-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2020-bee5eeedf0 2020-02-25 02:28:50.218521 --------------------------------------------------------------------------------
Name : cacti-spine Product : Fedora EPEL 7 Version : 1.2.9 Release : 1.el7 URL : https://cacti.net Summary : Threaded poller for Cacti written in C Description : Spine is a supplemental poller for Cacti that makes use of pthreads to achieve excellent performance. -------------------------------------------------------------------------------- Update Information: - Update to 1.2.9 - CVE-2020-7106, CVE-2020-7237 Release notes: https://www.cacti.net/release_notes.php?version=1.2.9 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 10 2020 Morten Stevens <[email protected]> - 1.2.9-1 - Update to 1.2.9 * Tue Jan 28 2020 Fedora Release Engineering <[email protected]> - 1.2.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Dec 11 2019 Morten Stevens <[email protected]> - 1.2.8-1 - Update to 1.2.8 * Sat Nov 30 2019 Morten Stevens <[email protected]> - 1.2.7-1 - Update to 1.2.7 * Tue Sep 3 2019 Morten Stevens <[email protected]> - 1.2.6-1 - Update to 1.2.6 * Sat Aug 3 2019 Morten Stevens <[email protected]> - 1.2.5-3 - Fix building on RHEL8 * Wed Jul 24 2019 Fedora Release Engineering <[email protected]> - 1.2.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Jul 20 2019 Morten Stevens <[email protected]> - 1.2.5-1 - Update to 1.2.5 * Sat Jun 8 2019 Morten Stevens <[email protected]> - 1.2.4-1 - Update to 1.2.4 * Sun Mar 31 2019 Morten Stevens <[email protected]> - 1.2.3-1 - Update to 1.2.3 * Mon Feb 25 2019 Morten Stevens <[email protected]> - 1.2.2-1 - Update to 1.2.2 * Thu Jan 31 2019 Fedora Release Engineering <[email protected]> - 1.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 21 2019 Morten Stevens <[email protected]> - 1.2.1-1 - Update to 1.2.1 * Sun Jan 6 2019 Morten Stevens <[email protected]> - 1.2.0-2 - Use spine.conf as default * Thu Jan 3 2019 Morten Stevens <[email protected]> - 1.2.0-1 - Update to 1.2.0 * Fri Nov 9 2018 Morten Stevens <[email protected]> - 1.1.38-2 - Added RPM macro to fix building on RHEL * Tue Nov 6 2018 Morten Stevens <[email protected]> - 1.1.38-1 - Initial cacti-spine release for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1798187 - CVE-2020-7237 cacti: remote code execution due to input validation in Performance Boost Debug Log https://bugzilla.redhat.com/show_bug.cgi?id=1798187 [ 2 ] Bug #1796208 - CVE-2020-7106 cacti: XSS due to lack of escaping on some pages https://bugzilla.redhat.com/show_bug.cgi?id=1796208 [ 3 ] Bug #1786609 - CVE-2019-17358 cacti: unsafe deserialization of user-controlled data https://bugzilla.redhat.com/show_bug.cgi?id=1786609 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update cacti-spine' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ epel-package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
