Your message dated Sat, 05 Jul 2014 17:18:27 +0000
with message-id <[email protected]>
and subject line Bug#742768: fixed in cacti 0.8.7g-1+squeeze4
has caused the Debian Bug report #742768,
regarding cacti: CVE-2014-2326 CVE-2014-2327 CVE-2014-2328
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
742768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cacti
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see http://www.securityfocus.com/archive/1/531588 for details.
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: cacti
Source-Version: 0.8.7g-1+squeeze4
We believe that the bug you reported is fixed in the latest version of
cacti, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Paul Gevers <[email protected]> (supplier of updated cacti package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 05 Jul 2014 11:27:40 +0200
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.7g-1+squeeze4
Distribution: squeeze-lts
Urgency: high
Maintainer: Sean Finney <[email protected]>
Changed-By: Paul Gevers <[email protected]>
Description:
cacti - Frontend to rrdtool for monitoring systems and services
Closes: 742768 743565 752573
Changes:
cacti (0.8.7g-1+squeeze4) squeeze-lts; urgency=high
.
* Security upload (Closes: #742768, #743565, #752573)
- CVE-2014-2326 Cross-site scripting (XSS) vulnerability
- CVE-2014-2327 Cross Site Request Forgery Vulnerability
- CVE-2014-2328 Unspecified Remote Command Execution Vulnerability
- CVE-2014-2708 SQL injection
- CVE-2014-2709 Unspecified Remote Command Execution Vulnerability
- CVE-2014-4002 Cross-Site Scripting Vulnerability
Checksums-Sha1:
0b1a8db6de23388eb333e3f31910e72f35ab512b 1443 cacti_0.8.7g-1+squeeze4.dsc
b88051b333e29b215dacfe07bd1cf684da866c53 59041 cacti_0.8.7g-1+squeeze4.diff.gz
71c19bf1d1ff3d4cbf5d1ef717dbdeaf314bd89b 2098348
cacti_0.8.7g-1+squeeze4_all.deb
Checksums-Sha256:
50961c0bcf6766c9f7493f785f7202fe73bfbfb04b576e5388875f56f846358e 1443
cacti_0.8.7g-1+squeeze4.dsc
1498c3a5ef269942c908a0d9bb24a10a29ebd126c7226c223f52e2171f7c7fb0 59041
cacti_0.8.7g-1+squeeze4.diff.gz
73cea4db7448c4ae2d311937c4f76f9fe2452f4933c7df6b1b6088ecb604b66e 2098348
cacti_0.8.7g-1+squeeze4_all.deb
Files:
5ef9a7d3c7e9753456a923c040276aa8 1443 web extra cacti_0.8.7g-1+squeeze4.dsc
ba7a61ce0ae89d4d19525001d0f98b56 59041 web extra
cacti_0.8.7g-1+squeeze4.diff.gz
64be98d1231c4f5ac4a8039a8876cc2a 2098348 web extra
cacti_0.8.7g-1+squeeze4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJTuC2fAAoJEJxcmesFvXUKy4YH/1ETU150OPL6OeHY2EqCbz+4
wMk3kK0hNJv3JpmKlZ2dGdFggSigQTY33CtrR177skN3fjYauoIF+8UVL3BsU7Hg
/9+yMeJWQSGWL0k0NfKSOYGelbswY8yY/rTdBw5INXqaGn7xHaTb6iJ+1IIDKuGu
yxXAMtUpoQn4lJjvkBADPzVl8xE/lyLcNrQFn5owprC28MNGgz1IAGVklhVEj3OB
OFWnYRGCNihhDSW8z1JfLnf+FtUZ2utVsGG2b7JJCGuoAAnOkHQOdfmaq6l5Wq+G
VxA2Aa6S0ABnsJv0aNBMXKRcrutOPU7ElCzdOjNOcDYMyondy5GxwpRzM24XZT0=
=gTIS
-----END PGP SIGNATURE-----
--- End Message ---
