Date: Friday, May 14, 2021 @ 18:07:19 Author: dvzrv Revision: 934290 upgpkg: cacti 1.2.17-1: Upgrade to 1.2.17.
Remove now included patch for CVE-2020-35701. Modified: cacti/trunk/PKGBUILD Deleted: cacti/trunk/cacti-1.2.16-CVE-2020-35701.patch -----------------------------------+ PKGBUILD | 13 ++++--------- cacti-1.2.16-CVE-2020-35701.patch | 22 ---------------------- 2 files changed, 4 insertions(+), 31 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2021-05-14 18:06:44 UTC (rev 934289) +++ PKGBUILD 2021-05-14 18:07:19 UTC (rev 934290) @@ -3,8 +3,8 @@ # Contributor: tuxbubling <[email protected]> pkgname=cacti -pkgver=1.2.16 -pkgrel=3 +pkgver=1.2.17 +pkgrel=1 pkgdesc="Network graphing solution using RRDTool" arch=('any') url="https://www.cacti.net"; @@ -17,18 +17,15 @@ backup=('etc/webapps/cacti/.htaccess' 'etc/webapps/cacti/config.php') source=("https://www.${pkgname}.net/downloads/${pkgname}-${pkgver}.tar.gz"; - "${pkgname}-1.2.16-CVE-2020-35701.patch" "${pkgname}.uwsgi" "${pkgname}.sysusers" "${pkgname}.tmpfiles") install="${pkgname}.install" -sha512sums=('fe22acf4dea8ab6ec79825d66a84ad4c43fdce2815e7327536d182bc04400ed7b1d268209bbbca8b307c4779ee5bf7369a617ec1f052d8805757c2ca9b30cc35' - '8c193f52e5478e12f93152356bce085ed7468b1e19657ae92150bb1eee662020fc4f89d5b7aa507465b82b5224834fd78eaa4389e6007136e1fc7df6e7f115a6' +sha512sums=('94ae75b2494a91c536906c7bbeaa948d16c7ad96ed3a62c1eb21175f92c01787c6849960bbc791e04b3df46edbfd3cd787eb825bb423ce0814c0904edb2c915d' 'ba421785a3a86535dba210b5ac34ad059fac72b809a9027308d047a967de43aa204eda56e129b28f6400859427de123734b338c5d8cd3da1944893fa3ef33e48' '847e2b791de44d0790a2fdb81c77c8af9a66da9d44500f3f8a8d1c0f406d3a20082cc8fef1c6afe4de93ad989d35c79c9809abe14693a9ac6ea74d4696e3b6c1' 'e833e411f74e77773c32589ba83cb1b2f28ca9b35931626480ab7daa63420d47ecfc3061e6703323646b69e1d98536b6f3afdd36faa483fb13aac9b818af0c6e') -b2sums=('19939d0ff79c895b481aeb7ffec8331d8b9c10a6b7e0dbda6532e06ef0322f21cf02f4bf53a9522e1f672dd04b343f5550e2f34f08b3af2050e1f72465cffc43' - 'a64a7ef5de93c2906c9fa5c713bf87e451eeaed297efd67b514fa47fdf11262a39d96f8e1be8bfd7c04fa74d31f830f826bcfd3a71a8230ec7454e360f7540bd' +b2sums=('e555fc99560d10e94181c38b50e6f839532fb3dc66ff688b36a7efd10c15304e7636c9b4b483763fcea751317bcb283bb2bd8f813d5759c98aed6bbf02fd256a' '880cfc1a87abd95a624ffef6f1ae5ac416b4020ae40edc32355314bb33b5003b21ab8ed082b520d70b166739a1b056339cca7b6a6bb82167c14925ae3ca0d34f' '2ec9956b690ab9244e31a58d295ab56b5d0df9fc9586c74edbd55c12d3383430b8a1a8a708d7d747abadb67eee42094562da510ddfc7797978c2683e7b86a252' '0a532bbbd07b21da18ea21eec3f268510740069fb732e3d387f224b93f0539e3e968ba6332bf647ff62f2d98910abc33e35a3e82d335cf7d29a503609e22651f') @@ -37,8 +34,6 @@ # adding default .htaccess echo "Require all denied" > "${pkgname}-htaccess" cd "${pkgname}-${pkgver}" - # fix CVE-2020-35701: https://bugs.archlinux.org/task/69300 - patch -Np1 -i "../${pkgname}-1.2.16-CVE-2020-35701.patch" # setting correct install path for spine sed -e 's|/usr/local/spine/bin/spine|/usr/bin/spine|g' \ -i install/functions.php Deleted: cacti-1.2.16-CVE-2020-35701.patch =================================================================== --- cacti-1.2.16-CVE-2020-35701.patch 2021-05-14 18:06:44 UTC (rev 934289) +++ cacti-1.2.16-CVE-2020-35701.patch 2021-05-14 18:07:19 UTC (rev 934290) @@ -1,22 +0,0 @@ -diff --git a/data_debug.php b/data_debug.php -index 1bbed6a0a..a7ffe0829 100644 ---- a/data_debug.php -+++ b/data_debug.php -@@ -35,6 +35,8 @@ - - set_default_action(); - -+validate_request_vars(); -+ - switch (get_request_var('action')) { - case 'actions': - form_actions(); -@@ -123,8 +125,6 @@ - - break; - default: -- validate_request_vars(); -- - $refresh = array( - 'seconds' => get_request_var('refresh'), - 'page' => 'data_debug.php?header=false',
