Hello community, here is the log from the commit of package cacti for openSUSE:Factory checked in at 2020-05-08 23:08:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cacti (Old) and /work/SRC/openSUSE:Factory/.cacti.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti" Fri May 8 23:08:33 2020 rev:31 rq:801764 version:1.2.12 Changes: -------- --- /work/SRC/openSUSE:Factory/cacti/cacti.changes 2020-04-13 12:53:33.880655386 +0200 +++ /work/SRC/openSUSE:Factory/.cacti.new.2738/cacti.changes 2020-05-08 23:08:41.206271024 +0200 @@ -1,0 +2,12 @@ +Thu May 7 09:34:43 UTC 2020 - Andreas Stieger <[email protected]> + +- cacti 1.2.12: + * CVE-2020-7106: Lack of escaping of color items can lead to XSS + exposure (boo#1163749) + * Fix multiple graphing bugs and web UI issues + * Fix multiple warnings, PHP Exceptions and errors + * Content-Security-Policy prevents External Links from being opened + * Prevent runtime memory issues by increasing memory limit + * Improve SNMPv3 handling + +------------------------------------------------------------------- Old: ---- cacti-1.2.11.tar.gz New: ---- cacti-1.2.12.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ --- /var/tmp/diff_new_pack.ehG0yX/_old 2020-05-08 23:08:42.758274194 +0200 +++ /var/tmp/diff_new_pack.ehG0yX/_new 2020-05-08 23:08:42.758274194 +0200 @@ -22,7 +22,7 @@ %define cacti_dir %{apache_datadir}/cacti %endif Name: cacti -Version: 1.2.11 +Version: 1.2.12 Release: 0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0-or-later @@ -52,8 +52,8 @@ Conflicts: cacti-spine < %{version} Conflicts: cacti-spine > %{version} Provides: cacti-system -Obsoletes: cacti-PA -Provides: cacti-PA +Obsoletes: cacti-PA < %{version} +Provides: cacti-PA = %{version} BuildArch: noarch %if 0%{?suse_version} BuildRequires: apache2-devel ++++++ cacti-1.2.11.tar.gz -> cacti-1.2.12.tar.gz ++++++ /work/SRC/openSUSE:Factory/cacti/cacti-1.2.11.tar.gz /work/SRC/openSUSE:Factory/.cacti.new.2738/cacti-1.2.12.tar.gz differ: char 5, line 1 ++++++ cacti-config.patch ++++++ --- /var/tmp/diff_new_pack.ehG0yX/_old 2020-05-08 23:08:42.794274267 +0200 +++ /var/tmp/diff_new_pack.ehG0yX/_new 2020-05-08 23:08:42.794274267 +0200 @@ -1,7 +1,7 @@ -Index: cacti-1.2.11/include/config.php +Index: cacti-1.2.12/include/config.php =================================================================== ---- cacti-1.2.11.orig/include/config.php -+++ cacti-1.2.11/include/config.php +--- cacti-1.2.12.orig/include/config.php ++++ cacti-1.2.12/include/config.php @@ -44,17 +44,17 @@ $database_ssl_ca = ''; * must remain commented out. */ @@ -31,7 +31,7 @@ /* * The poller_id of this system. set to `1` for the main cacti web server. -@@ -69,25 +69,25 @@ $poller_id = 1; +@@ -69,13 +69,13 @@ $poller_id = 1; * would be set to `/cacti/`. */ @@ -47,12 +47,7 @@ /* * Default Cookie domain - The cookie domain to be used for Cacti - */ - --$cacti_cookie_domain = 'cacti.net'; -+//$cacti_cookie_domain = 'cacti.net'; - - /* +@@ -87,7 +87,7 @@ $cacti_session_name = 'Cacti'; * Save sessions to a database for load balancing */
