Debian Package Tracker

From: Hugo Lefeuvre <hle@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted cacti 1.2.2+ds1-2+deb10u2 (source all) into proposed-updates->stable-new, proposed-updates
Date: Sat, 25 Jan 2020 19:02:09 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 29 Dec 2019 19:53:28 +0100
Source: cacti
Binary: cacti
Architecture: source all
Version: 1.2.2+ds1-2+deb10u2
Distribution: buster-security
Urgency: medium
Maintainer: Cacti Maintainer <pkg-cacti-maint@lists.alioth.debian.org>
Changed-By: Hugo Lefeuvre <hle@debian.org>
Description:
 cacti      - web interface for graphing of monitoring systems
Closes: 941036 947374 947375
Changes:
 cacti (1.2.2+ds1-2+deb10u2) buster-security; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * Acknowledgements to Paul Gevers!
   * CVE-2019-17358: insufficient validation of form input leading to unsafe
     unserialization operations and memory corruption (Closes: #947375).
   * CVE-2019-17357: SQL injection vulnerability in graphs.php (Closes: #947374).
   * CVE-2019-16723: Authentication bypass allows unprivileged users to view all
     graphs (Closes: #941036).
Checksums-Sha1:
 99a8abb2c5bc046f080181d894fd84068bb0ae1e 2309 cacti_1.2.2+ds1-2+deb10u2.dsc
 5bcf2410f398f22ea55696428dfdc9f033303e0c 12751572 cacti_1.2.2+ds1.orig-docs-source.tar.gz
 d0a763c27c1c9778e782a14abae3075dbfd3c8a7 3702668 cacti_1.2.2+ds1.orig.tar.xz
 73c2fac2a49c30f5ac9df9f437cb5bb2b2ce15be 56528 cacti_1.2.2+ds1-2+deb10u2.debian.tar.xz
 119270eac1b481d9e69eefd5314e8986170e928c 14877344 cacti_1.2.2+ds1-2+deb10u2_all.deb
 e59537c1ba34d5c0f696787b2893e0722fde6449 5652 cacti_1.2.2+ds1-2+deb10u2_amd64.buildinfo
Checksums-Sha256:
 9934d1b2a4edf7c9fd05cfffd49f9e36786835c23ddb90f7ddbee9092328bbad 2309 cacti_1.2.2+ds1-2+deb10u2.dsc
 5d94359ea0b15cfe8f96ddc9999394594563cb34de2bb500a54f7b27565b44b4 12751572 cacti_1.2.2+ds1.orig-docs-source.tar.gz
 45d263e2cbc7aa40e162c35adbe45229bd231e16faf082dbc01fb36403140bef 3702668 cacti_1.2.2+ds1.orig.tar.xz
 971a74243dae8e84776c44a89ad51537e43e3c3a4d6ee2d7cc1609a8ffabf01a 56528 cacti_1.2.2+ds1-2+deb10u2.debian.tar.xz
 f5474e0ac396e709714ca88d5b5abbb72906703fdf1b3ece647a8085cf997ce8 14877344 cacti_1.2.2+ds1-2+deb10u2_all.deb
 54db11f5f0ee2dea59ea7d47837d8c415b537f9b8e25f90bd010bc76990eb5af 5652 cacti_1.2.2+ds1-2+deb10u2_amd64.buildinfo
Files:
 53ae1a58c40f1b514739e8718024886b 2309 web optional cacti_1.2.2+ds1-2+deb10u2.dsc
 ebdf0461474378c083051b44ce15aa34 12751572 web optional cacti_1.2.2+ds1.orig-docs-source.tar.gz
 b14ae7d08f482659a44d76cbeca91ebd 3702668 web optional cacti_1.2.2+ds1.orig.tar.xz
 0aab4a16c3683b20eaa0fc1e6b1e71cf 56528 web optional cacti_1.2.2+ds1-2+deb10u2.debian.tar.xz
 c7e2734369eaaaa9d35e5d4ebfe9e7a9 14877344 web optional cacti_1.2.2+ds1-2+deb10u2_all.deb
 a2ac8c4be621c2e1a60ba7faa44c1995 5652 web optional cacti_1.2.2+ds1-2+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl4jKigACgkQEeMFjl5E
GkLS4wwAqUioNAW8isC8tD+f4QCYwHN0pY/k1ETNEwV+dLk1iMlEQ1K581wMvM+j
tltkKLqwlClQHu40gIBI3PHiQAxBhOg2gUooTqzjB3KMrE2FEGvU0q67GK5hgdtN
vhksiz72YegZxyhwmCoQfQis1UblEHW7ig8doFquJEhhsr+ovXgFvnMV+o+isC7T
Zd3tNxZcFHjQk3bbmknWKozNrIYUwDddNgZ61XI0aK/iV0Z7RN9jJ1rA8XdXGSnG
qzVki5U6jrDe3qM4p5nRLQlUN7YOywq8IQQkpIpaqzwmB/sta4VUWILpFwY+rMBL
LptVcMGwVcASMMCVOq11lR8cs0Q+LpyV9aU6Wos124p6smK354/+NNaIG9LS4uY3
lDR7hiM91zAGgqbdbGlhGqZ01ENsorlH5qWerDutxWIorRRkCnnaOypUGUc3qmx5
v2h/NK+ZOEvDISCssSpRS6MAqIX/qRswYESmcYyryAsQf5OalAGWRxYHOYkTHSS9
v1Apto3a
=5JbK
-----END PGP SIGNATURE-----
News for package cacti
