-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 20 Nov 2007 17:34:00 +0100
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.6c-7sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: sean finney <seanius@debian.org>
Changed-By: Stephan Hermann <sh@sourcecode.de>
Description:
cacti - Frontend to rrdtool for monitoring systems and services
Changes:
cacti (0.8.6c-7sarge5) oldstable-security; urgency=high
.
* SECURITY UPDATE:
+ CVE-2007-6035: SQL injection vulnerability in Cacti before 0.8.7a allows
remote attackers to execute arbitrary SQL commands via unspecified
vectors.
* debian/patches/10_CVE-2007-6035.dpatch: applied patch by upstream
(Link: http://www.cacti.net/downloads/patches/0.8.6j/sec_sql_injection-0.8.6j.patch)
* References:
CVE-2007-6035
Files:
8bfbdff5df7b79d6b8500cc9b859ac04 887 web extra cacti_0.8.6c-7sarge5.dsc
cbd167e3cdd2711ce2910c3a47dd6d45 56568 web extra cacti_0.8.6c-7sarge5.diff.gz
fbf23e7c7829a8461dc30217f4f926bc 1059858 web extra cacti_0.8.6c-7sarge5_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR0dAEGz0hbPcukPfAQJcpwf/X+W47OWKleY/1GlzxKUd0Cm1a+d1EfTh
TwYG6I+HnqunadK1U70pW/JEbz65Q3PV+aDGSAXWgcUddKH4M7JsH5aaWEkSjqIu
LQ+XPxHpLXe918iyGIzBwG7PQG+eOllBMYBcOb/I7H2ahDBJ5zTZpknKfZMnKXdO
68RM5cTXwlepUB/PyFbiIZ7rn8+QRCd4WJ6522aVKVdULMrbmLwV1d6Ns2CHWZhw
/yJaPyDFcKB7lHTunbIowMHngOitzXSRYAbIot3edVkEwk4WXDzEfW7QE6mwpk1B
bWfYGQSTAOfWajsVUeHwwOVr4sjU5UPEmxSKfsaOXqm+WP+3W7qITA==
=1Pzx
-----END PGP SIGNATURE-----
Accepted:
cacti_0.8.6c-7sarge5.diff.gz
to pool/main/c/cacti/cacti_0.8.6c-7sarge5.diff.gz
cacti_0.8.6c-7sarge5.dsc
to pool/main/c/cacti/cacti_0.8.6c-7sarge5.dsc
cacti_0.8.6c-7sarge5_all.deb
to pool/main/c/cacti/cacti_0.8.6c-7sarge5_all.deb
