-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 08 Apr 2006 15:59:04 +0200
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.6c-7sarge3
Distribution: stable-security
Urgency: high
Maintainer: Martin Schulze <joey@debian.org>
Changed-By: sean finney <seanius@debian.org>
Description:
cacti - Frontend to rrdtool for monitoring systems and services
Changes:
cacti (0.8.6c-7sarge3) stable-security; urgency=high
.
* security update prepared for the debian security team by the
package maintainer.
* cacti includes adodb code and thus is affected by 3 out of the
4 CVE's referenced in DSA 1029-1:
- CVE-2006-0146: improper input sanitization leads to SQL injection
- CVE-2006-0410: insufficient input sanitizing leads to SQL injection
- CVE-2006-0806: cross site scripting vulnerabilities
this update contains patches merged into cacti's version of adodb.
Files:
9ad5bc63bba985893a14044dd5b37592 597 web extra cacti_0.8.6c-7sarge3.dsc
b9c59a54f46b820480f4ee4fb7402074 43881 web extra cacti_0.8.6c-7sarge3.diff.gz
afe7c7131aacf8eaaaee0a3c39933834 1058818 web extra cacti_0.8.6c-7sarge3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEN9VLW5ql+IAeqTIRApRfAJwIN3fK1IEJukLSUMbIv8xNNP8ZKQCfYPCN
Ji7+xnuuCyZqw0h6GlRyq5E=
=AJIz
-----END PGP SIGNATURE-----
Accepted:
cacti_0.8.6c-7sarge3.diff.gz
to pool/main/c/cacti/cacti_0.8.6c-7sarge3.diff.gz
cacti_0.8.6c-7sarge3.dsc
to pool/main/c/cacti/cacti_0.8.6c-7sarge3.dsc
cacti_0.8.6c-7sarge3_all.deb
to pool/main/c/cacti/cacti_0.8.6c-7sarge3_all.deb
