Created attachment 188128 [details] Update cacti to 1.1.28 Update cacti to 1.1.28. This is a security update, so please also merge quarterly. Committer: Please ignore the portlint warnings about gettext - cacti has internal support for gettext. This version fixes the following CVE references: issue#1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions issue#1066: CVE-2017-16660 in remote_agent.php logging function issue#1066: CVE-2017-16661 in view log file issue#1071: CVE-2017-16785 in global_session.php Reflection XSS Poudriere testport logs for i386/amd64 10.4/11.1 at: https://poudriere.dan.tm/poudriere/data/latest-per-pkg/cacti/1.1.28/
A commit references this bug: Author: pizzamig Date: Tue Nov 21 12:01:23 UTC 2017 New revision: 454600 URL: https://svnweb.freebsd.org/changeset/ports/454600 Log: security/vuxml: Document multiple vulnerabilities in net-mgmt/cacti PR: 223756 Reported by: freebsd-ports@dan.me.uk Approved by: olivier (mentor) Security: CVE-2017-16641 Security: CVE-2017-16660 Security: CVE-2017-16661 Security: CVE-2017-16785 Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: pizzamig Date: Tue Nov 21 12:04:26 UTC 2017 New revision: 454601 URL: https://svnweb.freebsd.org/changeset/ports/454601 Log: net-mgmt/cacti: Update to 1.1.28 PR: 223756 Submitted by: freebsd-ports@dan.me.uk (maintainer) Approved by: olivier (mentor) MFH: 2017Q4 Security: CVE-2017-16641 Security: CVE-2017-16660 Security: CVE-2017-16661 Security: CVE-2017-16785 Differential Revision: https://reviews.freebsd.org/D13175 Changes: head/net-mgmt/cacti/Makefile head/net-mgmt/cacti/distinfo head/net-mgmt/cacti/pkg-plist
A commit references this bug: Author: pizzamig Date: Mon Nov 27 21:00:16 UTC 2017 New revision: 454992 URL: https://svnweb.freebsd.org/changeset/ports/454992 Log: MFH: r454601 net-mgmt/cacti: Update to 1.1.28 PR: 223756 Submitted by: freebsd-ports@dan.me.uk (maintainer) Approved by: olivier (mentor) Security: CVE-2017-16641 Security: CVE-2017-16660 Security: CVE-2017-16661 Security: CVE-2017-16785 Differential Revision: https://reviews.freebsd.org/D13175 Approved by: ports-secteam (swills) Changes: _U branches/2017Q4/ branches/2017Q4/net-mgmt/cacti/Makefile branches/2017Q4/net-mgmt/cacti/distinfo branches/2017Q4/net-mgmt/cacti/pkg-plist
Committed! Thanks!