openSUSE Build Service

Ana Guerrero (anag+factory) accepted request 1174071 from

Andreas Stieger (AndreasStieger) 6 months ago (revision 50)

cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)

Ana Guerrero (anag+factory) accepted request 1150931 from

Andreas Stieger (AndreasStieger) 9 months ago (revision 49)

Ana Guerrero (anag+factory) accepted request 1134986 from

Andreas Stieger (AndreasStieger) 11 months ago (revision 48)

cacti 1.2.26
CVE-2023-50250 boo#1218380
CVE-2023-49084 boo#1218360
CVE-2023-49085 boo#1218378
CVE-2023-49086 boo#1218366
CVE-2023-49088 boo#1218379
CVE-2023-51448 boo#1218381

Ana Guerrero (anag+factory) accepted request 1109347 from

Andreas Stieger (AndreasStieger) about 1 year ago (revision 47)

cl update for tracking...

CVE-2023-30534 boo#1215082
CVE-2023-39360 boo#1215044
CVE-2023-39361 boo#1215045
CVE-2023-39357 boo#1215040
CVE-2023-39362 boo#1215047
CVE-2023-39359 boo#1215043
CVE-2023-39358 boo#1215042
CVE-2023-39365 boo#1215051
CVE-2023-39364 boo#1215050
CVE-2023-39366 boo#1215052
CVE-2023-39510 boo#1215053
CVE-2023-39511 boo#1215081
CVE-2023-39512 boo#1215054
CVE-2023-39513 boo#1215055
CVE-2023-39514 boo#1215056
CVE-2023-39515 boo#1215058
CVE-2023-39516 boo#1215059

Ana Guerrero (anag+factory) accepted request 1109188 from

Andreas Stieger (AndreasStieger) about 1 year ago (revision 46)

cacti 1.2.25 (boo#1215024)

Dominique Leuenberger (dimstar_suse) accepted request 1068075 from

Andreas Stieger (AndreasStieger) over 1 year ago (revision 45)

Dominique Leuenberger (dimstar_suse) accepted request 1046255 from

Andreas Stieger (AndreasStieger) almost 2 years ago (revision 44)

cacti 1.2.23 CVE-2022-46169 boo#1206185

Dominique Leuenberger (dimstar_suse) accepted request 1007577 from

Andreas Stieger (AndreasStieger) about 2 years ago (revision 43)

cacti 1.2.22 (boo#1203952)

Dominique Leuenberger (dimstar_suse) accepted request 979660 from

Andreas Stieger (AndreasStieger) over 2 years ago (revision 42)

Dominique Leuenberger (dimstar_suse) accepted request 972230 from

Andreas Stieger (AndreasStieger) over 2 years ago (revision 41)

cacti 1.2.20 CVE-2022-0730 boo#1196692

Dominique Leuenberger (dimstar_suse) accepted request 929901 from

Andreas Stieger (AndreasStieger) about 3 years ago (revision 40)

cacti 1.2.19 boo#1192408

Dominique Leuenberger (dimstar_suse) accepted request 913438 from

Andreas Stieger (AndreasStieger) about 3 years ago (revision 39)

- cacti 1.2.18:
  * CVE-2020-14424: Lack of escaping on template import can lead to
    XSS exposure under 'midwinter' theme (boo#1188188)
  * Real time graphs can expose XSS issue

Dominique Leuenberger (dimstar_suse) accepted request 890825 from

Andreas Stieger (AndreasStieger) over 3 years ago (revision 38)

cacti 1.2.17 CVE-2020-35701 boo#1180804

Dominique Leuenberger (dimstar_suse) accepted request 856911 from

Andreas Stieger (AndreasStieger) almost 4 years ago (revision 37)

- fix httpd startup errors due to mismatched configuration
  directives boo#1175314

Dominique Leuenberger (dimstar_suse) accepted request 853622 from

Andreas Stieger (AndreasStieger) almost 4 years ago (revision 36)

Dominique Leuenberger (dimstar_suse) accepted request 847931 from

Andreas Stieger (AndreasStieger) about 4 years ago (revision 35)

cacti 1.2.15

Dominique Leuenberger (dimstar_suse) accepted request 824224 from

Andreas Stieger (AndreasStieger) over 4 years ago (revision 34)

cacti 1.2.14 (boo#1174850)

Dominique Leuenberger (dimstar_suse) accepted request 820849 from

Andreas Stieger (AndreasStieger) over 4 years ago (revision 33)

- cacti 1.2.13:
  * Query XSS vulnerabilities require vendor package update
    (CVE-2020-11022 / CVE-2020-11023)
  * Lack of escaping on some pages can lead to XSS exposure
  * Update PHPMailer to 6.1.6 (CVE-2020-13625)
  * SQL Injection vulnerability due to input validation failure when
    editing colors (CVE-2020-14295, boo#1173090)
  * Lack of escaping on template import can lead to XSS exposure

Yuchen Lin (maxlin_factory) accepted request 809673 from

Lars Vogdt (lrupp) over 4 years ago (revision 32)

Dominique Leuenberger (dimstar_suse) accepted request 801764 from

Lars Vogdt (lrupp) over 4 years ago (revision 31)

Places

Revisions of cacti

Places