Date: Sat, 20 Jun 2015 09:07:45 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 200963] [maintainer] [patch] [security] net-mgmt/cacti update to latest, fix XSS etc Message-ID: <bug-200963-13-Z873KGTpP9@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-200963-13@https.bugs.freebsd.org/bugzilla/> References: <bug-200963-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200963 --- Comment #2 from Daniel Austin <freebsd-ports@dan.me.uk> --- (In reply to Jason Unovitch from comment #1) Here's the full list of changes: http://www.cacti.net/release_notes_0_8_8d.php And a summary of security related ones from the list: Fixed SQL injection VN: JVN#78187936 / TN:JPCERT#98968540 [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification SQL Injection and Location header injection from cdef id CVE-2015-4342 SQL injection in graph templates -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-200963-13-Z873KGTpP9>