Back to cacti PTS page

Accepted cacti 0.8.8d+ds1-1 (source all) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted cacti 0.8.8d+ds1-1 (source all) into unstable
From: Paul Gevers <elbrus@debian.org>
Date: Mon, 22 Jun 2015 18:18:51 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1Z76J1-0004q4-AJ@franck.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 22 Jun 2015 19:59:13 +0200
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.8d+ds1-1
Distribution: unstable
Urgency: high
Maintainer: Cacti Maintainer <pkg-cacti-maint@lists.alioth.debian.org>
Changed-By: Paul Gevers <elbrus@debian.org>
Description:
 cacti      - web interface for graphing of monitoring systems
Closes: 773436 781982
Changes:
 cacti (0.8.8d+ds1-1) unstable; urgency=high
 .
   * Upload to unstable
   * New upstream release
     - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti
       before 0.8.8d allows remote attackers to inject arbitrary web script
       or HTML via unspecified vectors.
     - CVE-2015-4342 SQL Injection and Location header injection from cdef id
     - CVE-2015-4454 SQL injection vulnerability in the
       get_hash_graph_template function in lib/functions.php in Cacti before
       0.8.8d allows remote attackers to execute arbitrary SQL commands via
       the graph_template_id parameter to graph_templates.php.
     - Unassigned CVE VN:JVN#78187936 / TN:JPCERT#98968540 Fixed SQL injection
   * Remove Sean from the list of uploaders. Thanks for all the fish
     (Closes: #773436)
   * Fix d/p/07_cli-include-path.patch (LP: #1433665)
   * Update debian/patches/fix_php_strict_warning_in_ping.patch for partial
     upstream fix
   * Include the virtual alternative for the recommends on mysql-server
     (Closes: #781982)
   * Upstream dropped unused javascripts, remove them from d/copyright
   * Add patch to have upgrade script mention version 0.8.8d i.s.o. 0.8.8c
Checksums-Sha1:
 743203308ba9f8d5f1feee61029578133d95f0b3 1591 cacti_0.8.8d+ds1-1.dsc
 e54690a07a4810f775ac97d2c0c0c64d4442c7e9 2242259 cacti_0.8.8d+ds1.orig.tar.gz
 dc1023dd34c713cbb83c5f3a463c759f6a1275a9 45188 cacti_0.8.8d+ds1-1.debian.tar.xz
 631880095a02e96e05bdb13363605163d461c7dc 1990230 cacti_0.8.8d+ds1-1_all.deb
Checksums-Sha256:
 8c5b76a35cd2c4f525cc3fd2b16a7f7a9c7b4fb889f3fcc5503e17606da27907 1591 cacti_0.8.8d+ds1-1.dsc
 f3a958e3e813d5e47bd14feb90d101a518469a563ea01a8b1e2918349b1770c0 2242259 cacti_0.8.8d+ds1.orig.tar.gz
 c6c19aff5a2adf0764577fadfa3a9cccd67703a4cfcd44d7d8cb2119321f6e25 45188 cacti_0.8.8d+ds1-1.debian.tar.xz
 077eecd87fecad8bc77bb03e9284a51d31c40408da3a4c2e618453816c8517d8 1990230 cacti_0.8.8d+ds1-1_all.deb
Files:
 5415eb417c2d3ea59e6e2f5e1af64a36 1591 web extra cacti_0.8.8d+ds1-1.dsc
 c118d6ee3287a2e37f57c1c67daba601 2242259 web extra cacti_0.8.8d+ds1.orig.tar.gz
 40623c8fdb2b93cf226aeadd58aa7891 45188 web extra cacti_0.8.8d+ds1-1.debian.tar.xz
 c13bf46c6e6a7b8773852203d1a4a465 1990230 web extra cacti_0.8.8d+ds1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJViE+1AAoJEJxcmesFvXUKWoAIALycu8arVrd4bOE87G1fM7P3
aK/n7l/tTk5Rw/C+sWQjrT/9LAl4NWR1ZoAQv/qJcU8FbKlBQ5uXSii1dsKHIGB0
1q5VPvJ7ia/U+e4tO0letT5PaAWhit37QpQw2oMfWeLlS3S1y/NG6W+cOVwkWNfr
fjt8Nb39121aPbVSgpMLuexhMitgOJRXTmgFsDdL9ZwrDvB7vhVwc7NelFEq4wrO
NbMi+DVbxWN7cGU08IUh1+87AhW5ZTdWXtbqz9ZuUBcBD2S0yeSh5u4kf4ME3LlW
pyryNCh4GMUaoEqSp7aRdENR9FiP5W6+oJ4KvB1z2I+zFv0dsytXI/0EcUoQUn4=
=/++t
-----END PGP SIGNATURE-----