Package cacti: Information
Default inline alert: Version in the repository: 1.2.26-alt1
Source package: cacti
Version: 1.2.10-alt1
Build time: Mar 15, 2020, 11:38 PM in the task #247881
Category: Monitoring
Report package bugHome page: http://www.cacti.net/
License: GPL
Summary: The complete RRDTool-based graphing solution.
Description:
Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain graphs, data sources, and round robin archives in a database, Cacti also handles the data gathering. There is SNMP support for those used to creating traffic graphs with MRTG.
Maintainer: Alexey Shabalin
Last changed
March 15, 2020 Alexey Shabalin 1.2.10-alt1
- 1.2.10 - Fixes: + CVE-2019-17357 When viewing graphs, some input variables are not properly checked (SQL injection possible) + CVE-2019-17358 When deserializating data, ensure basic sanitization has been performed + CVE-2019-16723 Security issue allows to view all graphs + CVE-2020-7106 Lack of escaping on some pages can lead to XSS exposure + CVE-2020-7237 Remote Code Execution due to input validation failure in Performance Boost Debug Log + CVE-2020-8813 When guest users have access to realtime graphs, remote code could be executed
April 5, 2019 Alexey Shabalin 1.2.3-alt1
- 1.2.3
March 5, 2019 Alexey Shabalin 1.2.2-alt1
- 1.2.2 - drop php5 package, php7 package merge with main