cacti 1.1.37+ds1-1 source package in Debian
Changelog
cacti (1.1.37+ds1-1) unstable; urgency=medium
* New upstream release 1.1.37
* CVE-2018-10059: (XSS) the get_current_page function in
lib/functions.php relies on $_SERVER['PHP_SELF'] instead of
$_SERVER['SCRIPT_NAME'] to determine a page name
* CVE-2018-10060: (XSS) does not properly reject unintended characters,
related to use of the sanitize_uri function in lib/functions.php
* CVE-2018-10061: (XSS) makes certain htmlspecialchars calls without the
ENT_QUOTES flag
-- Paul Gevers <email address hidden> Thu, 12 Apr 2018 17:43:13 +0200
Upload details
- Uploaded by:
- Cacti Maintainer
- Uploaded to:
- Sid
- Original maintainer:
- Cacti Maintainer
- Architectures:
- all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cacti_1.1.37+ds1-1.dsc | 2.1 KiB | 4f6d893245e2b3f5d8252e8d1a04a25681baacb9275dacd91a62e8a412f17332 |
| cacti_1.1.37+ds1.orig-docs-source.tar.xz | 65.0 KiB | 4e93415bb3e4d4cb126a8ea027378827214bf93e80e73f8718906a94acc7a318 |
| cacti_1.1.37+ds1.orig.tar.gz | 3.7 MiB | f882eeb856c72382e9f5add8725fc52a64ab72e6f3c6d1a8f607266c33ba7c01 |
| cacti_1.1.37+ds1-1.debian.tar.xz | 50.9 KiB | dc8e7a60eea78e1cb7472c7cb9727dac1323742a1f06c43b0ae5d529a6a72df7 |
Available diffs
- diff from 1.1.36+ds1-1 to 1.1.37+ds1-1 (347.0 KiB)
No changes file available.
