Ubuntu
cacti package

cacti 1.2.9+ds1-1ubuntu1 source package in Ubuntu

Changelog

cacti (1.2.9+ds1-1ubuntu1) focal; urgency=medium

  * Merge with Debian unstable (LP: #1863739). Remaining changes:
    - General installing instructions update for NO_AUTO_CREATE_USER.
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
  * Dropped changes [upstream]:
    - MySQL 8 change needs: NO_AUTO_CREATE_USER and grouping keyword.
  * Dropped changes [debian]:
    - Replace php-php-gettext dependency in order to fix translations
      (LP #1844070)

cacti (1.2.9+ds1-1) unstable; urgency=medium

  * New upstream version 1.2.9+ds1
    CVE-2020-7106 Remote Code Execution (by privileged users) via shell
    metacharacters in the Performance Boost Debug Log field of
    poller_automation.php. (Closes: #949996)
    CVE-2020-7237 Stored XSS in data_sources.php,
    color_templates_item.php, graphs.php, graph_items.php,
    lib/api_automation.php, user_admin.php, and user_group_admin.php, as
    demonstrated by the description parameter in data_sources.php (Closes:
    #949997)

cacti (1.2.8+ds1-1) unstable; urgency=medium

  * New upstream version 1.2.8+ds1
    CVE-2019-17357 When viewing graphs, some input variables are not
    properly checked (SQL injection possible) (Closes: #947374)
    CVE-2019-17358 When deserializating data, ensure basic sanitization
    has been performed (Closes: #947375)

cacti (1.2.7+ds1-1) unstable; urgency=medium

  * New upstream version 1.2.7+ds1
    CVE-2019-16723 Security issue allows to view all graphs (Closes:
    #941036)
  * Refresh and drop patches to match upstream

cacti (1.2.6+ds1-3) unstable; urgency=medium

  * Add 0001-Resolving-Issue-2984.patch to fix CI error

cacti (1.2.6+ds1-2) unstable; urgency=medium

  [ Paul Gevers]
  * Fix autopkgtest regression with 0001-Resolving-Issue-2899.patch from
    upstream
  * Apache skipped the php section in apache.conf since PHP 7 (Closes:
    #934898)
  * Translations were broken since 1.2.4+ds1-1. Import upstream solution
    enabling the use of php-phpmyadmin-motranslator.

  [ Rafael David Tinoco ]
  * Prepare sql commands for MySQL 8 (See: #933683)

 -- Rafael David Tinoco <email address hidden>  Tue, 18 Feb 2020 13:28:26 +0000

Upload details

Uploaded by:
Rafael David Tinoco
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
cacti_1.2.9+ds1.orig-docs-source.tar.gz 12.9 MiB 054c00f8453f2b836fdf165e25f4ce66705c0aa075084b570c3f707a622bcb83
cacti_1.2.9+ds1.orig.tar.gz 6.9 MiB 4e8147ed82939ce7b7a8d04a3ae7727aad5904ebe83591e69cf3352aea427db8
cacti_1.2.9+ds1-1ubuntu1.debian.tar.xz 53.5 KiB e8307f705ac1e57cfa8aee0d28a51e75ad19cfef00b26838be6cd6debe9eb4cc
cacti_1.2.9+ds1-1ubuntu1.dsc 2.5 KiB 040cde5c8a9444f517a22ad3c445e8e71b4a793ec2dcfca01c2102c9506037aa

View changes file

Binary packages built by this source

cacti: web interface for graphing of monitoring systems

 Cacti is a complete PHP-driven front-end for RRDTool. It stores all of
 the necessary data source information to create graphs, handles the data
 gathering, and populates the MySQL database with round-robin archives.
 It also includes SNMP support for those used to creating traffic graphs
 with MRTG.
 .
 This package requires a functional MySQL database server on either the
 installation host or a remotely accessible system.