Maintainer <pkg-cacti-maint at lists.alioth.debian.org>
Changed-By: Paul Gevers <elbrus at debian.org>
Closes: 979998
Changes:
cacti (1.2.2+ds1-2+deb10u4) buster; urgency=medium
.
* Add 0001-Fixing-Issue-4022.patch (Closes: #979998)
- CVE-2020-35701: SQL injection via data_debug.php
* Add 0001-Fixing-Issue-4019.patch
There are a few places in the current code where an attacker, once
having gained access to the Cacti database through a SQL injection,
could modify data in tables to possibly expose an stored XSS bug in
Cacti.
Checksums-Sha1:
f0651b1be15691e353695d67f8cfd818e22ab6be 2261 cacti_1.2.2+ds1-2+deb10u4.dsc
dc06d18fa7c8dd6b75e77fe3f7ccbb88fb856fce 67920 cacti_1.2.2+ds1-2+deb10u4.debian.tar.xz
Checksums-Sha256:
085ae645548b8a1cd6187dc725b7b0724e94b72fe5efb5de98726dfbf19a900f 2261 cacti_1.2.2+ds1-2+deb10u4.dsc
36885c441acd4517f6ba52fb24e36803f89587ba7d26f01cc974691434d18d2a 67920 cacti_1.2.2+ds1-2+deb10u4.debian.tar.xz
Files:
7e074c0bb8a23e0b2ad01311043933b5 2261 web optional cacti_1.2.2+ds1-2+deb10u4.dsc
b3304f7f4acf7cb61f062dd9317d0909 67920 web optional cacti_1.2.2+ds1-2+deb10u4.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAmAJ1kMACgkQnFyZ6wW9
dQq58AgAhc5k1IOez+Amtm4lv9LD+sDIWuW1bRpSMYpyHSrU35IVmyATFN4o//Ze
xIZNsSnVHBq0H/IuM+24LUOUSZhrftV61qgvEv+h6CggKdXSdSMO08/C3FETk2PD
vBAMlQqerpJW5CXXBMWs/09Dz0VQ0tV3XZgYIaMC1ucjm6GVEh8+v2OgBTdS49gh
PINXIS5Pg8XzByIoP0g9f9qfvHqLn4EmmvadwiTU3V5S0aT405nchp2DEZ5JCxIm
PIQCZ7SXEmzrzYyT+VVVZqLcvJQQBGLGUX+aPvo3PMCC4x4Ep5kwinfjxHkIYNHL
NWDzBr1kBj7043hRFeEfN8030pSdSw==
=4LEq
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-cacti-maint
mailing list