Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:7504
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="7504"> <issue id="1067166" tracker="bnc">VUL-0: CVE-2017-16641: cacti: lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands</issue> <issue id="1067164" tracker="bnc">VUL-0: CVE-2017-16660: cacti: Cacti 1.1.27 allows remote authenticated administrators to conduct Remote CodeExecution attacks</issue> <issue id="1068028" tracker="bnc">VUL-0: CVE-2017-16785: Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.</issue> <issue id="1067163" tracker="bnc">VUL-0: CVE-2017-16661: cacti: Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files</issue> <issue id="2017-16660" tracker="cve" /> <issue id="2017-16661" tracker="cve" /> <issue id="2017-16785" tracker="cve" /> <issue id="2017-16641" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>dliedke</packager> <description>This update for cacti, cacti-spine to version 1.1.28 fixes the following issues: - CVE-2017-16641: Potential code execution vulnerability in RRDtool functions (boo#1067166) - CVE-2017-16660: Remote execution vulnerability in logging function (boo#1067164) - CVE-2017-16661: Arbitrary file read vulnerability in view log file (boo#1067163) - CVE-2017-16785: Reflection XSS vulnerability (boo#1068028) This update to version 1.1.28 also contains a number of upstream bug fixes and improvements. </description> <summary>Security update for cacti, cacti-spine</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor