[Pkg-cacti-maint] Bug#1059286: cacti: CVE-2023-46490
Paul Gevers
elbrus at debian.org
Fri Dec 22 18:50:42 GMT 2023
Hi,
On 22-12-2023 13:17, Moritz Mühlenhoff wrote:
> There's also a reference for
> https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c
> but it's noin-public for two months now, might be worth checking with
> upstream for the status.
Upstream confirmed they are working on an official release.
They referred me to these (haven't checked myself, just forwarding for
info):
https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc
https://github.com/Cacti/cacti/commit/73d9a60e24d6d826e6343b94d833b48c28b68643
Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-cacti-maint/attachments/20231222/13f0c052/attachment.sig>
More information about the Pkg-cacti-maint
mailing list