Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cacti for openSUSE:Factory checked in at 2025-03-20 19:24:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cacti (Old) and /work/SRC/openSUSE:Factory/.cacti.new.2696 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti" Thu Mar 20 19:24:49 2025 rev:51 rq:1254510 version:1.2.29 Changes: -------- --- /work/SRC/openSUSE:Factory/cacti/cacti.changes 2024-05-15 21:28:03.368761477 +0200 +++ /work/SRC/openSUSE:Factory/.cacti.new.2696/cacti.changes 2025-03-20 19:25:20.822517982 +0100 @@ -1,0 +2,110 @@ +Wed Mar 19 18:21:32 UTC 2025 - Joel Baltazor <o...@mtlfab.com> + +- to fix openSUSE:Factory/cacti package acceptance + - Oct 9 2024 Changelog did not describe cactid_service.patch + - Feb 11 2025 Changelog mispelled cacti-config-dist.patch + - Removed obsolete cacti-cron.timer cacti-cron.service cacti-config.patch + +------------------------------------------------------------------- +Tue Feb 11 17:11:40 UTC 2025 - Joel Baltazor <o...@mtlfab.com> + +- cacti 1.2.29 + - security - GHSA-c5j8-jxj3-hh36 - Authenticated RCE via multi-line SNMP responses + - security - GHSA-f9c7-7rc3-574c - SQL Injection vulnerability when using tree rules through Automation API + - security - GHSA-fh3x-69rr-qqpp - SQL Injection vulnerability when request automation devices + - security - GHSA-fxrq-fr7h-9rqq - Arbitrary File Creation leading to RCE + - security - GHSA-pv2c-97pp-vxwg - Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path + - security - GHSA-vj9g-P7F2-4wqj - SQL Injection vulnerability when view host template + - issue - 5843 - Temporary table names may incorrectly think they have a schema + - issue - 5847 - When using Preset Time to view graphs, it is using a fixed point rather than relative time + - issue - 5848 - Fix issue where RRA files are not automatically removed + - issue - 5856 - Fix invalid help link for Automation Networks + - issue - 5867 - Unable to disable a tree within the GUI + - issue - 5868 - When removing graphs, RRA files may be left behind + - issue - 5869 - Improve compatibility with ping under FreeBSD + - issue - 5870 - Improve compatibility wtih Slice RRD tool under PHP 8.x + - issue - 5874 - Allow IPv6 formats to use colons without port + - issue - 5884 - Update Fortigate, Aruba OSCX and Clearpass templates + - issue - 5927 - When a plugin is disabled, unable to use GUI to enable it again + - issue - 5932 - When upgrading, ensure that replication only runs as necessary + - issue - 5961 - Improve caching and syncing issues with replication + - issue - 5963 - Improve caching techniques for database calls + - issue - 5986 - Improve compatibility for Error constants under PHP 8.4 + - issue - 5987 - When running the upgrade database script, cursor is left in the middle of the row + - issue - 6065 - Guest page does not automatically refresh + - issue - 6078 - When installing, conversion of tables may produce collation errors + - feature - 5921 - Add HPE Nimble/Alletra template + - feature - 5933 - When installing, only convert core cacti tables +- Updated patch for config.php for new name config.php.dist + +------------------------------------------------------------------- +Thu Dec 19 20:57:32 UTC 2024 - Joel Baltazor <o...@mtlfab.com> + +- Add /srv/www directories to filelist [bsc#1231027] + +------------------------------------------------------------------- +Fri Nov 22 16:05:01 UTC 2024 - Joel Baltazor <o...@mtlfab.com> + +- fix for cacti-cron.timer & cacti-cron.service failing after upgrade has already removed + +------------------------------------------------------------------- +Wed Oct 9 20:26:20 UTC 2024 - Joel Baltazor <o...@mtlfab.com> + +- replace cacti-cron.timer & cacti-cron.service with cactid.service + to fix thold & other "sub poller" poller processes not running. + +------------------------------------------------------------------- +Wed Oct 9 16:08:11 UTC 2024 - Joel Baltazor <o...@mtlfab.com> + +- cacti 1.2.28: + security #GHSA-49f2-hwx9-qffr: XSS vulnerability when creating external links with the consolenewsection parameter + security #GHSA-fgc6-g8gc-wcg5: XSS vulnerability when creating external links with the title parameter + security #GHSA-gxq4-mv8h-6qj4: RCE vulnerability can be executed via Log Poisoning + security #GHSA-wh9c-v56x-v77c: XSS vulnerability when creating external links with the fileurl parameter + issue #5636: When using LDAP authentication the first time, warnings may appear in logs + issue #5754: When installing, a replication loop for plugin_realms may occur + issue #5759: When installing, remote poller may attempt to sync with other pollers + issue #5768: When a Data Query has a space, indexes may not be properly escaped + issue #5771: Boost does not always order data source records properly + issue #5772: Add IP address to the login audit for successful logins by xmacan + issue #5773: Undefined variable error may sometimes occur when dealing with RRD output by MSS970 + issue #5777: When export to CSV, only the first line of notes is included + issue #5780: When rendering forms, missing default value can cause errors + issue #5782: Allow hosted content to be executable for the links page + issue #5783: When closing database connections, some may linger incorrectly + issue #5785: When changing passwords, an infinite loop may occur by ddb4github + issue #5790: When using Cacti Daemon, a "Cron out of sync" message may be reported + issue #5791: Add ability to filter/sort users by group or last login time + issue #5792: When using List View, unable to add Graphs to a Report + issue #5797: When using SNMPv3, some devices may show polling issues + issue #5802: Limit table conversion to Cacti core tables + issue #5806: Fix issues with posix-based kills on Windows + issue #5813: When installing, password changes may fail on new installations + issue #5814: When using structured RRD folders, permission issues may be flagged incorrectly + issue #5823: When unable to locate a valid theme, new default will be Modern + issue #5824: Properly cache the data source information for dsstats processing + issue #5840: When reindexing, verify all fields may not work as intended + feature #5784: Add ability to log database connections/disconnections + feature #5796: Add Ping Method where connection refused assumes host is up + feature #5819: When displaying graphs, default end time does not show full 24 hour period + feature #5825: Add --id to remove_device.php + feature #5828: Add Location and Site to Graph List View + feature #5830: Add more verbose logging to Boost + feature: Update jQuery to 3.7.1 + feature: Update jQueryUI to 1.14.0 + feature: Update Purify.js to 3.1.6 + feature: Update billboard.js to 3.13.0 + feature: Improve the performance of the repopulation of the poller cache + +------------------------------------------------------------------- +Fri Sep 13 21:10:01 UTC 2024 - Joel Baltazor <o...@mtlfab.com> + +- attempt to set permissions on several sub folders + to fix https://build.opensuse.org/package/show/openSUSE:Factory/cacti#comment-1466121 + +------------------------------------------------------------------- +Wed Aug 7 20:20:26 UTC 2024 - Joel Baltazor <o...@mtlfab.com> + +- Recent builds are being placed in /usr/share instead of existing /srv/www/cacti. This is an attempt to fix + +------------------------------------------------------------------- Old: ---- cacti-1.2.27.tar.gz cacti-config.patch cacti-cron.service cacti-cron.timer New: ---- cacti-1.2.29.tar.gz cacti-config-dist.patch cactid_service.patch BETA DEBUG BEGIN: Old: - Feb 11 2025 Changelog mispelled cacti-config-dist.patch - Removed obsolete cacti-cron.timer cacti-cron.service cacti-config.patch BETA DEBUG END: BETA DEBUG BEGIN: New: - Oct 9 2024 Changelog did not describe cactid_service.patch - Feb 11 2025 Changelog mispelled cacti-config-dist.patch - Removed obsolete cacti-cron.timer cacti-cron.service cacti-config.patch New:- to fix openSUSE:Factory/cacti package acceptance - Oct 9 2024 Changelog did not describe cactid_service.patch - Feb 11 2025 Changelog mispelled cacti-config-dist.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ --- /var/tmp/diff_new_pack.zMUnj6/_old 2025-03-20 19:25:21.550548072 +0100 +++ /var/tmp/diff_new_pack.zMUnj6/_new 2025-03-20 19:25:21.550548072 +0100 @@ -18,18 +18,21 @@ %{!?make_build: %define make_build make %{?_smp_mflags}} -%if 0%{?suse_version} <= 1210 -%define cacti_dir %{_datadir}/cacti -%else -%define cacti_dir %{apache_datadir}/cacti -%endif +#%if 0%{?suse_version} <= 1210 +#%define cacti_dir %{_datadir}/cacti +#%else +#%define cacti_dir %{apache_datadir}/cacti +#%endif +%define datadir /srv/www +%define cacti_dir %{datadir}/cacti + %if 0%{?suse_version} >= 01230 %bcond_without systemd %else %bcond_with systemd %endif Name: cacti -Version: 1.2.27 +Version: 1.2.29 Release: 0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0-or-later @@ -40,11 +43,12 @@ Source2: %{name}-httpd.conf Source3: %{name}.logrotate Source4: %{name}-httpd.conf.default -Source5: %{name}-cron.service -Source6: %{name}-cron.timer +#Source5: %{name}-cron.service +#Source6: %{name}-cron.timer Source10: cacti-rpmlintrc # PATCH-FIX-UPSTREAM cacti-config.patch -Patch0: %{name}-config.patch +Patch0: %{name}-config-dist.patch +Patch1: cactid_service.patch BuildRequires: apache-rpm-macros Requires: httpd Requires: logrotate @@ -117,6 +121,9 @@ %prep %autosetup -p1 +# rename patched config file +mv include/config.php.dist include/config.php + #delete some files find . -type f -name "*\.orig" -exec rm {} \; find . -type f -name .gitignore -delete @@ -157,10 +164,12 @@ install -m 0644 *.sql %{buildroot}%{cacti_dir} %if %{with systemd} -install -Dm644 %{SOURCE6} %{buildroot}%{_unitdir}/%{name}-cron.timer -sed -e "s;__CACTIDIR__;%{cacti_dir};g" \ +sed -i \ + -e "s;__CACTIDIR__;%{cacti_dir};g" \ -e "s;__APACHEUSER__;%{apache_user};g" \ - %{SOURCE5} > %{buildroot}%{_unitdir}/%{name}-cron.service + -e "s;__APACHEGROUP__;%{apache_group};g" \ + service/cactid.service +install -Dm644 service/cactid.service %{buildroot}%{_unitdir}/cactid.service %else # cron task install -d -m 0755 %{buildroot}%{_sysconfdir}/cron.d @@ -204,29 +213,52 @@ %if %{with systemd} %post -%service_add_post %{name}-cron.timer +%service_add_post cactid.service +#attempt to remove old way & exit with 0 status if fails +systemctl --quiet stop %{name}-cron.timer || : +systemctl --quiet disable %{name}-cron.timer || : +systemctl --quiet stop %{name}-cron.service || : +systemctl --quiet disable %{name}-cron.service || : %pre -%service_add_pre %{name}-cron.timer +%service_add_pre cactid.service +#attempt to remove old way & exit with 0 status if fails +systemctl --quiet stop %{name}-cron.timer || : +systemctl --quiet disable %{name}-cron.timer || : +systemctl --quiet stop %{name}-cron.service || : +systemctl --quiet disable %{name}-cron.service || : %preun -%service_del_preun %{name}-cron.timer +%service_del_preun cactid.service %postun -%service_del_postun %{name}-cron.timer +%service_del_postun cactid.service %endif %files -f %{name}.list +%dir %{datadir} +%dir %{cacti_dir} %license LICENSE %doc README.md %attr(-,%{apache_user},%{apache_group}) %dir %{_localstatedir}/lib/%{name} %attr(-,%{apache_user},%{apache_group}) %dir %{_localstatedir}/log/%{name} %attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/rra %attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/log + +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/resource/snmp_queries +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/resource/script_server +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/resource/script_queries +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/scripts +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/cache/boost +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/cache/mibcache +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/cache/realtime +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/cache/spikekill + %config(noreplace) %{cacti_dir}/include/config.php %if %{with systemd} -%{_unitdir}/%{name}-cron.service -%{_unitdir}/%{name}-cron.timer +#%{_unitdir}/%{name}-cron.service +#%{_unitdir}/%{name}-cron.timer +%{_unitdir}/cactid.service %else %config(noreplace) %{_sysconfdir}/cron.d/%{name} %endif ++++++ cacti-1.2.27.tar.gz -> cacti-1.2.29.tar.gz ++++++ /work/SRC/openSUSE:Factory/cacti/cacti-1.2.27.tar.gz /work/SRC/openSUSE:Factory/.cacti.new.2696/cacti-1.2.29.tar.gz differ: char 18, line 1 ++++++ cacti-config-dist.patch ++++++ Index: cacti-1.2.23/include/config.php.dist =================================================================== --- cacti-1.2.23.orig/include/config.php.dist +++ cacti-1.2.23/include/config.php.dist @@ -45,17 +45,17 @@ $database_persist = false; * must remain commented out. */ -#$rdatabase_type = 'mysql'; -#$rdatabase_default = 'cacti'; -#$rdatabase_hostname = 'localhost'; -#$rdatabase_username = 'cactiuser'; -#$rdatabase_password = 'cactiuser'; -#$rdatabase_port = '3306'; -#$rdatabase_retries = 5; -#$rdatabase_ssl = false; -#$rdatabase_ssl_key = ''; -#$rdatabase_ssl_cert = ''; -#$rdatabase_ssl_ca = ''; +//#$rdatabase_type = 'mysql'; +//#$rdatabase_default = 'cacti'; +//#$rdatabase_hostname = 'localhost'; +//#$rdatabase_username = 'cactiuser'; +//#$rdatabase_password = 'cactiuser'; +//#$rdatabase_port = '3306'; +//#$rdatabase_retries = 5; +//#$rdatabase_ssl = false; +//#$rdatabase_ssl_key = ''; +//#$rdatabase_ssl_cert = ''; +//#$rdatabase_ssl_ca = ''; /** * The poller_id of this system. set to `1` for the main cacti web server. @@ -70,13 +70,13 @@ $poller_id = 1; * would be set to `/cacti/`. */ -$url_path = '/cacti/'; +//$url_path = '/cacti/'; /** * Default session name - session name must contain alpha characters */ -$cacti_session_name = 'Cacti'; +//$cacti_session_name = 'Cacti'; /** * Default Cookie domain - The cookie domain to be used for Cacti @@ -88,7 +88,7 @@ $cacti_session_name = 'Cacti'; * Save sessions to a database for load balancing */ -$cacti_db_session = false; +//$cacti_db_session = false; /** * Disable log rotation settings for packagers ++++++ cactid_service.patch ++++++ --- cacti-1.2.28/service/cactid.service.org 2024-10-06 17:38:13.000000000 -0500 +++ cacti-1.2.28/service/cactid.service 2024-10-09 14:37:35.163614889 -0500 @@ -25,10 +25,10 @@ After=network.target [Service] Type=forking -User=apache -Group=apache -EnvironmentFile=/etc/sysconfig/cactid -ExecStart=/var/www/html/cacti/cactid.php +User=__APACHEUSER__ +Group=__APACHEGROUP__ +#EnvironmentFile=/etc/sysconfig/cactid +ExecStart=__CACTIDIR__/cactid.php Restart=always RestartSec=5s
