Your message dated Wed, 25 Jun 2014 21:34:24 +0000
with message-id <[email protected]>
and subject line Bug#742768: fixed in cacti 0.8.8b+dfsg-6
has caused the Debian Bug report #742768,
regarding cacti: CVE-2014-2326 CVE-2014-2327 CVE-2014-2328
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
742768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cacti
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see http://www.securityfocus.com/archive/1/531588 for details.
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: cacti
Source-Version: 0.8.8b+dfsg-6
We believe that the bug you reported is fixed in the latest version of
cacti, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Paul Gevers <[email protected]> (supplier of updated cacti package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 25 Jun 2014 22:33:53 +0200
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.8b+dfsg-6
Distribution: unstable
Urgency: high
Maintainer: Cacti Maintainer <[email protected]>
Changed-By: Paul Gevers <[email protected]>
Description:
cacti - web interface for graphing of monitoring systems
Closes: 742768 744067 752573
Changes:
cacti (0.8.8b+dfsg-6) unstable; urgency=high
.
* Add alternative php5-mysql | php5-mysqlnd (Closes: #744067)
* Security update (Closes: #742768, #752573)
- CVE-2014-2327 Cross Site Request Forgery Vulnerability
- CVE-2014-4002 Cross-Site Scripting Vulnerability
Checksums-Sha1:
cb0087d5f3770dea819440882c268c754ae0f0e3 1655 cacti_0.8.8b+dfsg-6.dsc
5a34a582d9c8677518a33234a4ad1ac8024ee61a 103284
cacti_0.8.8b+dfsg-6.debian.tar.xz
7b62b650d11502daed7091fbd7985634bfd59f54 1892594 cacti_0.8.8b+dfsg-6_all.deb
Checksums-Sha256:
f72c1022c8497784322e9bb3db94bff0f72ddbe2f38acfbc9f894236741a86d4 1655
cacti_0.8.8b+dfsg-6.dsc
18433ea70e341eff55c005ff1796018f546fa53ed1159e2cd69ec1c9a96168ec 103284
cacti_0.8.8b+dfsg-6.debian.tar.xz
ab5ab0a70f308814acb5f2fdb3b32e398e47567e005065d9fd3d60748470a7aa 1892594
cacti_0.8.8b+dfsg-6_all.deb
Files:
0aa31425f144e81ad972e6ec0aff7d9f 1892594 web extra cacti_0.8.8b+dfsg-6_all.deb
6de034dfcb0d7ecf5e6978bf61d9b45c 1655 web extra cacti_0.8.8b+dfsg-6.dsc
c06386ec36c90e07234da262dc2136e4 103284 web extra
cacti_0.8.8b+dfsg-6.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJTqzRsAAoJEJxcmesFvXUKseAIAKKzrFxl91WYCof/mF8pxeD9
OjOumQOUH/BSNDfsgou3Vk/hVsiMOZroSaEuTYDznfJPa1ajkFENHL5AySAD44xK
sdlHBlpDkp/KexgKBBV+2zxdokjk7BZrfVtJowEkfbVhTOErK+KnUhXmj3sK4tvi
sCQQQS4QNL8iRHVnMKuOQge3YKLiM9uWyA/fjS3LRqNCdNasvknWk2r+9xLBx4uK
wdmeYubm3oCjc+zWmq9RrhYIYTw0RKyXzk3EqPJHcsGeqsnIk6uYtYch014SRune
3XJWYF3Zj6cShJtFkwyEz/GxesSBs7E5ec/BduJKPzJqb8q24MzYsOtD7jH1AR0=
=2G1F
-----END PGP SIGNATURE-----
--- End Message ---
