Change log for cacti package in Debian
76 → 144 of 144 results | First • Previous • Next • Last |
Superseded in experimental-release |
cacti (1.1.10+ds1-1) experimental; urgency=medium * New upstream release * Upstream uses a newer jquery-tablesorter then in Debian so some links are not working (newer version is waiting in NEW) and once available should be used as minimal required version * Add cacti-spine and snmpd to suggests * Use soft-links in for site/log and site/rra instead of patches * Add missing depends (php-gd, php-json, php-ldap) * Debian dropped suhosin long time ago, so stop patching for it * Add select grant on mysql.time_zone_name * Add default templates during install (got dropped upstream since 1.0.0) * Add some paths to cacti settings during install to accommodate for the by-pass of cacti/install web-page. * Add note about time zones and the suggested manual action in NEWS and README -- Paul Gevers <email address hidden> Tue, 13 Jun 2017 06:47:18 +0200
cacti (0.8.8h+ds1-10) unstable; urgency=medium * Fix upgrades from before 0.8.8h+ds1-8; that version started to ship symlinks to directories in libjs-jquery-jstree without making sure dpkg handled that properly during upgrades (Closes: #861858) -- Paul Gevers <email address hidden> Fri, 05 May 2017 13:55:33 +0200
Available diffs
- diff from 0.8.8h+ds1-9 to 0.8.8h+ds1-10 (591 bytes)
Superseded in experimental-release |
cacti (1.1.5+ds1-2) experimental; urgency=medium * Upload with fix from 0.8.8h+ds1-10: Fix upgrades from before 0.8.8h+ds1-8; that version started to ship symlinks to directories in libjs-jquery-jstree without making sure dpkg handled that properly during upgrades (Closes: #861858) -- Paul Gevers <email address hidden> Fri, 05 May 2017 21:23:09 +0200
Superseded in experimental-release |
cacti (1.1.5+ds1-1) experimental; urgency=medium * New upstream release * Generate translations from source * Bump compat level to 10 * Build documentation from source (requires second tar ball generated from upstream git) * Generate jQueryUI datepicker links instead of hardcoding them * Don't install *.po files, they aren't used * Add lintian overrides for script-non-executable to avoid carrying a patch forever, while they shouldn't need to be executable in Debian * Don't install useless examples (outside of doc tree even) * Handle the new paper-plane theme as the other themes * Clean up d/TODO a bit -- Paul Gevers <email address hidden> Wed, 03 May 2017 20:47:08 +0200
Superseded in experimental-release |
cacti (1.1.3+ds1-1) experimental; urgency=medium * New upstream release - Drop loads of obsoleted patches - Refresh or rework remaining patches * Strip loads of embedded javascript projects and build and/or depend on the proper Debian package * Drop dependency on libadodb as upstream moved away from it * Prepare to buid documentation * Add patches to move adaptations in the embedded jquery-ui css file to the cacti main.css file as upstream intents to support that * Update d/TODO as not everything is done as I want it -- Paul Gevers <email address hidden> Mon, 17 Apr 2017 19:50:52 +0200
cacti (0.8.8h+ds1-9) unstable; urgency=medium * Add enable_faster_polling_than_cron.patch to replace the use of the deprecated split() function (Closes: #860271) -- Paul Gevers <email address hidden> Thu, 13 Apr 2017 22:05:30 +0200
Available diffs
cacti (0.8.8h+ds1-8) unstable; urgency=medium * Depend on libjs-jquery-jstree instead of using embedded version * Replace use_debian_javascript_packages.patch with links to the Debian packages instead (more transparent) * Add fix_export_for_debian_packages.patch to avoid export failure -- Paul Gevers <email address hidden> Wed, 14 Dec 2016 21:20:24 +0100
Available diffs
- diff from 0.8.8h+ds1-7 to 0.8.8h+ds1-8 (2.6 KiB)
Superseded in sid-release |
cacti (0.8.8h+ds1-7) unstable; urgency=medium * Previous upload was screwed up. Doing it better this time I hope. -- Paul Gevers <email address hidden> Sat, 10 Dec 2016 07:47:07 +0100
Available diffs
- diff from 0.8.8h+ds1-5 to 0.8.8h+ds1-7 (904 bytes)
- diff from 0.8.8h+ds1-6 to 0.8.8h+ds1-7 (811 bytes)
Superseded in sid-release |
cacti (0.8.8h+ds1-6) unstable; urgency=medium * Fix links for path change in libjs-jquery-ui-theme-ui-lightness, hopefully bug #846515 will not get fixed -- Paul Gevers <email address hidden> Wed, 07 Dec 2016 21:44:51 +0100
Published in jessie-release |
cacti (0.8.8b+dfsg-8+deb8u6) jessie-proposed-updates; urgency=medium [ Emilio Pozuelo Monfort ] * CVE-2016-2313-guest-auth.patch: + Fix regression in the fix for CVE-2016-2313 that broke guest user logins. Thanks to Matus Uhlar for the report. -- Paul Gevers <email address hidden> Sun, 04 Sep 2016 21:37:36 +0200
cacti (0.8.8h+ds1-5) unstable; urgency=medium [ Emilio Pozuelo Monfort ] * CVE-2016-2313-guest-auth.patch: + Fix regression in the fix for CVE-2016-2313 that broke guest user logins. Thanks to Matus Uhlar for the report. (Closes: #833420) [ Paul Gevers ] * Recommend default-mysql-server instead of MariaDB and MySQL -- Paul Gevers <email address hidden> Mon, 05 Sep 2016 21:10:12 +0200
Available diffs
- diff from 0.8.8h+ds1-4 to 0.8.8h+ds1-5 (1.4 KiB)
cacti (0.8.8h+ds1-4) unstable; urgency=medium * Improve autopkgtest situation and avoid failure when it is not needed -- Paul Gevers <email address hidden> Thu, 16 Jun 2016 22:11:20 +0200
Available diffs
Superseded in sid-release |
cacti (0.8.8h+ds1-3) unstable; urgency=medium * Save more log files during autopkgtesting * Add check on errors during testing (Closes: #825644) * Add javascript-common to Depends to ensure jquery is usable -- Paul Gevers <email address hidden> Fri, 10 Jun 2016 20:20:04 +0200
Available diffs
- diff from 0.8.8h+ds1-2 to 0.8.8h+ds1-3 (1.6 KiB)
cacti (0.8.8h+ds1-2) unstable; urgency=medium * Update make_cacti_sql_mode-strict_compatible.patch to also drop ONLY_FULL_GROUP_BY (Follow-up for LP: #1578144) * Lower versioned dependency on libphp-adodb to be Ubuntu compatible -- Paul Gevers <email address hidden> Thu, 02 Jun 2016 22:06:59 +0200
Available diffs
cacti (0.8.8h+ds1-1) unstable; urgency=medium * New upstream release - CVE-2016-3659 SQL Injection Vulnerability in graph_view.php (Closes: #820521) * Drop obsolete patches (applied upstream) * Update tests to depend on javascript-common * Don't test lighttpd for now * Drop jquery.js from the source (wasn't used anyways in Debian), so no need to document it in d/copyright * Add make_cacti_sql_mode-strict_compatible.patch to enable cacti to work with the default settings of MySQL 5.7 (LP: #1578144) -- Paul Gevers <email address hidden> Sat, 14 May 2016 22:26:35 +0200
cacti (0.8.8g+ds1-3) unstable; urgency=medium * Bump standards (no changes) * Fix noninteractive install failure * Reorder test Depends in the hope that MySQL|MariaDB-server get setup before cacti * Refresh all patches * Take over patch 11_1571432_mysqli.patch from Ubuntu (although not really needed anymore) to fix mysqli extension in the install script (LP: #1571432) -- Paul Gevers <email address hidden> Fri, 29 Apr 2016 14:08:05 +0200
cacti (0.8.8g+ds1-2) unstable; urgency=medium [ Paul Gevers ] * Next upstream version, strip include/js/jquery.js from source * Make sure the web-interface doesn't ask unnecessary questions after install (Closes: #783447) * Use the MySQL connection password as initial password for the admin user (Closes: #783446) and mention this in the NEWS.Debian file * Improve fix for CVE-2016-2313 such that it doesn't cause a regression for setups that rely on http authentication of users unknown to cacti. - Add improve_fix_for_CVE-2016-2313.patch * Full update of README.Debian * CVE-2016-3172 - Add CVE-2016-3172_sql-injection-in-tree.php.patch (Closes: #818647) * Update Brazilian Portuguese, thanks to Diego Neves (Closes: #816962) * Drop old code in postinst to (re)move old configuration files this is already fixed in jessie * Bump version for libphp-adodb as mysqli doesn't work otherwise * Add new php-xml & php-mbstring to Depends for php7.0 * Add add_rrdtool-1.5_to_utilities.php.patch to prevent error in utilities.php with rrdtool version 1.5 * Remove Mahyuddin from uploaders (thanks for the fish) [ Nishanth Aravamudan ] * Update to PHP7.0 dependencies (LP: #1544352) * Default to mysqli driver for database connection, as the mysql driver has been removed in PHP7.0 (LP: #1544352) (Closes: #815987) -- Paul Gevers <email address hidden> Sun, 17 Apr 2016 19:55:43 +0200
Published in wheezy-release |
cacti (0.8.8a+dfsg-5+deb7u8) wheezy-security; urgency=high * CVE-2015-8377: Fix SQL Injection vulnerability in graphs_new.php * CVE-2015-8604: Fix SQL Injection vulnerability in graphs_new.php -- Paul Gevers <email address hidden> Tue, 23 Feb 2016 21:41:22 +0100
Superseded in jessie-release |
cacti (0.8.8b+dfsg-8+deb8u4) jessie-security; urgency=high * CVE-2015-8377: Fix SQL Injection vulnerability in graphs_new.php * CVE-2015-8604: Fix SQL Injection vulnerability in graphs_new.php -- Paul Gevers <email address hidden> Tue, 23 Feb 2016 21:30:13 +0100
cacti (0.8.8g+ds1-1) unstable; urgency=medium * New upstream release - CVE-2016-2313 (closes: #814353) - Drop included patches * Update d/copyright with new years * Enable installation on MariaDB by forcing the collation to latin1 * Add mariadb-server to list of recommends * Update Vcs-* fields to https -- Paul Gevers <email address hidden> Fri, 26 Feb 2016 13:50:34 +0100
Superseded in jessie-release |
cacti (0.8.8b+dfsg-8+deb8u3) jessie-security; urgency=high * Add upstream patch to fix (Closes: #807599) - CVE-2015-8369 SQL Injection vulnerability in graph.php -- Paul Gevers <email address hidden> Sat, 12 Dec 2015 21:08:55 +0100
cacti (0.8.8f+ds1-4) unstable; urgency=medium * CVE-2015-8377: Fix SQL Injection vulnerability in graphs_new.php * CVE-2015-8604: Fix SQL Injection vulnerability in graphs_new.php * Depend on dbconfig-mysql or dbconfig-no-thanks instead of dbconfig-common and mysql-client * Bump compat level to 9 * Drop useless CFLAGS declaration in d/rules * Drop cacti.sql_drop_tables_to_begin.patch as dbconfig-common now does that. * Add dependency on libjs-jquery now that version is high enough and update use_debian_javascript_packages.patch to use it. -- Paul Gevers <email address hidden> Sat, 09 Jan 2016 13:16:04 +0100
Available diffs
- diff from 0.8.8f+ds1-3 to 0.8.8f+ds1-4 (3.3 KiB)
cacti (0.8.8f+ds1-3) unstable; urgency=high * Add upstream patch to fix - CVE-2015-8369 SQL Injection vulnerability in graph.php -- Paul Gevers <email address hidden> Sat, 12 Dec 2015 14:03:40 +0100
Available diffs
- diff from 0.8.8f+ds1-2 to 0.8.8f+ds1-3 (3.4 KiB)
Superseded in wheezy-release |
cacti (0.8.8a+dfsg-5+deb7u6) wheezy-security; urgency=high * Security update - CVE-2015-4634 SQL injection in graphs.php - Multiple other SQL injection vulnerabilities -- Paul Gevers <email address hidden> Sun, 19 Jul 2015 21:57:27 +0200
Superseded in jessie-release |
cacti (0.8.8b+dfsg-8+deb8u2) jessie-security; urgency=high * Security update - CVE-2015-4634 SQL injection in graphs.php - Multiple other SQL injection vulnerabilities -- Paul Gevers <email address hidden> Sun, 19 Jul 2015 21:57:27 +0200
cacti (0.8.8f+ds1-2) unstable; urgency=medium * Update loadavg_multi_locale_friendly.patch (Closes: #793401) * Add missing manual.css (Closes: #783416) * Fix d/rules override_dh_*configure target (Wasn't ever run, althought that wasn't too bad until now) -- Paul Gevers <email address hidden> Mon, 03 Aug 2015 19:58:53 +0200
Available diffs
- diff from 0.8.8f+ds1-1 to 0.8.8f+ds1-2 (2.7 KiB)
cacti (0.8.8f+ds1-1) unstable; urgency=medium * New upstream release fixing some regressions in 0.8.8e -- Paul Gevers <email address hidden> Tue, 21 Jul 2015 21:59:40 +0200
Available diffs
- diff from 0.8.8e+ds1-1 to 0.8.8f+ds1-1 (2.5 KiB)
cacti (0.8.8e+ds1-1) unstable; urgency=high * Imported Upstream version 0.8.8e - CVE-2015-4634 multiple SQL Injection vulnerabilities * Add new jquery scripts to Files-Exculded * Refresh patches -- Paul Gevers <email address hidden> Wed, 15 Jul 2015 19:47:00 +0200
Available diffs
- diff from 0.8.8d+ds1-1 to 0.8.8e+ds1-1 (16.4 KiB)
cacti (0.8.8d+ds1-1) unstable; urgency=high * Upload to unstable * New upstream release - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. - CVE-2015-4342 SQL Injection and Location header injection from cdef id - CVE-2015-4454 SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php. - Unassigned CVE VN:JVN#78187936 / TN:JPCERT#98968540 Fixed SQL injection * Remove Sean from the list of uploaders. Thanks for all the fish (Closes: #773436) * Fix d/p/07_cli-include-path.patch (LP: #1433665) * Update debian/patches/fix_php_strict_warning_in_ping.patch for partial upstream fix * Include the virtual alternative for the recommends on mysql-server (Closes: #781982) * Upstream dropped unused javascripts, remove them from d/copyright * Add patch to have upgrade script mention version 0.8.8d i.s.o. 0.8.8c -- Paul Gevers <email address hidden> Mon, 22 Jun 2015 19:59:13 +0200
Available diffs
- diff from 0.8.8b+dfsg-8 to 0.8.8d+ds1-1 (538.3 KiB)
Deleted in experimental-release (Reason: None provided.) |
cacti (0.8.8c+ds1-1) experimental; urgency=medium * New upstream release * Strip several parts from the upstream source - convenience copies (javascript and adodb) that have a corresponding package in Debian - other unused javascript files (some lacking source) - font files without source * Drop patches now applied upstream * Upstream now has a DFSG treeview, drop Debian patches * Drop recommends on jquery (too old for this treeview, use convenience copy in source) * Add patch to use system versions of javascripts * Update d/copyright * Update standards to 3.9.6 (no changes) * Update d/watch, d/rules and d/copyright to download and strip source -- Paul Gevers <email address hidden> Mon, 08 Dec 2014 21:28:05 +0100
Superseded in wheezy-release |
cacti (0.8.8a+dfsg-5+deb7u4) wheezy-security; urgency=high * Fix regression caused by fixing CVE-2014-4002 at least plugin autom8 was unusable (Closes: #755032) * Security update - CVE-2014-5025 Cross Site Scripting Vulnerability - CVE-2014-5026 Cross Site Scripting Vulnerability - CVE-2014-5043 Cross Site Scripting Vulnerability - CVE-2014-5261 Remote Code Execution - CVE-2014-5262 SQL injection -- Paul Gevers <email address hidden> Mon, 18 Aug 2014 20:29:12 +0200
cacti (0.8.8b+dfsg-8) unstable; urgency=high * CVE-2014-5261 Unsufficient input sanitation leads to shell command injection possibilities * CVE-2014-5262 Incomplete and incorrect input parsing leads to SQL injection attack scenarios * Fix for CVE-2014-5043 was incomplete, improve patch * Change CVE-2014-4002 patch to include upstream updated commits -- Paul Gevers <email address hidden> Mon, 18 Aug 2014 19:57:43 +0200
Available diffs
- diff from 0.8.8b+dfsg-7 to 0.8.8b+dfsg-8 (2.2 KiB)
cacti (0.8.8b+dfsg-7) unstable; urgency=medium * Fix regression caused by fixing CVE-2014-4002 at least plugin autom8 was unusable (Closes: #755032) * Security update - CVE-2014-5025 Cross Site Scripting Vulnerability - CVE-2014-5026 Cross Site Scripting Vulnerability - CVE-2014-5043 Cross Site Scripting Vulnerability -- Paul Gevers <email address hidden> Thu, 24 Jul 2014 21:56:48 +0200
Available diffs
- diff from 0.8.8b+dfsg-6 to 0.8.8b+dfsg-7 (2.7 KiB)
Superseded in wheezy-release |
cacti (0.8.8a+dfsg-5+deb7u3) wheezy-security; urgency=high * Security upload (Closes: #742768, #743565, #752573) - CVE-2014-2326 Cross-site scripting (XSS) vulnerability - CVE-2014-2327 Cross Site Request Forgery Vulnerability - CVE-2014-2328 Unspecified Remote Command Execution Vulnerability - CVE-2014-2708 SQL injection - CVE-2014-2709 Unspecified Remote Command Execution Vulnerability - CVE-2014-4002 Cross-Site Scripting Vulnerability -- Paul Gevers <email address hidden> Thu, 26 Jun 2014 21:01:50 +0200
cacti (0.8.8b+dfsg-6) unstable; urgency=high * Add alternative php5-mysql | php5-mysqlnd (Closes: #744067) * Security update (Closes: #742768, #752573) - CVE-2014-2327 Cross Site Request Forgery Vulnerability - CVE-2014-4002 Cross-Site Scripting Vulnerability -- Paul Gevers <email address hidden> Wed, 25 Jun 2014 22:33:53 +0200
Available diffs
- diff from 0.8.8b+dfsg-5 to 0.8.8b+dfsg-6 (9.3 KiB)
cacti (0.8.8b+dfsg-5) unstable; urgency=high * Fix postinst for lighttpd setups which fail on update due to lighty-enable-mod exiting with non-zero if config is already loaded (Closes: 743727) -- Paul Gevers <email address hidden> Sun, 06 Apr 2014 19:59:12 +0200
Available diffs
- diff from 0.8.8b+dfsg-3 to 0.8.8b+dfsg-5 (3.3 KiB)
Superseded in sid-release |
cacti (0.8.8b+dfsg-4) unstable; urgency=high * Security update (Closes: 743565) - CVE-2014-2326 Cross-site scripting (XSS) vulnerability - CVE-2014-2328 Unspecified Remote Command Execution Vulnerability - CVE-2014-2708 SQL injection - CVE-2014-2709 Unspecified Remote Command Execution Vulnerability * Bump standards (no changes needed) * Fix VCS-Browser field * Fix license paragraph of jstree (Thanks lintian) -- Paul Gevers <email address hidden> Sat, 05 Apr 2014 13:03:22 +0200
Published in squeeze-release |
cacti (0.8.7g-1+squeeze3) squeeze-security; urgency=high * Security upload * Fix Cross site scripting in host.php and install/index.php (upstream bug 2383) CVE-2013-5588 * Fix SQL injection in host.php (upstream bug 2383) CVE-2013-5589 -- Paul Gevers <email address hidden> Wed, 28 Aug 2013 20:52:20 +0200
Superseded in wheezy-release |
cacti (0.8.8a+dfsg-5+deb7u2) wheezy-security; urgency=high * Security upload * Fix Cross site scripting in host.php and install/index.php (upstream bug 2383) CVE-2013-5588 * Fix SQL injection in host.php (upstream bug 2383) CVE-2013-5589 -- Paul Gevers <email address hidden> Wed, 28 Aug 2013 21:12:50 +0200
cacti (0.8.8b+dfsg-3) unstable; urgency=low * Fix Cross site scripting (upstream bug 2383) CVE-2013-5588 * Fix SQL injection in host.php (upstream bug 2383) CVE-2013-5589 * Fix upgrade script in cli directory for latest releases * Automatically upgrade database during package update (prevents upstream bug 2377) * The code to enable lighttpd configuration from LP: #1132415 was broken -- Paul Gevers <email address hidden> Tue, 27 Aug 2013 20:43:21 +0200
Available diffs
- diff from 0.8.8b+dfsg-2 to 0.8.8b+dfsg-3 (3.3 KiB)
cacti (0.8.8b+dfsg-2) unstable; urgency=low * CVE-2013-1435 fix cause a regression in the handling of empty COMMENT lines in the rrd legend. Fixed by upstream: fix_COMMENT_in_graph_regression_from_CVE-2013-1435.patch (Closes: #719156) * Update jquery stylesheet to provide the cacti background color -- Paul Gevers <email address hidden> Fri, 09 Aug 2013 22:34:26 +0200
Available diffs
- diff from 0.8.8a+dfsg-7 to 0.8.8b+dfsg-2 (26.3 KiB)
Superseded in sid-release |
cacti (0.8.8b+dfsg-1) unstable; urgency=low * New upstream release - Fixes SQL or command line injection via snmp settings or graph creation or edition that allows privileged users to execute arbitrary SQL commands or command line commands. CVE-2013-1434 and CVE-2013-1435 - poller_cache_rebuild_on_install.patch included * Add d/rules get-orig-source target and accompanying script * Update japanese translation, thank victory (Closes: #717203) * Update vcs-* fields (thanks lintian) * Update standards (no changes needed) * Update years and my address in d/copyright * Allow any php5 SAPI provider to satify cacti dependency, thanks Ondřej Surý (php5 maintainer). Thus reverting the solution to bug #654843 as the original report was not a bug but a reporter mistake. libapache2-mod-fcgid does not provide php5 SAPI. -- Paul Gevers <email address hidden> Wed, 07 Aug 2013 20:46:58 +0200
cacti (0.8.8a+dfsg-7) unstable; urgency=low * Fix typo in cacti.postrm which prevented proper purging (Closes: #707010) * Update use_jquery_for_debian.patch to not load jquery-cookie if it is not installed on the system (Closes: #708001) -- Paul Gevers <email address hidden> Sat, 18 May 2013 12:14:02 +0200
Available diffs
- diff from 0.8.8a+dfsg-6 to 0.8.8a+dfsg-7 (1.4 KiB)
cacti (0.8.8a+dfsg-6) unstable; urgency=low * Improve maintenance scripts - Prepare cacti configuration for Apache2.4 according to http://wiki.debian.org/Apache/PackagingFor24 - Improve cacti.config to fix dpkg-reconfigure behavior for httpd's. - Restart lighttpd if needed (LP: #1132415) - Remove obsolete (Sarge) preinst code * Fix the lighttpd config template for absolute path (see LP: #1132415) * Lintian triggered improvements: - Update watch file for +dfsg in the version - Add dependency on mysql-client (next to virtual-mysql-client) * Bug fixes: - Add patch loadavg_multi_locale_friendly.patch to allow uptime script to work independent of the local locale (Closes: #704057) - Add patch fix_php_strict_warning_in_ping.patch to fix php 5.4 warnings (Closes: #694159) - Add patch poller_cache_rebuild_on_install.patch to start filling the auto-generated graphs upon installation (Upstream: 2229) * Move configuration files away from /usr/share/doc/cacti (policy 12.3) * Remove obsolete RM-Upload-Allowed from d/control * Revisited README.Debian -- Paul Gevers <email address hidden> Sun, 05 May 2013 16:41:13 +0200
Available diffs
- diff from 0.8.8a+dfsg-5 to 0.8.8a+dfsg-6 (10.9 KiB)
cacti (0.8.8a+dfsg-5) unstable; urgency=low * Update debian/NEWS.Debian to explain the recommended packages for the tree, which seem to be not installed by default upon upgrade, and make sure it is actually installed. -- Paul Gevers <email address hidden> Thu, 11 Apr 2013 19:57:35 +0200
Available diffs
- diff from 0.8.8a+dfsg-4 to 0.8.8a+dfsg-5 (814 bytes)
Superseded in sid-release |
cacti (0.8.8a+dfsg-4) unstable; urgency=low * Improve jquery tree patch to show trees multilevel (Closes: #702690) -- Paul Gevers <email address hidden> Mon, 01 Apr 2013 08:03:11 +0200
Available diffs
- diff from 0.8.8a+dfsg-3 to 0.8.8a+dfsg-4 (5.3 KiB)
cacti (0.8.8a+dfsg-3) unstable; urgency=low * Fixed typo in recommends libjs-jquery* i.s.o. libjs-query (Closes: #700999) -- Paul Gevers <email address hidden> Tue, 19 Feb 2013 20:33:20 +0100
Available diffs
- diff from 0.8.8a+dfsg-2 to 0.8.8a+dfsg-3 (544 bytes)
cacti (0.8.8a+dfsg-2) unstable; urgency=low * Upload to unstable after acknowledge by the RT, see #694850. -- Paul Gevers <email address hidden> Tue, 29 Jan 2013 20:41:05 +0100
Available diffs
- diff from 0.8.8a+dfsg-1 to 0.8.8a+dfsg-2 (379 bytes)
Deleted in experimental-release (Reason: None provided.) |
cacti (0.8.8a+dfsg-1) experimental; urgency=low * Removed non-dfsg-free treeview code from the upstream source (Closes: #679980) * Add jquery.jstree.js and four jstree theme files to the package to replace the treeview functionality * Update d/copyright to reflect above changes * Add patches to use the jstree code - replace_treeview_by_jquery.jstree.patch - use_jquery_for_debian.patch * Add libjs-jquery and libjs-jquery-cookie to recommends as they are needed by jstree. * Remove the logic to install plugins in /usr/local/share/cacti/plugins as the implementation of chdir in php resolves symlinks (Closes: #681558). - Update README.Debian and add NEWS.Debian and README.Plugins - Update d/cacti.links and d/cacti.install * Update my e-mail address to <email address hidden> -- Paul Gevers <email address hidden> Mon, 10 Dec 2012 22:48:48 +0100
Available diffs
- diff from 0.8.8a-3 to 0.8.8a+dfsg-1 (59.3 KiB)
cacti (0.8.8a-3) unstable; urgency=low * Update postrm with new debconf answers (Closes: #673764) -- Paul Gevers <email address hidden> Mon, 21 May 2012 20:22:18 +0200
Available diffs
- diff from 0.8.8a-2 to 0.8.8a-3 (510 bytes)
cacti (0.8.8a-2) unstable; urgency=low * Use ts to timestamp poller errors in cron when available and add moreutils to suggests. * Add suhosin.memory_limit to cron and poller (Closes: #566609) * Add dependency on ${perl:Depends} as the dependency on perl was missing * Use a template based on config.php for debian.php creation to include non-database options and get rid of 01_config.php.patch by creating link to debian.php instead. Update two dependent patches. * Add different sub folders to local resource in d/dirs * Add cacti.sql_ensure_cron_works.patch to prevent failure of crontab after install as the paths to rrdtool and php are not set. * Add cacti.sql_drop_tables_to_begin.patch patch to work around bug 665742 where dbconfig-common does not drop the tables during reconfigure so we have to do it on population of the database to prevent errors. * Update d/copyright to include proper license info for jscalendar and treeview (this last one needs action). Also update Cacti's license as it has been GPL-2+ all along. * Readded debconf question option for lighttpd lost in commit 98fed9b while preventing the need to call for new translations. Use lower-case apache2 and lighttpd as package names at the same time. * Update 08_563955_local_data_id.patch with upstream bug number * Improve rra removal on purge (one higher level directory) in postrm -- Paul Gevers <email address hidden> Sat, 19 May 2012 07:56:04 +0200
Available diffs
cacti (0.8.8a-1) unstable; urgency=low * New upstream release. - Now includes plugin architecture (Closes: #406766) - Don't use define_syslog_variables() (Closes: #668261) - Allow external auth behind proxy (Closes: #660853) * Update patches, remove last two now applied upstream * Update d/watch to prevent selection of PIA tar ball * Repaired old entries in d/changelog where non-ascii characters got mangled * Remove d/s/local-options as they are for, well, local options * Make link to cacti.sql instead of copying data again * Remove unnecessary directories from dirs as they are generated as needed * Clean up of debian rules for short-hand dh - Moved permission and ownership fixes to override_dh_fixperms - Use 644 and 755 instead of 640 and 750 as per policy (except for rra) - Remove lib/adodb on clean (instead of build) - Use debian/cacti.install to define which files to install where * d/post(rm|inst) now also (un)registers with ufcr and clean-up of long obsolete /etc/cacti/default-poller * Append error output of poller to poller-error.log i.s.o overwriting (Closes: #669339) and make sure the ownership/permissions are right * Update README.Debian with info about plugin architecture -- Paul Gevers <email address hidden> Tue, 01 May 2012 09:57:18 +0200
cacti (0.8.7i-3) unstable; urgency=low [ Mahyuddin Susanto ] * debian/patches/01_config.php.patch: refreshed to fix error on upgrade because /etc/cacti/debian.php has been rewrite during installation. (Closes: #654352), Thanks to Michael Reincke. * debian/control: Move apache to recommends to allow other web-server to be installed. (Closes: #654843) * debian/cacti.templates: Updated debconf template and package description, suggested by debian-l10n-english. (Closes: #653897) * Update debconf translations: - Spanish by Javier Fernández-Sanguino Peña (Closes: #656405) - French by Christian Perrier (Closes: #657280) - Polish by Michał Kułach. (Closes: #657294) - Danish by Joe Hansen. (Closes: #657339) - Dutch by Jeroen Schot. (Closes: #657468) - Swedish by Martin Bagge. (Closes: #657546) - Indonesian by Mahyuddin Susanto. (Closes: #657609) - Russian by Yuri Kozlov. (Closes: #657705) [ Sean Finney ] * Remove lighttpd.conf at postrm purge time * Add Paul Gevers to Uploaders field [ Paul Gevers ] * More updated debconf translations, thanks to Christian Perrier. - German (Chris Leick). (Closes: #658396) - Czech (Miroslav Kure). (Closes: #658752) - Portuguese (Rui Branco). (Closes: #659167) - Italian (Beatrice Torracca). (Closes: #659401) - Basque (Iñaki Larrañaga Murgoitio). (Closes: #660641) * Bump Standard-Version to 3.9.3 (no changes). * session_unregister was removed in php 5.4, add patch 11_remove_deprecated_session_unregister (Closes: #665280) * Update d/rules to fix changed output from /usr/bin/file for PHP executable files (Closes: #665243) -- Paul Gevers <email address hidden> Thu, 29 Mar 2012 20:55:17 +0200
Published in lenny-release |
cacti (0.8.7b-2.1+lenny5) oldstable; urgency=low * lib/snmp.php: Add $max_oids parameter to snmp_walk Closes: #656613 -- Luk Claes <email address hidden> Sat, 21 Jan 2012 23:41:35 +0100
Superseded in squeeze-release |
cacti (0.8.7g-1+squeeze1) stable-security; urgency=high * Team upload. * [SECURITY] Fixes SQL injection vulnerability in auth_login.php that allows remote attackers to execute arbitrary SQL commands via the login_username parameter. (Closes: #652371) - debian/patches/CVE-2011-4824.patch - CVE-2011-4824 -- Mahyuddin Susanto <email address hidden> Thu, 29 Dec 2011 16:34:51 +0700
cacti (0.8.7i-2) unstable; urgency=low * Cherry-pick upstream patches - debian/patches/10_settings_checkbox.patch * debian/patches/05_no-adodb.patch: Updates, add semicolon at line 190. (Closes: #653863) * Updated last changelog to mention security bug. -- Mahyuddin Susanto <email address hidden> Mon, 02 Jan 2012 14:11:15 +0700
Available diffs
- diff from 0.8.7g-2.1 to 0.8.7i-2 (150.1 KiB)
cacti (0.8.7i-1) unstable; urgency=low * New upstream release. (Closes: #642971) - Fix Ping query. (Closes: #616320, #561488) * debian/control: - Bump Standard-Version to 3.9.2, no source changes. - Change Maintainer to pkg-cacti. (Closes: #613857) - Add Sean and myself as uploaders. - Change Vcs-* to pkg-cacti. * debian/copyright: Rewriting as per dep5 format. * debian/source: Added to mentioning quilt patch system. * debian/README.source: Deleted, not needed anymore * debian/patches/09_use-utf8.patch: Use UTF-8 while creating database and producing RRD, Thanks to Slavko <email address hidden>. (Closes: #604395) * Refreshed pathces: - debian/patches/01_config.php.patch - debian/patches/05_no-adodb.patch - debian/patches/06_config_settings.php_cactid_path.patch - debian/patches/07_cli-include-path.patch (Closes: #604396) - debian/patches/08_563955_local_data_id.patch (Closes: #563955) * Drop patches apllied upstream: - 606062_ping.pl.patch - data_source_deactivate.patch - graph_list_view.patch - html_output.patch - ldap_group_authenication.patch - ping.patch - poller_interval.patch - script_server_command_line_parse.patch * Add Lighttpd support: - debian/docs: updated - debian/cacti.lighttpd.conf: added - debian/cacti.{postinst|postrm|templates}: updated -- Mahyuddin Susanto <email address hidden> Fri, 30 Dec 2011 16:47:42 +0700
cacti (0.8.7g-2.1) unstable; urgency=low * Non-maintainer upload. * Fix pending l10n issues. Debconf translations: - French (Christian Perrier). Closes: #614903 - German (Chris Leick). Closes: #619663 - Russian (Yuri Kozlov). Closes: #623795 - Indonesian (Mahyuddin Susanto). Closes: #623886 - Japanese (Hideki Yamane). Closes: #624821 - Danish (Joe Hansen). Closes: #625482 - Dutch; (Luk Claes). Closes: #625529 - Spanish; (Francisco Javier Cuadrado). Closes: #627032 - Swedish (Martin Bagge / brother). Closes: #628928 - Czech (Miroslav Kure). Closes: #631596 - Basque (Ander Goñi). Closes: #631900 - Portuguese (Rui Branco). Closes: #631982 -- Christian Perrier <email address hidden> Wed, 29 Jun 2011 06:57:56 +0200
Available diffs
- diff from 0.8.7g-2 to 0.8.7g-2.1 (11.4 KiB)
cacti (0.8.7g-2) unstable; urgency=low * import 2 new "official" upstream patches * Cherry-pick upstream fix for ping output parsing (Closes: #606062). * Lintian: - Update Standards-Version to 3.9.1 (no changes necessary) - Bump versioned Build-Dep on debhelper to >= 5 - Update config and postrm maintainer scripts to run with set -e - Remove un-needed chmodding of php files in debian/rules - Ensure the non-php files in the scripts dir are executable - Update debconf template description to remove question from text. - Selectively fix executable permissions on some files in the cli dir - Include a README.source mentioning quilt * Update debconf choices and default value for webserver configuration * Update all debian/po files after changing debconf template -- Sean Finney <email address hidden> Sun, 20 Feb 2011 15:33:58 +0100
cacti (0.8.7g-1) unstable; urgency=low * New upstream release (Closes: #592465). * Update context in 05_no-adodb.patch to remove fuzz. * Remove "official" patches from previous release. * Remove 563955_undefined_index_local_data_id.patch, incorporated upstream. * Remove CVE-2010-2092.patch, incorporated upstream. * Import new batch of "official" upstream patches. * Update apache configuration to work in FastCGI deployments (Closes: #593203). - thanks to Thijs Kinkhorst <email address hidden> (Closes: #578909). -- Sean Finney <email address hidden> Tue, 17 Aug 2010 22:22:02 +0200
Superseded in lenny-release |
cacti (0.8.7b-2.1+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix unauthenticated sql injection vulnerability due to validating $_REQUEST rather than $_GET (CVE-2010-2092; Closes: #582691). -- Nico Golde <email address hidden> Thu, 10 Jun 2010 17:08:56 +0000
cacti (0.8.7e-4) unstable; urgency=high * Forward-port fix for CVE-2010-2092 from stable package (Closes: #582691) -- Sean Finney <email address hidden> Fri, 11 Jun 2010 21:08:02 +0000
cacti (0.8.7e-3) unstable; urgency=high * Import upstream fix for SQL injection vulnerability (no CVE assigned yet) - thanks to Thijs Kinkhorst <email address hidden> (Closes: #578909). -- Sean Finney <email address hidden> Sat, 24 Apr 2010 17:54:20 +0200
Superseded in lenny-release |
cacti (0.8.7b-2.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the securiy team * Fix several cross-site scriptings via different vectors Fixes: CVE-2009-4032 -- Steffen Joeris <email address hidden> Wed, 16 Dec 2009 11:33:16 +0100
cacti (0.8.7e-2) unstable; urgency=low * Import 2 new "official" patches from upstream * Italian debconf translation - thanks to Alessandro De Zorzi <email address hidden> (Closes: #548447) * Fix for "Undefined index: local_data_id in graphs_new.php" - new debian patch 563955_undefined_index_local_data_id.patch - thanks to Teodor MICU <email address hidden> (Closes: #563955) * Fix for "must not RE-add /etc/apache2/conf.d/cacti.conf link on upgrade" - thanks to Patrick Schoenfeld <email address hidden> (Closes: #561477) * Bump debhelper compatibility level to 5 -- Sean Finney <email address hidden> Sun, 24 Jan 2010 21:39:46 +0100
cacti (0.8.7e-1.1) unstable; urgency=high * Non-maintainer upload by the security team * Fix several cross-site scriptings via different vectors Fixes: CVE-2009-4032 -- Steffen Joeris <email address hidden> Wed, 16 Dec 2009 12:06:20 +0100
cacti (0.8.7e-1) unstable; urgency=low * New upstream release (Closes: #541490). [ Sean Finney ] * fix path to global.php in cli scripts (Closes: #525024). - thanks to Jean-François Masure <email address hidden> * add a watch file to track upstream updates (Closes: #527066). - thanks to Laurent Bigonville <email address hidden> * downgrade Depends on logrotate to a Recommends (Closes: #526997). - thanks to Russ Allbery <email address hidden> * updates to (eu,ru,ja) debconf translations - eu: Piarres Beobide <email address hidden> (Closes: #535636). - ru: Yuri Kozlov <email address hidden> (Closes: #535820). - ja: Hideki Yamane (Debian-JP) <email address hidden> (Closes: #546229). [ Sander Klein ] * Change location of docs/text to docs/txt * Removed 'Official' patches for 0.8.7d since they are not needed anymore * Import 'Official' patches for 0.8.7e * Make cli-include-path.patch apply * use ':' with chown instead of deprecated '.' * suggested spelling/grammar changes from lintian for ./debian/control -- Sean Finney <email address hidden> Mon, 14 Sep 2009 23:42:32 +0200
cacti (0.8.7d-1) unstable; urgency=low * Imported Upstream version 0.8.7d * update/massage/remove patches for new upstream release * import new "official" patches for 0.8.7d * remove obsolete dependencies on php4 packages (Closes: #514342) * update default apache config php options (Closes: #459594) * add Homepage field to control file (Closes: #494811) * add Suggests: php5-ldap for ldap authentication (Closes: #496854) - thanks to Paul Nijjar <email address hidden> * call ucf with --debconf-ok in postinst * copy cli directory to /usr/share/cacti (Closes: #483556) * add gbp.conf for git-buildpackage and friends -- Sean Finney <email address hidden> Sun, 29 Mar 2009 17:51:10 +0200
cacti (0.8.7b-2.1) unstable; urgency=low * Non-maintainer upload to fix pending l10n issues. * Debconf translations: - Basque. Closes: #479538 - Turkish. Closes: #491497 - Finnish. Closes: #492395 - Russian. Closes: #492550 - Galician. Closes: #493306 - Japanese. Closes: #493346 * [Lintian] Properly spell MySQL in package description * [Lintian] Wrap the debian/copyright file to 80 characters -- Christian Perrier <email address hidden> Fri, 18 Jul 2008 19:28:34 +0200
76 → 144 of 144 results | First • Previous • Next • Last |