Hi Christian, On 23-12-15 16:25, Christian Rebischke wrote: > I have a question. Do you have a patch for the CVE-2015-8369 for cacti in > version 0.8.8f? I checked out your SVN repository and generated the > following patch: https://paste.archlinux.de/yPT/ > My problem is that this patch has been generated via diff between r7766 and > r7767 so It will not work when I apply it to our cacti version (0.8.8f) in > our official archlinux repositories, because the difference between 0.8.8f > and your patch is too far.
This is the patch I applied in Debian: http://anonscm.debian.org/cgit/pkg-cacti/cacti.git/tree/debian/patches/CVE-2015-8369_sql_injection_in_graph.php.patch It is based on the same commit, but I had no issues with it (I can't even remember if I had to adjust it or not). Paul
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ cacti-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cacti-user
