Debian Package Tracker

From: Paul Gevers <elbrus@debian.org>
To: <debian-lts-changes@lists.debian.org>
Subject: Accepted cacti 0.8.7g-1+squeeze6 (source all) into squeeze-lts
Date: Sat, 27 Jun 2015 11:04:35 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 23 Jun 2015 21:22:55 +0200
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.7g-1+squeeze6
Distribution: squeeze-lts
Urgency: high
Maintainer: Sean Finney <seanius@debian.org>
Changed-By: Paul Gevers <elbrus@debian.org>
Description: 
 cacti      - Frontend to rrdtool for monitoring systems and services
Changes: 
 cacti (0.8.7g-1+squeeze6) squeeze-lts; urgency=high
 .
   * Security update
     - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti
       before 0.8.8d allows remote attackers to inject arbitrary web script
       or HTML via unspecified vectors.
     - CVE-2015-4342 SQL Injection and Location header injection from cdef
       id
     - CVE-2015-4454 SQL injection vulnerability in the
       get_hash_graph_template function in lib/functions.php in Cacti before
       0.8.8d allows remote attackers to execute arbitrary SQL commands via
       the graph_template_id parameter to graph_templates.php.
     - Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540
Checksums-Sha1: 
 c4cd41365910b432696ceac58ae6d1325211a142 1426 cacti_0.8.7g-1+squeeze6.dsc
 a972176775413012113b6f10cfb5f2c9bdb7b747 62893 cacti_0.8.7g-1+squeeze6.diff.gz
 1bc00b69a57673da9808499b5ab33fb2061e6191 2094140 cacti_0.8.7g-1+squeeze6_all.deb
Checksums-Sha256: 
 3d66c8c44cb0116dfb87b8f6279af0b831a0ad73f14d9bee81a625b2633c42b1 1426 cacti_0.8.7g-1+squeeze6.dsc
 d8394fa96fb7618b9e500d070b13b0a5fb3a9d979c1b09f6b434965e62757d3c 62893 cacti_0.8.7g-1+squeeze6.diff.gz
 9e025b5b7b208f9500e806b8dbac5176c0140866d6fcae4b6c66d2635ccc7279 2094140 cacti_0.8.7g-1+squeeze6_all.deb
Files: 
 ac56ab30dbdfc2f8ca57fc4d242c3219 1426 web extra cacti_0.8.7g-1+squeeze6.dsc
 6d0a6e8f99ed5baf88c245032a3567a5 62893 web extra cacti_0.8.7g-1+squeeze6.diff.gz
 b6a6347882fc56f985ef412b60bc439f 2094140 web extra cacti_0.8.7g-1+squeeze6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJVjS5nAAoJEJxcmesFvXUKVYUIALOS/lzmL3D77gTANOzUvmiM
matgLsUgje1LwlgiW6nHGAXCZ18tbYQq3wyMKlEf2QGZ2uKyUnYb90d6eJUb5Q8N
qR9pI1VlWAU5Ta3C2w5zx3NgIgeIgKG6CqaI/EUrKptfLvli2zxB6VjeFZ7IrfxH
8Iqf8D7majjJfKzx71WSw2NWFq6+w2D+v64qoenBkBzn0xWumgqQWbgWVLrY+uCk
3mP7SftLKcFjYrywqv985225n8iNQX3BaFfj4cvLUE+0tQ8TqWyMx+p2xW6eNQzw
oOJ34n7uYvLdZffo4Mfd4/yGH1OwRhsNGRCH+i4biHZI7v5gOYdejmta6Cdz2qY=
=STfz
-----END PGP SIGNATURE-----
News for package cacti
