Your message dated Sat, 05 Apr 2025 10:04:36 +0000
with message-id <[email protected]>
and subject line Bug#1095721: fixed in cacti 1.2.30+ds1-1
has caused the Debian Bug report #1095721,
regarding cacti: CVE-2025-26520 (Incomplete fix for CVE-2024-54146)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1095721: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095721
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: cacti
Version: 1.2.28+ds1-4
Severity: important
Tags: security upstream
Forwarded: https://github.com/Cacti/cacti/pull/6096
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi
As reported by Sylvain, the fix for CVE-2024-54146 was incomplete.
https://github.com/Cacti/cacti/pull/6096
https://github.com/Cacti/cacti/commit/7fa60c03ad4a69c701ac6b77c85a8927df7acd51
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: cacti
Source-Version: 1.2.30+ds1-1
Done: Paul Gevers <[email protected]>
We believe that the bug you reported is fixed in the latest version of
cacti, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Paul Gevers <[email protected]> (supplier of updated cacti package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 05 Apr 2025 11:12:16 +0200
Source: cacti
Architecture: source
Version: 1.2.30+ds1-1
Distribution: unstable
Urgency: medium
Maintainer: Cacti Maintainer <[email protected]>
Changed-By: Paul Gevers <[email protected]>
Closes: 1095721
Changes:
cacti (1.2.30+ds1-1) unstable; urgency=medium
.
* New upstream version 1.2.30+ds1 which fixes CVE-2025-26520
(Closes: #1095721)
* Drop patches taken from upstream
* Add Catalan translation for debconf templates
Checksums-Sha1:
35f848985cfc4f65e2b0d90e0a56c2f278136a90 2115 cacti_1.2.30+ds1-1.dsc
7ac0d8924f0f39b96a53258f1677e22d2b118b03 24847641
cacti_1.2.30+ds1.orig-docs-source.tar.gz
a4cd22b03c807a8f53500736966b349aa21d3257 10934737 cacti_1.2.30+ds1.orig.tar.gz
8374fff110d890c897a000919b6cb536b8e6dd40 58592 cacti_1.2.30+ds1-1.debian.tar.xz
Checksums-Sha256:
3603d90a6baf47cd36cfc30d700d032cd1c3d15a490fb66143b892c7b993d9fd 2115
cacti_1.2.30+ds1-1.dsc
720cba8bdcedd0bf6b3b283a01466ff1c27d3c461e7b4046fb8bda1af6922666 24847641
cacti_1.2.30+ds1.orig-docs-source.tar.gz
88c25cb9d89b9f1e94c41502418c47adb526c374c4191fdf8996bc64be5cba6d 10934737
cacti_1.2.30+ds1.orig.tar.gz
1320d42d3d77b711d05f2ff3a42071d582e287cd03cbeb17ba2c140c72029aa9 58592
cacti_1.2.30+ds1-1.debian.tar.xz
Files:
9d576583c8ed440e2c9d27edc2654566 2115 web optional cacti_1.2.30+ds1-1.dsc
b9b84bbf4f4152274fbca59476a77473 24847641 web optional
cacti_1.2.30+ds1.orig-docs-source.tar.gz
3e2bdaaf51cd1e85fae8cfcfcd55cd3b 10934737 web optional
cacti_1.2.30+ds1.orig.tar.gz
3c5860ceb2853709c717fd9a4f8f22c8 58592 web optional
cacti_1.2.30+ds1-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAmfw/IUACgkQnFyZ6wW9
dQq7VQf/anuVFv8kf3tig0uC6G44HivUd7P03XidD0MoZZxf1xnTMP0sHwUHW3OF
Qwm93vZmvCZ+OzZmnT9V0U7yBiYXq34BwJFFqzoPSaslNs/M0n45j6/xauoDCu6P
3T1Be9liakoD4Y5TTZDQkFHBb0Hcibg9zH8cQNEY1pIjs+jFGBWYN4KnmiJaQDi+
zxlszmLq5FNG+9P6g8S2h7G4HLAc9/icsrUj0cI+i6tj51UH6EM8ESPKiSv4+d3p
hH/28HAyR8VnI23s57AmWza9i9j+3fFDjCgw+hkM3+laT1LKBuv//TPUa4IKYYx4
etrt/xa3My8Jnn1AbPSmZlIGcrg26Q==
=bVvp
-----END PGP SIGNATURE-----
pgpu0GAxJzuqH.pgp
Description: PGP signature
--- End Message ---
