Hello community, here is the log from the commit of package cacti for openSUSE:Leap:15.2 checked in at 2020-05-12 11:40:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/cacti (Old) and /work/SRC/openSUSE:Leap:15.2/.cacti.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti" Tue May 12 11:40:20 2020 rev:48 rq:802742 version:1.2.12 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/cacti/cacti.changes 2020-04-28 20:11:58.376635873 +0200 +++ /work/SRC/openSUSE:Leap:15.2/.cacti.new.2738/cacti.changes 2020-05-12 11:42:35.105028152 +0200 @@ -1,0 +2,12 @@ +Thu May 7 09:34:43 UTC 2020 - Andreas Stieger <[email protected]> + +- cacti 1.2.12: + * CVE-2020-7106: Lack of escaping of color items can lead to XSS + exposure (boo#1163749) + * Fix multiple graphing bugs and web UI issues + * Fix multiple warnings, PHP Exceptions and errors + * Content-Security-Policy prevents External Links from being opened + * Prevent runtime memory issues by increasing memory limit + * Improve SNMPv3 handling + +------------------------------------------------------------------- Old: ---- cacti-1.2.11.tar.gz New: ---- cacti-1.2.12.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ --- /var/tmp/diff_new_pack.rPpIcG/_old 2020-05-12 11:42:35.745029497 +0200 +++ /var/tmp/diff_new_pack.rPpIcG/_new 2020-05-12 11:42:35.749029505 +0200 @@ -22,7 +22,7 @@ %define cacti_dir %{apache_datadir}/cacti %endif Name: cacti -Version: 1.2.11 +Version: 1.2.12 Release: 0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0-or-later @@ -52,8 +52,8 @@ Conflicts: cacti-spine < %{version} Conflicts: cacti-spine > %{version} Provides: cacti-system -Obsoletes: cacti-PA -Provides: cacti-PA +Obsoletes: cacti-PA < %{version} +Provides: cacti-PA = %{version} BuildArch: noarch %if 0%{?suse_version} BuildRequires: apache2-devel ++++++ cacti-1.2.11.tar.gz -> cacti-1.2.12.tar.gz ++++++ /work/SRC/openSUSE:Leap:15.2/cacti/cacti-1.2.11.tar.gz /work/SRC/openSUSE:Leap:15.2/.cacti.new.2738/cacti-1.2.12.tar.gz differ: char 5, line 1 ++++++ cacti-config.patch ++++++ --- /var/tmp/diff_new_pack.rPpIcG/_old 2020-05-12 11:42:35.785029581 +0200 +++ /var/tmp/diff_new_pack.rPpIcG/_new 2020-05-12 11:42:35.785029581 +0200 @@ -1,7 +1,7 @@ -Index: cacti-1.2.11/include/config.php +Index: cacti-1.2.12/include/config.php =================================================================== ---- cacti-1.2.11.orig/include/config.php -+++ cacti-1.2.11/include/config.php +--- cacti-1.2.12.orig/include/config.php ++++ cacti-1.2.12/include/config.php @@ -44,17 +44,17 @@ $database_ssl_ca = ''; * must remain commented out. */ @@ -31,7 +31,7 @@ /* * The poller_id of this system. set to `1` for the main cacti web server. -@@ -69,25 +69,25 @@ $poller_id = 1; +@@ -69,13 +69,13 @@ $poller_id = 1; * would be set to `/cacti/`. */ @@ -47,12 +47,7 @@ /* * Default Cookie domain - The cookie domain to be used for Cacti - */ - --$cacti_cookie_domain = 'cacti.net'; -+//$cacti_cookie_domain = 'cacti.net'; - - /* +@@ -87,7 +87,7 @@ $cacti_session_name = 'Cacti'; * Save sessions to a database for load balancing */
