Hello community, here is the log from the commit of package cacti for openSUSE:Factory checked in at 2016-05-11 16:38:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cacti (Old) and /work/SRC/openSUSE:Factory/.cacti.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti" Changes: -------- --- /work/SRC/openSUSE:Factory/cacti/cacti.changes 2016-02-26 00:27:40.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.cacti.new/cacti.changes 2016-05-11 16:38:15.000000000 +0200 @@ -1,0 +2,16 @@ +Mon May 9 09:05:19 UTC 2016 - [email protected] + +- cacti 0.8.8h: + * Authentication using web authentication as a user not in the + cacti database allows complete access (regression) + * Cacti SQL Injection Vulnerability + (CVE-2016-3172) (boo#971357) + * When click the [Clear] button after clicking the [Refresh] + button in Preview Mode , fails to CSRFcheck + * Cacti graph_view.php SQL Injection Vulnerability + (CVE-2016-3659) (boo#974013) + * Outdated MIBs for non-unicast packets + * Index is a MySQL 5.6 reserved word + * generate_graph_def_name() generates reserved word "cf" + +------------------------------------------------------------------- Old: ---- cacti-0.8.8g.tar.gz New: ---- cacti-0.8.8h.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ --- /var/tmp/diff_new_pack.j5uE02/_old 2016-05-11 16:38:17.000000000 +0200 +++ /var/tmp/diff_new_pack.j5uE02/_new 2016-05-11 16:38:17.000000000 +0200 @@ -17,7 +17,7 @@ Name: cacti -Version: 0.8.8g +Version: 0.8.8h Release: 0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0+
