Commit ec365ab8 authored by Natanael Copa's avatar Natanael Copa

main/cacti: security upgrade to 0.8.8g (CVE-2015-8369, CVE-2015-8377)

fixes #4993
parent 2cd7a670
# Maintainer: Jeff Bilyk <jbilyk@gmail.com>
pkgname=cacti
pkgver=0.8.8f
pkgrel=2
pkgver=0.8.8g
pkgrel=0
pkgdesc="Network monitoring tool based on RRDtool"
url="http://www.cacti.net"
arch="noarch"
......@@ -9,8 +9,6 @@ license="GPL2+"
depends="mysql php php-mysql php-snmp rrdtool net-snmp php-sockets php-xml php-gd"
makedepends=""
source="http://www.cacti.net/downloads/$pkgname-$pkgver.tar.gz
CVE-2015-8369.patch
CVE-2015-8604.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
......@@ -33,12 +31,6 @@ package() {
mv "$srcdir"/$pkgname-$pkgver/* "$pkgdir"/usr/share/webapps/cacti/ || return 1
}
md5sums="8d90642b362f80c46c489c5531e2ba90 cacti-0.8.8f.tar.gz
aad7eea5843fe6518bd5ac2c83f4681b CVE-2015-8369.patch
d2d7a561ddad59bcf4e1092c048d26c0 CVE-2015-8604.patch"
sha256sums="2ea92407c11bf13302558a5bc9e1f3a57bd14a1d9ded48c505ec495762f76738 cacti-0.8.8f.tar.gz
8f6ffaa2fd7ceb929ccae471ff7e2b462d37ac62c9ce8cffde635205d0eb03d8 CVE-2015-8369.patch
766a50cb6d14a0d03811e6332d4d46b6f6717574de370d2d6ab50c2c9b164e73 CVE-2015-8604.patch"
sha512sums="b712a9f8b7bee632cb4982fed72793ac2f4d70aa042784bbd2fd3923a27901f457393aa95bbd63960187e85fe462c35e88fa3cd93e8537a3a68f94bdbf5d7f2b cacti-0.8.8f.tar.gz
1a7de23cf9937905463a2634840fa8878d650e1562565b99ae4f1e7a0200f9942ab2d9f59c7824cbadce9c2e9ee40e5639f8ac8ceba1a4d0349585583d301019 CVE-2015-8369.patch
9677039934b0ce4c42f31437591b2b1d37303e3009c5d773700ffab7e92d20183156f9ec2659bb38876f44095cc2886c0afc9cc03bd950832be2e96dc02620b1 CVE-2015-8604.patch"
md5sums="75f660d54152182e1dbbf0db73143098 cacti-0.8.8g.tar.gz"
sha256sums="3187bd5054ae4e54496bb23187f14c79a441fedcfd397a2d27cd60179f0dee33 cacti-0.8.8g.tar.gz"
sha512sums="cbac69de47a32de8b87d0fc2f32e90eb70f7f13828fd17764957b5afbbcc7a8954ccc49f30f414d5fdf09142967a9ddcb4cde66d03569407ae05fc36612b731c cacti-0.8.8g.tar.gz"
This diff is collapsed.
Description: SQL injection vulnerability in the host_new_graphs function in
graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users
to execute arbitrary SQL commands via crafted serialized data in the
selected_graphs_array parameter in a save action.
Author: Paul Gevers <elbrus@debian.org>
Bug: http://bugs.cacti.net/view.php?id=2652
Index: cacti/graphs_new.php
===================================================================
--- cacti.orig/graphs_new.php
+++ cacti/graphs_new.php
@@ -252,6 +252,9 @@ function host_new_graphs($host_id, $host
while (list($form_type, $form_array) = each($selected_graphs_array)) {
while (list($form_id1, $form_array2) = each($form_array)) {
+ /* ================= input validation ================= */
+ input_validate_input_number($form_id1);
+ /* ==================================================== */
if ($form_type == "cg") {
$graph_template_id = $form_id1;
@@ -260,6 +263,7 @@ function host_new_graphs($host_id, $host
while (list($form_id2, $form_array3) = each($form_array2)) {
/* ================= input validation ================= */
input_validate_input_number($snmp_query_id);
+ input_validate_input_number($form_id2);
/* ==================================================== */
$snmp_query_id = $form_id1;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment