Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cacti for openSUSE:Factory checked in at 2021-08-23 10:08:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cacti (Old) and /work/SRC/openSUSE:Factory/.cacti.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti" Mon Aug 23 10:08:09 2021 rev:39 rq:913438 version:1.2.18 Changes: -------- --- /work/SRC/openSUSE:Factory/cacti/cacti.changes 2021-05-06 22:53:14.550597263 +0200 +++ /work/SRC/openSUSE:Factory/.cacti.new.1899/cacti.changes 2021-08-23 10:09:12.972173186 +0200 @@ -1,0 +2,8 @@ +Sat Jul 10 06:40:29 UTC 2021 - Andreas Stieger <andreas.stie...@gmx.de> + +- cacti 1.2.18: + * CVE-2020-14424: Lack of escaping on template import can lead to + XSS exposure under 'midwinter' theme (boo#1188188) + * Real time graphs can expose XSS issue + +------------------------------------------------------------------- Old: ---- cacti-1.2.17.tar.gz New: ---- cacti-1.2.18.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ --- /var/tmp/diff_new_pack.9vwupd/_old 2021-08-23 10:09:15.264170513 +0200 +++ /var/tmp/diff_new_pack.9vwupd/_new 2021-08-23 10:09:15.268170509 +0200 @@ -28,7 +28,7 @@ %bcond_with systemd %endif Name: cacti -Version: 1.2.17 +Version: 1.2.18 Release: 0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0-or-later ++++++ cacti-1.2.17.tar.gz -> cacti-1.2.18.tar.gz ++++++ /work/SRC/openSUSE:Factory/cacti/cacti-1.2.17.tar.gz /work/SRC/openSUSE:Factory/.cacti.new.1899/cacti-1.2.18.tar.gz differ: char 18, line 1
