Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for cacti

cacti was updated to version 0.8.8c [boo#920399]

This update fixes four vulnerabilities and adds some compatible features.
- Security fixes not previously patched:
- CVE-2014-2326 - XSS issue via CDEF editing
- CVE-2014-2327 - Cross-site request forgery (CSRF) vulnerability
- CVE-2014-2328 - Remote Command Execution Vulnerability in graph export
- CVE-2014-4002 - XSS issues in multiple files
- CVE-2014-5025 - XSS issue via data source editing
- CVE-2014-5026 - XSS issues in multiple files
- Security fixes now upstream:
- CVE-2013-5588 - XSS issue via installer or device editing
- CVE-2013-5589 - SQL injection vulnerability in device editing

New features:
- New graph tree view
- Updated graph list and graph preview
- Refactor graph tree view to remove GPL incompatible code
- Updated command line database upgrade utility
- Graph zooming now from everywhere

Fixed bugs
bnc#920399
VUL-0: CVE-2014-2327, CVE-2014-4002, CVE-2014-5025, CVE-2014-5026: cacti: fixes multiple vulnerabilities
CVE-CVE-2014-2327
CVE-CVE-2014-4002
CVE-CVE-2014-5025
CVE-CVE-2014-5026
Selected Binaries
openSUSE Build Service is sponsored by
Places