-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 08 Mar 2020 21:26:46 +0100 Source: cacti Architecture: source Version: 1.2.10+ds1-1 Distribution: unstable Urgency: medium Maintainer: Cacti Maintainer <pkg-cacti-ma...@lists.alioth.debian.org> Changed-By: Paul Gevers <elb...@debian.org> Closes: 951832 Changes: cacti (1.2.10+ds1-1) unstable; urgency=medium . * New upstream version 1.2.10 CVE-2020-8813 graph_realtime.php allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege (Closes: 951832) Checksums-Sha1: 38fdf3900f9b181c84a103cffe45aff2b00df8b2 2116 cacti_1.2.10+ds1-1.dsc ddd070c46c0124d63a0f4a9b914bfc87745f12b6 13511964 cacti_1.2.10+ds1.orig-docs-source.tar.gz e42e6ffe5ee39acbb9bdbc5bcea397422aacbb64 7231135 cacti_1.2.10+ds1.orig.tar.gz a974397440ab24950f6932a31052dd330d7cca9c 53680 cacti_1.2.10+ds1-1.debian.tar.xz Checksums-Sha256: 901e2bbbd41efe12ca50a31c8c1ae0e859d40f9103620ad0be59c2080ce6f9e1 2116 cacti_1.2.10+ds1-1.dsc c7ba40c9dcb18c1775e7a9a453a6c1b715ef7c643ebb84719d7cdf8cc8038087 13511964 cacti_1.2.10+ds1.orig-docs-source.tar.gz 6d074f216b130251407e7b4ce8854d57064b7f927cd7a990062c06a207b1fe58 7231135 cacti_1.2.10+ds1.orig.tar.gz bc728f0632b44da61e0b833312ef45d0311b8f937c5e28a804cf6949a0e6f55a 53680 cacti_1.2.10+ds1-1.debian.tar.xz Files: 498024f83a038343f702ab2848b38a6b 2116 web optional cacti_1.2.10+ds1-1.dsc e10e5769f04ac3ffcf7902af53741748 13511964 web optional cacti_1.2.10+ds1.orig-docs-source.tar.gz f2a3d9849ac12ca11785acf30817e959 7231135 web optional cacti_1.2.10+ds1.orig.tar.gz 0b5412196b7067c1e0aaaf51b03898ae 53680 web optional cacti_1.2.10+ds1-1.debian.tar.xz
-----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAl5lWu0ACgkQnFyZ6wW9 dQoxqQf9Fb518ifRjgJahCCEfAyTJojlMBbcu6AyfmrC5XmAcghW5WIZaua1Hwh1 kVY7GdNla22b/yQT+LRDAqcf86ZHY/23U0A5KP8Ccjff+r/gX0Fa9zvNUxofbant hqaypaJK5q8jkcYxFjB+bOxbebpof0wv9WbddblLvI7Ug5MpJ1Mh7kDFjLcKA3LU xcReTBk27SpP86o6duYYEci8I8PuiahR0KpXMnGb2z2ESC+/OS1Sy3rCyBGEOKl8 AT/XwvkJFf0Mapcvg1M2BqcI7nx1UZW0LU91iYLxcbj9L67Pm9KIG4YO7Qf5B5Yx k0V/qR2bp7FWsiij+uURih95x2ZpJg== =uthY -----END PGP SIGNATURE-----