-
cacti (1.2.10+ds1-1ubuntu1) focal; urgency=medium
* Merge with Debian unstable. Remaining changes:
- General installing instructions update for NO_AUTO_CREATE_USER.
(refreshed when merging with debian 1.2.9+ds1-1)
- Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
(refreshed when merging with debian 1.2.9+ds1-1)
- d/p/fix-32bit-ip-conversion.patch: fix netmask generation on 32bit
architectures (LP #1865067)
* d/p/0001-PHP-7.4-Array-and-string-offset-access-syntax-with-c.patch
- Fix deprecated curly bracket style syntax
-- Bryce Harrington <email address hidden> Mon, 23 Mar 2020 22:08:43 +0000
-
cacti (1.2.9+ds1-1ubuntu2) focal; urgency=medium
* d/p/fix-32bit-ip-conversion.patch: fix netmask generation on 32bit
architectures (LP: #1865067)
-- Andreas Hasenack <email address hidden> Mon, 02 Mar 2020 14:52:15 -0300
-
cacti (1.2.9+ds1-1ubuntu1) focal; urgency=medium
* Merge with Debian unstable (LP: #1863739). Remaining changes:
- General installing instructions update for NO_AUTO_CREATE_USER.
- Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
* Dropped changes [upstream]:
- MySQL 8 change needs: NO_AUTO_CREATE_USER and grouping keyword.
* Dropped changes [debian]:
- Replace php-php-gettext dependency in order to fix translations
(LP #1844070)
cacti (1.2.9+ds1-1) unstable; urgency=medium
* New upstream version 1.2.9+ds1
CVE-2020-7106 Remote Code Execution (by privileged users) via shell
metacharacters in the Performance Boost Debug Log field of
poller_automation.php. (Closes: #949996)
CVE-2020-7237 Stored XSS in data_sources.php,
color_templates_item.php, graphs.php, graph_items.php,
lib/api_automation.php, user_admin.php, and user_group_admin.php, as
demonstrated by the description parameter in data_sources.php (Closes:
#949997)
cacti (1.2.8+ds1-1) unstable; urgency=medium
* New upstream version 1.2.8+ds1
CVE-2019-17357 When viewing graphs, some input variables are not
properly checked (SQL injection possible) (Closes: #947374)
CVE-2019-17358 When deserializating data, ensure basic sanitization
has been performed (Closes: #947375)
cacti (1.2.7+ds1-1) unstable; urgency=medium
* New upstream version 1.2.7+ds1
CVE-2019-16723 Security issue allows to view all graphs (Closes:
#941036)
* Refresh and drop patches to match upstream
cacti (1.2.6+ds1-3) unstable; urgency=medium
* Add 0001-Resolving-Issue-2984.patch to fix CI error
cacti (1.2.6+ds1-2) unstable; urgency=medium
[ Paul Gevers]
* Fix autopkgtest regression with 0001-Resolving-Issue-2899.patch from
upstream
* Apache skipped the php section in apache.conf since PHP 7 (Closes:
#934898)
* Translations were broken since 1.2.4+ds1-1. Import upstream solution
enabling the use of php-phpmyadmin-motranslator.
[ Rafael David Tinoco ]
* Prepare sql commands for MySQL 8 (See: #933683)
-- Rafael David Tinoco <email address hidden> Tue, 18 Feb 2020 13:28:26 +0000
-
cacti (1.2.4+ds1-2ubuntu3) eoan; urgency=medium
* Replace php-php-gettext dependency in order to fix translations
(LP: #1844070)
-- Graham Inggs <email address hidden> Thu, 19 Sep 2019 10:30:52 +0000