Updates to cacti for CVE-2023-39361 (CVSS 9.8)?
Alex Murray
alex.murray at canonical.com
Tue Nov 14 02:15:49 UTC 2023
Hi chuegen,
As cacti is in the universe component of the repository, it is community
maintained and therefore there is no timeframe as to when such a package
will be patched in Ubuntu nor any clear indication if a community member
is working on this at this time.
You can see the status of this CVE in the Ubuntu CVE Tracker at
https://ubuntu.com/security/CVE-2023-39361
Thanks,
Alex
On Tue, 2023-09-12 at 11:36:47 -0500, chuegen at pentics.com wrote:
> Hi there,
>
> The Cacti project provided an announcement of a CVSS 9.8 SQL injection
> bug against Cacti (fixed in 1.2.25). Is this being worked, and how long
> should I expect before a package becomes available in the Ubuntu 22.04
> security stream? For now, I have disabled the functionality in question
> while I await a package update (and I'd like to avoid having to go with
> a local version of the updated package if it will be relatively soon).
>
> -c
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
More information about the Ubuntu-devel-discuss
mailing list