Accepted cacti 1.2.2+ds1-2+deb10u2 (source all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 29 Dec 2019 19:53:28 +0100
Source: cacti
Binary: cacti
Architecture: source all
Version: 1.2.2+ds1-2+deb10u2
Distribution: buster-security
Urgency: medium
Maintainer: Cacti Maintainer <pkg-cacti-maint@lists.alioth.debian.org>
Changed-By: Hugo Lefeuvre <hle@debian.org>
Description:
cacti - web interface for graphing of monitoring systems
Closes: 941036 947374 947375
Changes:
cacti (1.2.2+ds1-2+deb10u2) buster-security; urgency=medium
.
* Non-maintainer upload by the Security Team.
* Acknowledgements to Paul Gevers!
* CVE-2019-17358: insufficient validation of form input leading to unsafe
unserialization operations and memory corruption (Closes: #947375).
* CVE-2019-17357: SQL injection vulnerability in graphs.php (Closes: #947374).
* CVE-2019-16723: Authentication bypass allows unprivileged users to view all
graphs (Closes: #941036).
Checksums-Sha1:
99a8abb2c5bc046f080181d894fd84068bb0ae1e 2309 cacti_1.2.2+ds1-2+deb10u2.dsc
5bcf2410f398f22ea55696428dfdc9f033303e0c 12751572 cacti_1.2.2+ds1.orig-docs-source.tar.gz
d0a763c27c1c9778e782a14abae3075dbfd3c8a7 3702668 cacti_1.2.2+ds1.orig.tar.xz
73c2fac2a49c30f5ac9df9f437cb5bb2b2ce15be 56528 cacti_1.2.2+ds1-2+deb10u2.debian.tar.xz
119270eac1b481d9e69eefd5314e8986170e928c 14877344 cacti_1.2.2+ds1-2+deb10u2_all.deb
e59537c1ba34d5c0f696787b2893e0722fde6449 5652 cacti_1.2.2+ds1-2+deb10u2_amd64.buildinfo
Checksums-Sha256:
9934d1b2a4edf7c9fd05cfffd49f9e36786835c23ddb90f7ddbee9092328bbad 2309 cacti_1.2.2+ds1-2+deb10u2.dsc
5d94359ea0b15cfe8f96ddc9999394594563cb34de2bb500a54f7b27565b44b4 12751572 cacti_1.2.2+ds1.orig-docs-source.tar.gz
45d263e2cbc7aa40e162c35adbe45229bd231e16faf082dbc01fb36403140bef 3702668 cacti_1.2.2+ds1.orig.tar.xz
971a74243dae8e84776c44a89ad51537e43e3c3a4d6ee2d7cc1609a8ffabf01a 56528 cacti_1.2.2+ds1-2+deb10u2.debian.tar.xz
f5474e0ac396e709714ca88d5b5abbb72906703fdf1b3ece647a8085cf997ce8 14877344 cacti_1.2.2+ds1-2+deb10u2_all.deb
54db11f5f0ee2dea59ea7d47837d8c415b537f9b8e25f90bd010bc76990eb5af 5652 cacti_1.2.2+ds1-2+deb10u2_amd64.buildinfo
Files:
53ae1a58c40f1b514739e8718024886b 2309 web optional cacti_1.2.2+ds1-2+deb10u2.dsc
ebdf0461474378c083051b44ce15aa34 12751572 web optional cacti_1.2.2+ds1.orig-docs-source.tar.gz
b14ae7d08f482659a44d76cbeca91ebd 3702668 web optional cacti_1.2.2+ds1.orig.tar.xz
0aab4a16c3683b20eaa0fc1e6b1e71cf 56528 web optional cacti_1.2.2+ds1-2+deb10u2.debian.tar.xz
c7e2734369eaaaa9d35e5d4ebfe9e7a9 14877344 web optional cacti_1.2.2+ds1-2+deb10u2_all.deb
a2ac8c4be621c2e1a60ba7faa44c1995 5652 web optional cacti_1.2.2+ds1-2+deb10u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl4jKigACgkQEeMFjl5E
GkLS4wwAqUioNAW8isC8tD+f4QCYwHN0pY/k1ETNEwV+dLk1iMlEQ1K581wMvM+j
tltkKLqwlClQHu40gIBI3PHiQAxBhOg2gUooTqzjB3KMrE2FEGvU0q67GK5hgdtN
vhksiz72YegZxyhwmCoQfQis1UblEHW7ig8doFquJEhhsr+ovXgFvnMV+o+isC7T
Zd3tNxZcFHjQk3bbmknWKozNrIYUwDddNgZ61XI0aK/iV0Z7RN9jJ1rA8XdXGSnG
qzVki5U6jrDe3qM4p5nRLQlUN7YOywq8IQQkpIpaqzwmB/sta4VUWILpFwY+rMBL
LptVcMGwVcASMMCVOq11lR8cs0Q+LpyV9aU6Wos124p6smK354/+NNaIG9LS4uY3
lDR7hiM91zAGgqbdbGlhGqZ01ENsorlH5qWerDutxWIorRRkCnnaOypUGUc3qmx5
v2h/NK+ZOEvDISCssSpRS6MAqIX/qRswYESmcYyryAsQf5OalAGWRxYHOYkTHSS9
v1Apto3a
=5JbK
-----END PGP SIGNATURE-----