-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 28 Dec 2019 17:44:58 +0100 Source: cacti Architecture: source Version: 1.2.8+ds1-1 Distribution: unstable Urgency: medium Maintainer: Cacti Maintainer <pkg-cacti-maint@lists.alioth.debian.org> Changed-By: Paul Gevers <elbrus@debian.org> Closes: 947374 947375 Changes: cacti (1.2.8+ds1-1) unstable; urgency=medium . * New upstream version 1.2.8+ds1 CVE-2019-17357 When viewing graphs, some input variables are not properly checked (SQL injection possible) (Closes: #947374) CVE-2019-17358 When deserializating data, ensure basic sanitization has been performed (Closes: #947375) Checksums-Sha1: 3fe56b8eb9afbb6555f87566a814ac77a364a404 2221 cacti_1.2.8+ds1-1.dsc 2c5f965cfd3e33dc30de061954e7160ccba5e69d 13511938 cacti_1.2.8+ds1.orig-docs-source.tar.gz d1af8048f738f17bfdc93b376424b6ff83c48cb3 7200520 cacti_1.2.8+ds1.orig.tar.gz 0b7fe37c18245ab959798b903f3d04610ef87ee4 53476 cacti_1.2.8+ds1-1.debian.tar.xz Checksums-Sha256: 085edee4cf21b007a7100036a335ae25c9cbf77c8ad7d708786b05dd8a7351e9 2221 cacti_1.2.8+ds1-1.dsc d05a34352c6613c1c49f8869f240fd961c06e0f6ecf51b4898166ff24aa50176 13511938 cacti_1.2.8+ds1.orig-docs-source.tar.gz 8be59fd173d2c20b67fb39dfb176a71f81bbfad672005ecd78b315d68b1a8661 7200520 cacti_1.2.8+ds1.orig.tar.gz a368bc93cde32ba3e149df80925785e94a16573861171fd5784af0d7f3f45349 53476 cacti_1.2.8+ds1-1.debian.tar.xz Files: 8544df36acee4e462402ac3386968969 2221 web optional cacti_1.2.8+ds1-1.dsc 1af3c4e6bf66a875cde9f69d1f8fb2a4 13511938 web optional cacti_1.2.8+ds1.orig-docs-source.tar.gz 04f421b8d25ecaca7901cfdfe2bb85c3 7200520 web optional cacti_1.2.8+ds1.orig.tar.gz ddfc298107a677666ab22270c56ca4b2 53476 web optional cacti_1.2.8+ds1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAl4Hh/MACgkQnFyZ6wW9 dQqEVAf/fUIqw3CLvKqqS0BYvFjwu2+aT3A9u0GjnuozSIEHAv1qF47b/7e7vZHS wtMnPLe5mApmvGe5Fa4dJiwDATpn0ZWpKiusANXWspBX2KUB39gYP5XcXB+HUyo6 b0fIrWHHm2ZdFDVb3srBZUbILcWKsFVMBLov+IAwlkn/zwRuJTMjIgZ7gRIcshbZ gwdaE25ZWh4OSamf/1OGM8GdKXbmj4MWdI9ms/zNRlliydMg9TENUaHehSKw2zN9 MB2N0xldhZdPVI9cS65NmeHbu0tg39j78Tjr+WUcFSdOjwIyewFEt2JoN6kRo+Ov lzDzCSRzYurMNZWKEpQtZyZNiwNlOg== =oNyN -----END PGP SIGNATURE-----
