Kali Linux Package Tracker
Register | Log in

cacti 0.8.8b+dfsg-8+deb8u1 has been added to Kali Sana Security

News for package cacti

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (quilt)
Source: cacti
Binary: cacti
Architecture: all
Version: 0.8.8b+dfsg-8+deb8u1
Maintainer: Cacti Maintainer <[email protected]>
Uploaders: Sean Finney <[email protected]>, Mahyuddin Susanto <[email protected]>, Paul Gevers <[email protected]>
Homepage: http://www.cacti.net/
Standards-Version: 3.9.5
Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-cacti/cacti.git
Vcs-Git: git://anonscm.debian.org/pkg-cacti/cacti.git
Build-Depends: debhelper (>= 7.0.50~), po-debconf
Package-List:
 cacti deb web extra arch=all
Checksums-Sha1:
 20b635f831d3219e93c11ea435c3389ab429cad7 2081800 cacti_0.8.8b+dfsg.orig.tar.bz2
 f9d389e41b002d3fbded86421d51f458d5de3046 106740 cacti_0.8.8b+dfsg-8+deb8u1.debian.tar.xz
Checksums-Sha256:
 bc4b733055e66e1f75e67e697d97793c072ce82e31c5cfa21aab781cc470171b 2081800 cacti_0.8.8b+dfsg.orig.tar.bz2
 366cdf950707e7dd02521304d25dbedd0a8655c2742fe7dc4535d9a0771d6aa1 106740 cacti_0.8.8b+dfsg-8+deb8u1.debian.tar.xz
Files:
 337a1717260090a420918aac627c61ba 2081800 cacti_0.8.8b+dfsg.orig.tar.bz2
 b9a83621f156ebadd20828b52a6da53f 106740 cacti_0.8.8b+dfsg-8+deb8u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJViaY7AAoJEJxcmesFvXUKjgkIAKPRIqJC2DWOoTTFM3TkNMVT
9kTx0jnULGVsGhaXjHnSRlyaV0q7HjOaN8udVRGCtVub/k8izGN8soINAGtcyt9T
a/P4APIQWpZLH+Nu4OsSYpyvNhO8rWMEIalwtmwvMg+UMKXDC+WZstsCGB84Pmdr
uL7iEnT6561IZ8vFj1v20nFq9Obo/OYhTq6V6bFxdls9duk/b09dA23c0hUNGz9t
G8206SMMXdkwZk8lFxuExZSHVPdkqmO/GDMjM+HA8pveoKNMot07r6nOHXfZUDUs
mlXMztbYOCx9nZvJ8DyswbT2U5SWakXmXjjaqoN3mA06ODMsdeKdm/sUUGhgCJY=
=0s2G
-----END PGP SIGNATURE-----

Changes:
cacti (0.8.8b+dfsg-8+deb8u1) jessie-security; urgency=high

  * Security update
    - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti
      before 0.8.8d allows remote attackers to inject arbitrary web script
      or HTML via unspecified vectors.
    - CVE-2015-4342 SQL Injection and Location header injection from cdef
      id
    - CVE-2015-4454 SQL injection vulnerability in the
      get_hash_graph_template function in lib/functions.php in Cacti before
      0.8.8d allows remote attackers to execute arbitrary SQL commands via
      the graph_template_id parameter to graph_templates.php.
    - Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540

 -- Paul Gevers <[email protected]>  Mon, 22 Jun 2015 20:55:59 +0200