Debian
cacti package

Change logs for cacti source package in Bullseye

Bullseye (11)
Change log

cacti (1.2.16+ds1-2+deb11u2) bullseye-security; urgency=high

  * Backport security patches from 1.2.25: CVE-2023-39357, CVE-2023-39359,
    CVE-2023-39361, CVE-2023-39362, CVE-2023-39364, CVE-2023-39365,
    CVE-2023-39513, CVE-2023-39515, CVE-2023-39516

 -- Paul Gevers <email address hidden>  Fri, 27 Oct 2023 22:31:19 +0200

cacti (1.2.16+ds1-2+deb11u1) bullseye-security; urgency=medium

  * Add 7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216.patch to fix CVE-2022-46169
    (Closes: #1025648)
  * Add two patches to fix CVE-2022-0730 (Closes: #1008693)
  * Update configuration template for CVE-2022-46169

 -- Paul Gevers <email address hidden>  Thu, 08 Dec 2022 09:50:14 +0100

cacti (1.2.16+ds1-2) unstable; urgency=medium

  * Add 0001-Fixing-Issue-4022.patch (Closes: #979998)
    - CVE-2020-35701: SQL injection via data_debug.php
  * Add 0001-Fixing-Issue-4019.patch
    There are a few places in the current code where an attacker, once
    having gained access to the Cacti database through a SQL injection,
    could modify data in tables to possibly expose an stored XSS bug in
    Cacti.

 -- Paul Gevers <email address hidden>  Sun, 17 Jan 2021 21:26:01 +0100

Debiancacti package

Change logs for cacti source package in Bullseye

Debian
cacti package