-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 02 Jul 2005 01:09:08 -0400 Source: cacti Binary: cacti Architecture: source all Version: 0.8.6c-7sarge2 Distribution: stable-security Urgency: high Maintainer: Martin Schulze <joey@debian.org> Changed-By: sean finney <seanius@debian.org> Description: cacti - Frontend to rrdtool for monitoring systems and services Changes: cacti (0.8.6c-7sarge2) stable-security; urgency=high . * security update prepared for the debian security team by the package maintainer. * Removed double patched code that accidently crept in when converting the source to svn [graphs_new.php, host.php, lib/database.php] * fix for the following security issues reported by the php-hardened project: - 032005: Cacti Multiple SQL Injection Vulnerabilities - 042005: Cacti Remote Command Execution Vulnerability - 052005: Cacti Authentication/Addslashes Bypass Vulnerability Files: 50f791f80662a02e982e82e4be7e59b5 595 web extra cacti_0.8.6c-7sarge2.dsc b4130300f671e773ebea3b8f715912c1 1046586 web extra cacti_0.8.6c.orig.tar.gz a9959e2d720a6f7188c5713494b9eaaa 42575 web extra cacti_0.8.6c-7sarge2.diff.gz 2b5fe2ca0dc11a199c20f5bf7b3aa7ee 1058544 web extra cacti_0.8.6c-7sarge2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFC1UiTW5ql+IAeqTIRAq0nAKCS2XPd4bwh2zTfTqvdVaJ8MlGIVgCfR0ok uWO4jB9IKEpOVi2D6JpUWOU= =0bTY -----END PGP SIGNATURE----- Accepted: cacti_0.8.6c-7sarge2.diff.gz to pool/main/c/cacti/cacti_0.8.6c-7sarge2.diff.gz cacti_0.8.6c-7sarge2.dsc to pool/main/c/cacti/cacti_0.8.6c-7sarge2.dsc cacti_0.8.6c-7sarge2_all.deb to pool/main/c/cacti/cacti_0.8.6c-7sarge2_all.deb -- To UNSUBSCRIBE, email to debian-changes-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org