Date: Sat, 28 May 2016 13:00:26 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 209809] net-mgmt/cacti: upgrade to 0.8.8h - fix sql vulns Message-ID: <bug-209809-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D209809 Bug ID: 209809 Summary: net-mgmt/cacti: upgrade to 0.8.8h - fix sql vulns Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch, patch-ready, security Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: freebsd-ports@dan.me.uk Attachment #170749 maintainer-approval+ Flags: Flags: maintainer-feedback+, merge-quarterly? Created attachment 170749 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D170749&action= =3Dedit update to 0.8.8h This is a security update for cacti to resolve SQL exploits. Overview: * upgrade to 0.8.8h codebase from vendor * fix SQL vulnerabilities including CVE-2016-3659 * fix USE_MYSQL -> USES:mysql * fix deprecated mysql php module requirement (use mysqli instead) * fix overwriting of failure/recovery dates after outages Files added: files/patch-lib__functions.php Files modified: Makefile distinfo pkg-plist files/patch-install__index.php Poudriere testport logs: https://poudriere.dan.tm/poudriere/data/latest-per-pkg/cacti/0.8.8h/ Please merge-quarterly due to SQL vulns patched. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-209809-13>