On Wed, Apr 10, 2019 at 10:51:33AM -0400, Chris Lamb wrote:
> retitle 926700 cacti: CVE-2019-11025 - XSS in utilities.php
> thanks
>
> Hi all,
>
> I've attached a patch that I intend to upload to jessie LTS. May I
> also prepare an update for stretch based on this?
I doubt this really warrants
Chris Lamb wrote:
> I've attached a patch that I intend to upload to jessie LTS. May I
> also prepare an update for stretch based on this?
Ping on this, security team?
Paul, looks like your upload landed in the end:
https://bugs.debian.org/926700#31
Regards,
--
,''`.
: :' :
Hi Chris,
On 10-04-2019 16:51, Chris Lamb wrote:
> I've attached a patch that I intend to upload to jessie LTS. May I
> also prepare an update for stretch based on this?
I guess it doesn't matter for stable, but you have my blessing.
Paul
PS: I uploaded to sid yesterday, but I fear my key on
retitle 926700 cacti: CVE-2019-11025 - XSS in utilities.php
thanks
Hi all,
I've attached a patch that I intend to upload to jessie LTS. May I
also prepare an update for stretch based on this?
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org
Control: found -1 0.8.8h+ds1-10 0.8.8b+dfsg-8+deb8u6
Hi Salvatore,
On 09-04-2019 12:28, Salvatore Bonaccorso wrote:
> Please adjust the affected versions in the BTS as needed.
Doing so now. Thanks for the report.
Paul
signature.asc
Description: OpenPGP digital signature
Source: cacti
Version: 1.2.2+ds1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Cacti/cacti/issues/2581
Hi,
The following vulnerability was published for cacti.
CVE-2019-11025[0]:
| In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping
| occurs before
6 matches
Mail list logo
