Changelog
cacti (1.1.27+ds1-3) unstable; urgency=medium
* CVE-2017-16641: remote authenticated administrators can execute
arbitrary os commands via the path_rrdtool parameter in an action=save
request to settings.php (Closes: #881110)
* CVE-2017-16660: remote authenticated administrators can conduct Remote
Code Execution attacks by placing the Log Path under the web root, and
then making a remote_agent.php request containing PHP code in a
Client-ip header
* CVE-2017-16661: remote authenticated administrators can read arbitrary
files accessible by the web-server user by placing the Log Path into a
private directory, and then making a clog.php?filename= request
* CVE-2017-16785: reflected XSS via the PATH_INFO to host.php
(reintroduction of CVE-2017-15194)
* Bump standards to 4.1.1
* Set Priority to optional
-- Paul Gevers <email address hidden> Tue, 14 Nov 2017 20:14:34 +0100