Accepted: cacti, cacti, cacti_0.8.6i-3ubuntu0.2_i386_translations.tar.gz 0.8.6i-3ubuntu0.2 (source, i386, raw-translations)

Ubuntu Installer archive at ubuntu.com
Fri Feb 22 02:55:31 GMT 2008 

Accepted:
 OK: cacti_0.8.6i.orig.tar.gz
 OK: cacti_0.8.6i-3ubuntu0.2.diff.gz
 OK: cacti_0.8.6i-3ubuntu0.2.dsc
     -> Component: universe Section: web
 OK: cacti_0.8.6i-3ubuntu0.2_all.deb
 OK: cacti_0.8.6i-3ubuntu0.2_i386_translations.tar.gz

Format: 1.7
Date: Fri, 15 Feb 2008 21:10:36 +0100
Source: cacti
Binary: cacti
Architecture: i386_translations all source
Version: 0.8.6i-3ubuntu0.2
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Stephan Hermann <sh at sourcecode.de>
Description:
 cacti      - Frontend to rrdtool for monitoring systems and services
Changes:
 cacti (0.8.6i-3ubuntu0.2) feisty-security; urgency=low
 .
   * SECURITY UPDATE: (LP: #192199)
     + CVE-2008-0783: Multiple cross-site scripting (XSS) vulnerabilities in
       Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to
       inject arbitrary web script or HTML via the (1) view_type parameter to
       graph.php, (2) filter parameter to graph_view.php, and (3) action and
       login_username parameters to index.php/login.
     + CVE-2008-0784: graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before
       0.8.6k allows remote attackers to obtain the full path via an invalid
       local_graph_id parameter and other unspecified vectors.
   * debian/patches/11_CVE-2008-0783_CVE-2008-0784.dpatch: applied patch by
     upstream. (backported from 0.8.6j)
     (Link: http://www.cacti.net/downloads/patches/0.8.6j/multiple_vulnerabilities-0.8.6j.patch)
   * References:
     CVE-2008-0783
     CVE-2008-0784
Files:
 4bcabbccaa90ef1b41d7d6286f7c6e2e 956920 web extra cacti_0.8.6i-3ubuntu0.2_all.deb
 a41778091f28d924f44755890a306583 12680 raw-translations - cacti_0.8.6i-3ubuntu0.2_i386_translations.tar.gz
 b643ff8e727d512e8b9af4e4d607935b 670 web extra cacti_0.8.6i-3ubuntu0.2.dsc
 4e4cb395f34c09b3c8f2b2ef14594964 37801 web extra cacti_0.8.6i-3ubuntu0.2.diff.gz
Launchpad-Bugs-Fixed: 192199
Original-Maintainer: sean finney <seanius at debian.org>

More information about the feisty-changes mailing list