-
cacti (0.8.7e-2ubuntu0.3) lucid-proposed; urgency=low
* Fix regression in the CVE-2010-1645 update on error handling:
"PHP Fatal error: Cannot use string offset as an array in
/usr/share/cacti/site/lib/data_query.php on line 183" (LP: #914746)
- debian/patches/LP914746_regression_lucid_string_offset_in_data_query.patch
-- Paul Gevers <email address hidden> Wed, 18 Jul 2012 13:55:19 -0700
-
cacti (0.8.7e-2ubuntu0.2) lucid-security; urgency=low
* SECURITY UPDATE: FIX SQL injection in auth_login.php (LP: #906773)
- debian/patches/CVE-2011-4824.patch: patch derived from upstream.
- CVE-2011-4824
-- Mahyuddin Susanto <email address hidden> Tue, 20 Dec 2011 22:39:36 +0700
-
cacti (0.8.7e-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: Fix SQL injection vulnerability in templates_export.php
(LP: #599892)
- debian/patches/CVE-2010-1431.patch: patch derived from upstream patch
- CVE-2010-1431
* SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities
- debian/patches/CVE-2010-1644.patch: patch derived from upstream patch
- CVE-2010-1644
* SECURITY UPDATE: Fix arbitrary command execution vuln
- debian/patches/CVE-2010-1645.patch: patch derived from upstream patches
- CVE-2010-1645
* SECURITY UPDATE: Fix a SQL injection vulnerability in graph.php
- debian/patches/CVE-2010-2092.patch: patch derived from Debian patch
- CVE-2010-2092
- DSA-2060
* SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities
- debian/patches/CVE-2010-2543.patch: patch derived from upstream patches
- CVE-2010-2543
- CVE-2010-2544
- CVE-2010-2545
-- Brian Thomason <email address hidden> Mon, 24 Jan 2011 11:20:13 -0500
-
cacti (0.8.7e-2) unstable; urgency=low
* Import 2 new "official" patches from upstream
* Italian debconf translation
- thanks to Alessandro De Zorzi <email address hidden> (Closes: #548447)
* Fix for "Undefined index: local_data_id in graphs_new.php"
- new debian patch 563955_undefined_index_local_data_id.patch
- thanks to Teodor MICU <email address hidden> (Closes: #563955)
* Fix for "must not RE-add /etc/apache2/conf.d/cacti.conf link on upgrade"
- thanks to Patrick Schoenfeld <email address hidden> (Closes: #561477)
* Bump debhelper compatibility level to 5
-- Ubuntu Archive Auto-Sync <email address hidden> Thu, 04 Feb 2010 17:25:19 +0000
-
cacti (0.8.7e-1.1) unstable; urgency=high
* Non-maintainer upload by the security team
* Fix several cross-site scriptings via different vectors
Fixes: CVE-2009-4032
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 01 Jan 2010 10:08:39 +0000
-
cacti (0.8.7e-1) unstable; urgency=low
* New upstream release (Closes: #541490).
[ Sean Finney ]
* fix path to global.php in cli scripts (Closes: #525024).
- thanks to Jean-François Masure <email address hidden>
* add a watch file to track upstream updates (Closes: #527066).
- thanks to Laurent Bigonville <email address hidden>
* downgrade Depends on logrotate to a Recommends (Closes: #526997).
- thanks to Russ Allbery <email address hidden>
* updates to (eu,ru,ja) debconf translations
- eu: Piarres Beobide <email address hidden> (Closes: #535636).
- ru: Yuri Kozlov <email address hidden> (Closes: #535820).
- ja: Hideki Yamane (Debian-JP) <email address hidden> (Closes: #546229).
[ Sander Klein ]
* Change location of docs/text to docs/txt
* Removed 'Official' patches for 0.8.7d since they are not needed anymore
* Import 'Official' patches for 0.8.7e
* Make cli-include-path.patch apply
* use ':' with chown instead of deprecated '.'
* suggested spelling/grammar changes from lintian for ./debian/control
-- Ubuntu Archive Auto-Sync <email address hidden> Thu, 05 Nov 2009 05:53:36 +0000
-
cacti (0.8.7d-1) unstable; urgency=low
* Imported Upstream version 0.8.7d
* update/massage/remove patches for new upstream release
* import new "official" patches for 0.8.7d
* remove obsolete dependencies on php4 packages (Closes: #514342)
* update default apache config php options (Closes: #459594)
* add Homepage field to control file (Closes: #494811)
* add Suggests: php5-ldap for ldap authentication (Closes: #496854) -
thanks to Paul Nijjar <email address hidden>
* call ucf with --debconf-ok in postinst
* copy cli directory to /usr/share/cacti (Closes: #483556)
* add gbp.conf for git-buildpackage and friends
-- Laurent Bigonville <email address hidden> Wed, 06 May 2009 18:26:48 +0100
