Overview

File _patchinfo of Package patchinfo.2751

<patchinfo incident="cacti">
  <packager>aeneas_jaissle</packager>
  <issue tracker="cve" id="CVE-2014-2326"></issue>
  <issue tracker="cve" id="CVE-2014-2328"></issue>
  <issue tracker="cve" id="CVE-2014-2708"></issue>
  <issue tracker="cve" id="CVE-2014-2709"></issue>
  <issue tracker="bnc" id="870821">VUL-0: CVE-2014-2326: cacti: xss attacjs ub 0.8.7g</issue>
  <issue tracker="bnc" id="872008">VUL-0: CVE-2014-2708, CVE-2014-2709: cacti: command injection issues</issue>
  <issue tracker="cve" id="CVE-2013-5588"></issue>
  <issue tracker="cve" id="CVE-2013-5589"></issue>
  <issue tracker="bnc" id="837440">VUL-0: CVE-2013-5588 CVE-2013-5589: cacti: XSS and SQL injection vulnerabilities</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>cacti: security fixes; cacti-spine: update to 0.8.8b</summary>
  <description>cacti was patched to fix several security issues:

  * CVE-2013-5588: XSS injection vulnerability
  * CVE-2013-5589: SQL injection vulnerability
  * CVE-2014-2326: XSS injection vulnerability
  * CVE-2014-2328: Remote Command Execution Vulnerability
  * CVE-2014-2708: SQL Injection Vulnerability
  * CVE-2014-2709: Remote Command Execution Vulnerability


cacti-spine was updated to 0.8.8b to fix the following issue:

 * bug: set appropriate mysql 5.5+ timeouts</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places