Hello community, here is the log from the commit of package cacti for openSUSE:Factory checked in at 2017-02-12 00:49:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cacti (Old) and /work/SRC/openSUSE:Factory/.cacti.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti" Changes: -------- --- /work/SRC/openSUSE:Factory/cacti/cacti.changes 2016-05-11 16:38:15.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.cacti.new/cacti.changes 2017-02-12 00:49:49.642328154 +0100 @@ -1,0 +2,134 @@ +Wed Feb 8 14:15:57 UTC 2017 - [email protected] + +- Build version 1.0.1 + * Fixes CVE-2014-4000 bnc#022564 + * Deleted cacti-log-path.patch is now handled via a symblink from + /srv/www/cacti/log to /var/log/cacti + * 1.0.1 + - feature: SpikeKill allows filling range to last known good value + - issue#261: Add IPv4 and IPv6 Specific Counters to interfaces.xml + - issue#257: Poller Output Table not Empty WARNING messages in cacti.log + - issue#256: New Graph - Add Graph Items Fails (Data Sources shows None) + - issue#255: Errors Creating new Graphs - Undefined Index Errors + - issue#254: Unable to Properly add Data Source + - issue#251: Remote Data Collector stuck on upgrade page + - issue#247: Devices missing from tree device list + - issue#245: Drag and Drop in Tree Edit Erratic + - issue#243: SMTP Ping Failure with not SNMP Authentication + - issue#241: Authentication Method: None not functional + - issue#240: SQL error when install plugin + - issue#238: Duplicate color id's cause error during Upgrade + - issue#231: SNMPv3 - PHP ERROR WARNING: Fatal error: Unknown user name in file + - issue: Resolving visual issues with row counts. + - issue: When deleting Graphs prevent the removal of Data Sources that are still in use + - issue: Improve SNMP agent performance through SQL optimizations + * 1.0.0 + - feature: Support for remote data collectors + - feature: Support Internationalization (i18n) for the main Cacti site, and supported plugins + - feature: Data Source Profiles replace RRA settings allowing a single system to have multiple polling intervals + - feature: Redesigned Tree page including Drag & Drop functionality + - feature: New Graph Permissions system designed to make permissions simple to manage + - feature: Add Themes 'Classic', 'Modern', 'Dark', and 'Paw' + - feature: Debug Data Sources by comparing them to the Data Template + - feature: New special Data Source type to detect the poller interval + - feature: Bulk inserts in PHP poller to address latency issues + - feature: Optimize data collection through in memory caching giving a 50% reduction in polling times when dealing with large sites + - feature: Support RRDtool VDEFs + - feature: Support new Graph Items: AREA:STACK, GPRINT:AVERAGE, GPRINT:LAST, GPRINT:MAX, GPRINT:MIN, LINE:STACK, TEXTALIGN, TICK + - feature: Support RRDtool features: Right Axis Support, Dynamic Labels, Tab Width, Legend Position, Legend Direction + - feature; Resizeable table columns + - feature: Deprecated Single Pane Tree View + - feature: Role Based Access Control (RBAC) + - feature: Support User Group Permissions + - feature: Show number of in use Graphs, Data Sources, and Devices for a given Template + - feature: Support bulk re-sync of graphs to assigned Graph Template + - feature: Bulk Device Settings changes + - feature: CDEFs, Colors, GPrint Presets consolidated to Presets menu + - feature: Authentication cookies for 'remember me' functionality + - feature: Automatic logout after session inactivity + - feature: Replace Boost server in favor of RRDtool Proxy + - feature: Graph Details include CSV output, zoom, debug, and download links + - feature: Graph Export moved to a plugin + - feature: User change password functionality + - feature: Automation added to core functionality through the merge of the Discovery and AutoM8 plugins + - feature: Change interface graphs from 32 bit to 64 bit with ease + - feature: Plugins now have hooks in device templates and automation + - feature: Allow users to preview template imports to determine if there will be issues from importing + - feature: Automatic removal of orphaned graph items when importing newer versions of graph templates + - feature: Support for MySQL 5.7 + - feature: Support for PHP 7.0 + - feature: Merge Aggregate Plugin - Aggregate graph creation + - feature: Merge AutoM8 Plugin - Automation of graph creation + - feature: Merge Boost Plugin - Faster polling, result caching, on-demand RRDtool file updates + - feature: Merge CLog Plugin - View Cacti logs + - feature: Merge Discovery Plugin - Device discovery + - feature: Merge Domains Plugin - Support for domain (ADS/LDAP) specific user templates + - feature: Merge DSStats Plugin - Cache Data Source values for easy retrieval + - feature: Merge Logrotate Plugin - Rotate Cacti logs + - feature: Merge Realtime Plugin - Realtime graph viewing + - feature: Merge Reporting (Nectar) Plugin - Reporting + - feature: Merge RRDclean Plugin - RRD file cleanup and management + - feature: Merge Secpass Plugin - User password policy enforcement + - feature: Merge Settings Plugin - Shared settings for plugins + - feature: Merge SNMP Agent Plugin - SNMP Agent for Cacti providing system statistics + - feature: Merge SpikeKill Plugin - Remove unwanted spikes from graphs + - feature: Merge SSL Plugin - Force https + - feature: Merge SuperLinks Plugin - Add external links within Cacti + - feature: Merge UGroup Plugin - User groups with permissions + - feature: Merge Watermark Plugin - Watermark your Cacti graphs + - bug: Fixed issue where old graph templates (0.8.6-), could import bogus data causing issues with Data Input Methods + - bug#0000168: Duplicate data sources should be avoided when creating new graphs + - bug#0000851: Review an imported template + - bug#0001155: When viewing graph tree do not show empty nodes + - bug#0001337: Form to filter for graphs in host view mode + - bug#0001552: Date ranges not shown on graphs in the view with Daily, Weekly, Monthly & Yearly graphs + - bug#0001573: RRA templates/grouping + - bug#0001577: Override session handling and store session in Database + - bug#0001790: Allow for XML delimiter in fields of a script query + - bug#0001820: Unable to use a Data Input Method Output Field in more than one Data Source Item + - bug#0001827: Changing the graph template messes up the graph item fields + - bug#0001836: Add mysql error message to log + - bug#0001877: Cookies path is not properly set + - bug#0001966: Expand Devices in tree view not honored + - bug#0001970: Data query index order cache should be populated on re-index + - bug#0001981: Cacti is not full UTF-8 + - bug#0001986: CLI allow add_graphs.php to have multiples --snmp-field and --snmp-value options + - bug#0001996: Allow using data input field in graph title + - bug#0002096: Enumerated SNMP values not parsed correctly + - bug#0002112: CLI add configurable parameters for device_add.php + - bug#0002133: Restrict User to only manage specific device(s) + - bug#0002135: Regular expression support for filter + - bug#0002137: Data query oid_suffix parameter does not function + - bug#0002159: Database creation file not fully compliant with strict SQL mode + - bug#0002162: Unable to authenticate user with password containing UTF-8 + - bug#0002196: Incorrect script server instance number in log + - bug#0002225: Make -Cc SNMP option configurable + - bug#0002255: Script query_unix_partitions.pl should only query local mounts + - bug#0002336: Implement php-snmp class library + - bug#0002340: Data query script execution should be escaped + - bug#0002350: SNMP Data Query index_order ignored + - bug#0002351: Ping does not work with non-English locale + - bug#0002361: Spine does not log unknowns the same way cmd.php + - bug#0002362: Poller cmd.php makes wrong hex-string to decimal conversion + - bug#0002370: Cacti prints wrong date formats, does not honor a systems locale + - bug#0002403: Typo in DELETE statement leading to poor graphing performance + - bug#0002412: Graph Template duplication causes to be converted to TAB char + - bug#0002418: Data Source Items named 'ds' break UI ability to add more items + - bug#0002419: SNMP enum results not parsed correctly by cmd.php poller + - bug#0002452: CVE-2014-4000 PHP Object Injection Vulnerabilities + - bug#0002454: OS Command Injection + - bug#0002468: Changing graph format to anything but PNG causes no output + - bug#0002476: Add support for SNMP v3 EngineID + - bug#0002483: Cisco ASA using Re-index method of verify all causes recache event every time + - bug#0002484: Incorrect SQL request in cli script repair_database.php + - bug#0002521: Unable to create two devices via CLI with the same IP-Address + - bug#0002522: Zero padded hex strings are parsed incorrectly + - bug#0002535: Graph Template Changes not updating RRDTool command + - bug#0002636: Creating Data Template with "U" for min and max saves field data_input_field_id as 0 for first item + - bug#0002697: CVE-2016-2313 allows remote authenticated users who use web authentication to bypass intended access + - bug#0002698: When the host is down the wrong data type are used for some columns in the host table + - bug#0002723: Renaming a disabled device still attempts to connect and get SNMP host information + - bug#0002724: Multipage graphs the menu can disappear + - bug#0002725: Changing graph template does not mark correct interfaces disabled on data query generated list + +------------------------------------------------------------------- Old: ---- cacti-0.8.8h.tar.gz cacti-log-path.patch New: ---- cacti-1.0.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ --- /var/tmp/diff_new_pack.P5hHii/_old 2017-02-12 00:49:52.241958003 +0100 +++ /var/tmp/diff_new_pack.P5hHii/_new 2017-02-12 00:49:52.245957434 +0100 @@ -1,7 +1,7 @@ # # spec file for package cacti # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: cacti -Version: 0.8.8h +Version: 1.0.1 Release: 0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0+ @@ -29,9 +29,6 @@ Source2: %{name}-httpd.conf Source3: %{name}.logrotate Source4: %{name}-httpd.conf.default -# PATCH-FIX-OPENSUSE cacti-0.8.8-cacti-log-path.patch -Patch0: cacti-log-path.patch - BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch BuildRequires: apache-rpm-macros @@ -44,7 +41,13 @@ Requires: httpd Requires: logrotate Requires: net-snmp +Requires: php-gmp +Requires: php-ldap +Requires: php-mbstring +Requires: php-openssl +Requires: php-posix Requires: php-snmp >= 5.1 +Requires: php-zlib Requires: rrdtool %if 0%{?suse_version} @@ -98,7 +101,6 @@ %prep %setup -q -%patch0 -p1 #delete the *.orig files find . -type f -name "*\.orig" -exec rm {} \; @@ -112,12 +114,19 @@ install -d -m 0755 %{buildroot}%{_localstatedir}/log/%{name} cp *.php %{buildroot}%{cacti_dir} -cp -pr lib %{buildroot}%{cacti_dir} -cp -pr include %{buildroot}%{cacti_dir} +cp -pr cache %{buildroot}%{cacti_dir} +cp -pr cli %{buildroot}%{cacti_dir} +cp -pr formats %{buildroot}%{cacti_dir} cp -pr images %{buildroot}%{cacti_dir} +cp -pr include %{buildroot}%{cacti_dir} cp -pr install %{buildroot}%{cacti_dir} +cp -pr lib %{buildroot}%{cacti_dir} +cp -pr locales %{buildroot}%{cacti_dir} +cp -pr mibs %{buildroot}%{cacti_dir} +cp -pr plugins %{buildroot}%{cacti_dir} cp -pr resource %{buildroot}%{cacti_dir} cp -pr rra %{buildroot}%{cacti_dir} +cp -pr scripts %{buildroot}%{cacti_dir} install -d -m 0755 scripts %{buildroot}%{cacti_dir}/scripts install -m 0755 scripts/* %{buildroot}%{cacti_dir}/scripts @@ -158,15 +167,17 @@ # compute files list without config file find %{buildroot}%{cacti_dir} -type d | sed -e 's|'%{buildroot}'|%dir |' >> %{name}.list find %{buildroot}%{cacti_dir} -type f ! -name config.php | sed -e 's|'%{buildroot}'||' >> %{name}.list +ln -sf %{_localstatedir}/log/%{name} %{buildroot}%{cacti_dir}/log %post chown -R %{apache_user}:%{apache_group} %{cacti_dir}/rra %files -f %{name}.list %defattr(-,root,root) -%doc LICENSE README docs/txt +%doc LICENSE README.md docs/txt %attr(-,%{apache_user},%{apache_group}) %dir %{_localstatedir}/lib/%{name} %attr(-,%{apache_user},%{apache_group}) %dir %{_localstatedir}/log/%{name} +%attr(-,%{apache_user},%{apache_group}) %{cacti_dir}/log %config(noreplace) %{cacti_dir}/include/config.php %config(noreplace) %{_sysconfdir}/cron.d/%{name} %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} ++++++ cacti-0.8.8h.tar.gz -> cacti-1.0.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/cacti/cacti-0.8.8h.tar.gz /work/SRC/openSUSE:Factory/.cacti.new/cacti-1.0.1.tar.gz differ: char 5, line 1
