Overview

Request 1174083 accepted

cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)

Request History
Andreas Stieger's avatar

AndreasStieger created request

cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)

Factory Auto's avatar

factory-auto accepted review

openSUSE:Backports:SLE-12/cacti-spine.openSUSE_Backports_SLE-12::maintenance_incident: Check
script succeeded
openSUSE:Backports:SLE-12/cacti.openSUSE_Backports_SLE-12::maintenance_incident: Check
script succeeded
openSUSE:Backports:SLE-15-SP5:Update/cacti-spine.openSUSE_Backports_SLE-15-SP5_Update::maintenance_incident: Check
script succeeded
openSUSE:Backports:SLE-15-SP5:Update/cacti.openSUSE_Backports_SLE-15-SP5_Update::maintenance_incident: Check
script succeeded

Saul Goodman's avatar

licensedigger accepted review

ok

Maintenance Bot's avatar

maintbot accepted review

openSUSE:Backports:SLE-12/cacti-spine.openSUSE_Backports_SLE-12::maintenance_incident: ok
openSUSE:Backports:SLE-12/cacti.openSUSE_Backports_SLE-12::maintenance_incident: ok
openSUSE:Backports:SLE-15-SP5:Update/cacti-spine.openSUSE_Backports_SLE-15-SP5_Update::maintenance_incident: ok
openSUSE:Backports:SLE-15-SP5:Update/cacti.openSUSE_Backports_SLE-15-SP5_Update::maintenance_incident: ok

Maintenance Bot's avatar

maintbot approved review

openSUSE:Backports:SLE-12/cacti-spine.openSUSE_Backports_SLE-12::maintenance_incident: ok
openSUSE:Backports:SLE-12/cacti.openSUSE_Backports_SLE-12::maintenance_incident: ok
openSUSE:Backports:SLE-15-SP5:Update/cacti-spine.openSUSE_Backports_SLE-15-SP5_Update::maintenance_incident: ok
openSUSE:Backports:SLE-15-SP5:Update/cacti.openSUSE_Backports_SLE-15-SP5_Update::maintenance_incident: ok

Robert Frohl's avatar

rfrohl moved maintenance target to openSUSE:Maintenance:18371

Robert Frohl's avatar

rfrohl accepted request

accepted request 1174083:Thanks!

For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance

openSUSE Build Service is sponsored by
Places