-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 09 Apr 2019 20:42:38 +0200 Source: cacti Architecture: source Version: 1.2.2+ds1-2 Distribution: unstable Urgency: medium Maintainer: Cacti Maintainer <pkg-cacti-maint@lists.alioth.debian.org> Changed-By: Paul Gevers <elbrus@debian.org> Closes: 926700 Changes: cacti (1.2.2+ds1-2) unstable; urgency=medium . * Add 0001-Resolving-Issue-2581.patch from upstream (Closes: #926700) CVE-2019-11025: In clearFilter() in utilities.php no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS. Checksums-Sha1: 30c70832c01af1d76c00868eeedbb02ebdcb4eb1 2451 cacti_1.2.2+ds1-2.dsc a93f3f3c6739f420a8beda701b43d7e89e07e476 53228 cacti_1.2.2+ds1-2.debian.tar.xz Checksums-Sha256: cae011f5bdad9a85e93b430fd198563ab8d98880f9baf9c86f6d53513739f5d5 2451 cacti_1.2.2+ds1-2.dsc 2f59bed7085bc5f9b0430bedb407ee15ea7efd123973d372358eb6728fd5f3e7 53228 cacti_1.2.2+ds1-2.debian.tar.xz Files: 9b8b58f46f6e379940cf2e4117af223f 2451 web optional cacti_1.2.2+ds1-2.dsc bb8df17986ac931fa8b231bf43f03d09 53228 web optional cacti_1.2.2+ds1-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEJeP/LX9Gnb59DU5Qr8/sjmac4cIFAlyvJ8IACgkQr8/sjmac 4cIzdg//UJMlYSVwAVAlgTXyy2blhLltJ/hThm98MEmm28zbDciZHckaXbbcZ/qt jyAhl1JAQUJ52Xlf/iYjEv93qpkhNT65wQlkr6DmPsRIYaf3ax9Fp4B1SFU08vnq 9AITjUrVsN0hnk+ngUkW+2K4tUcij3U6u/HJph1BE23avJFxKEEbWO/fXZoGXr10 G5r559xzeHvJHz3BN2Kq+bR2eSS17QgKDQWtAJaToYln140kAWj8LNGz2TxXP/xJ csbuEtce46OojTf8ribLQ0clBUJmwTN/JLEq5JVAsQ5gKsFyguGjmhr0GoNJ7XT5 7NSCmPeb/nUUDU4+ettx40wAW1bFMofEU4p8VNYb54gFyksTQ3K8zVex2eSam1en f+GAevVYJlqFB0ANQurpoByxA2mLnzu7Am6kR6XFgYfbFoJ4OtPwdgU6FvJB3eQy pwFGnAWQ0LttLY9xyQoTtqPCGIvbSXR81N2vlbsfOG/e8N4Lzih10VIOazQYHVFh u9ITv5/vBrfZuOcoiMIE9SNeDbPFP+JBLovLvec+Qwi5CxC6WToO4Gqby6gxCkh7 YEBBfjkJ8qaH3X9GQiTIztQfuC8vJMlKKHDf/YYF2EyDDdzknJb3e5a0DAVPBRw+ Ls7Fkk1rKCw2fV6V5e2fRSfLwW2OM7oi7YZSsCz4fpYsaoQ3sNU= =CflS -----END PGP SIGNATURE-----
