Summary: | net-mgmt/cacti: upgrade to 0.8.8g | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Daniel Austin <freebsd-ports> | ||||
Component: | Individual Port(s) | Assignee: | Steven Kreuzer <skreuzer> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Many People | CC: | junovitch, ports-secteam | ||||
Priority: | --- | Keywords: | easy, patch, patch-ready, security | ||||
Version: | Latest | Flags: | freebsd-ports:
maintainer-feedback+
junovitch: merge-quarterly+ |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Daniel Austin
2016-02-23 18:50:20 UTC
Assign to committer that resolved: https://svnweb.FreeBSD.org/changeset/ports/409474 A commit references this bug: Author: junovitch Date: Wed Mar 2 02:28:46 UTC 2016 New revision: 409906 URL: https://svnweb.freebsd.org/changeset/ports/409906 Log: Document SQL injection and authentication bypass in Cacti Note CVE-2015-8369/upstream bug 0002646: SQL injection in graph.php was also fixed in this release but that was backported to 0.8.8f and is covered in a prior entry. PR: 207444 Security: CVE-2015-8377 Security: CVE-2015-8604 Security: CVE-2016-2313 Security: https://vuxml.FreeBSD.org/freebsd/db3301be-e01c-11e5-b2bd-002590263bf5.html Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: junovitch Date: Wed Mar 2 02:32:25 UTC 2016 New revision: 409907 URL: https://svnweb.freebsd.org/changeset/ports/409907 Log: MFH: r409474 Update to 0.8.8g PR: 207444 Security: CVE-2015-8377 Security: CVE-2015-8604 Security: CVE-2016-2313 Security: https://vuxml.FreeBSD.org/freebsd/db3301be-e01c-11e5-b2bd-002590263bf5.html Approved by: ports-secteam (with hat) Changes: _U branches/2016Q1/ branches/2016Q1/net-mgmt/cacti/Makefile branches/2016Q1/net-mgmt/cacti/distinfo branches/2016Q1/net-mgmt/cacti/files/patch-CVE-2015-8369 branches/2016Q1/net-mgmt/cacti/pkg-plist Close, post close addition of keywords, set merge-quarterly+ and add port-secteam@ as a follow up on any CCs. |