[Bug 284583] net-mgmt/cacti: update to 1.2.29

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 284583] net-mgmt/cacti: update to 1.2.29"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 05 Feb 2025 08:41:55 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=284583

            Bug ID: 284583
           Summary: net-mgmt/cacti: update to 1.2.29
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: rodrigo@FreeBSD.org
                CC: m.muenz@gmail.com
                CC: m.muenz@gmail.com
             Flags: maintainer-feedback?(m.muenz@gmail.com)

Created attachment 257248
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=257248&action=edit
Upgrade patch

This version include the following security fixes:

* security #GHSA-c5j8-jxj3-hh36: Authenticated RCE via multi-line SNMP
responses
* security #GHSA-f9c7-7rc3-574c: SQL Injection vulnerability when using tree
rules through Automation API
* security #GHSA-fh3x-69rr-qqpp: SQL Injection vulnerability when request
automation devices
* security #GHSA-fxrq-fr7h-9rqq: Arbitrary File Creation leading to RCE
* security #GHSA-pv2c-97pp-vxwg: Local File Inclusion (LFI) Vulnerability via
Poller Standard Error Log Path
* security #GHSA-vj9g-p7f2-4wqj: SQL Injection vulnerability when view host
template

-- 
You are receiving this mail because:
You are the assignee for the bug.