[Bug 1303492] Re: Sync cacti 0.8.8b+dfsg-4 (universe) from Debian unstable (main)

Logan Rosen loganrosen at gmail.com
Mon Apr 7 03:36:40 UTC 2014


This bug was fixed in the package cacti - 0.8.8b+dfsg-5
Sponsored for Jackson Doak (noskcaj)

---------------
cacti (0.8.8b+dfsg-5) unstable; urgency=high

  * Fix postinst for lighttpd setups which fail on update due to
    lighty-enable-mod exiting with non-zero if config is already loaded
    (Closes: 743727)

 -- Paul Gevers <elbrus at debian.org>  Sun, 06 Apr 2014 19:59:12 +0200

cacti (0.8.8b+dfsg-4) unstable; urgency=high

  * Security update (Closes: 743565)
    - CVE-2014-2326 Cross-site scripting (XSS) vulnerability
    - CVE-2014-2328 Unspecified Remote Command Execution Vulnerability
    - CVE-2014-2708 SQL injection
    - CVE-2014-2709 Unspecified Remote Command Execution Vulnerability
  * Bump standards (no changes needed)
  * Fix VCS-Browser field
  * Fix license paragraph of jstree (Thanks lintian)

 -- Paul Gevers <elbrus at debian.org>  Sat, 05 Apr 2014 13:03:22 +0200

** Changed in: cacti (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2326

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2328

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2708

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2709

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1303492

Title:
  Sync cacti 0.8.8b+dfsg-4 (universe) from Debian unstable (main)

Status in “cacti” package in Ubuntu:
  Fix Released

Bug description:
  Please sync cacti 0.8.8b+dfsg-4 (universe) from Debian unstable (main)

  Changelog entries since current trusty version 0.8.8b+dfsg-3:

  cacti (0.8.8b+dfsg-4) unstable; urgency=high

    * Security update (Closes: 743565)
      - CVE-2014-2326 Cross-site scripting (XSS) vulnerability
      - CVE-2014-2328 Unspecified Remote Command Execution Vulnerability
      - CVE-2014-2708 SQL injection
      - CVE-2014-2709 Unspecified Remote Command Execution Vulnerability
    * Bump standards (no changes needed)
    * Fix VCS-Browser field
    * Fix license paragraph of jstree (Thanks lintian)

   -- Paul Gevers <elbrus at debian.org>  Sat, 05 Apr 2014 13:03:22 +0200

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cacti/+bug/1303492/+subscriptions



More information about the Ubuntu-sponsors mailing list