From nobody Wed Feb 05 08:44:22 2025
X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ynv100JSsz5mPhw
	for <freebsd-ports@mlmmj.nyi.freebsd.org>; Wed, 05 Feb 2025 08:44:20 +0000 (UTC)
	(envelope-from rodrigo@FreeBSD.org)
Received: from smtp.osorio.me (mvd.osorio.me [37.187.111.94])
	by mx1.freebsd.org (Postfix) with ESMTP id 4Ynv0z5nXQz3Mtq
	for <freebsd-ports@freebsd.org>; Wed, 05 Feb 2025 08:44:19 +0000 (UTC)
	(envelope-from rodrigo@FreeBSD.org)
Authentication-Results: mx1.freebsd.org;
	none
Received: from [192.168.66.180] (lfbn-idf1-1-971-net.w86-238.abo.wanadoo.fr [86.238.50.0])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by smtp.osorio.me (Postfix) with ESMTPSA id B8C11B9302;
	Wed, 05 Feb 2025 08:44:34 +0000 (UTC)
Message-ID: <fe875972-817f-462b-a888-902efcf55170@FreeBSD.org>
Date: Wed, 5 Feb 2025 09:44:22 +0100
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-ports
List-Help: <mailto:ports+help@freebsd.org>
List-Post: <mailto:ports@freebsd.org>
List-Subscribe: <mailto:ports+subscribe@freebsd.org>
List-Unsubscribe: <mailto:ports+unsubscribe@freebsd.org>
X-BeenThere: freebsd-ports@freebsd.org
Sender: owner-freebsd-ports@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Rodrigo Osorio <rodrigo@FreeBSD.org>
Subject: Re: Cacti vulnerabilities
To: Andrea Venturoli <ml@netfence.it>, m.muenz@gmail.com
Cc: freebsd-ports@freebsd.org
References: <aa468f60-143a-489b-9d03-f1c89be93493@netfence.it>
Content-Language: en-US
In-Reply-To: <aa468f60-143a-489b-9d03-f1c89be93493@netfence.it>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4Ynv0z5nXQz3Mtq
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	TAGGED_RCPT(0.00)[];
	ASN(0.00)[asn:16276, ipnet:37.187.0.0/16, country:FR]

Hi,

I just create the PR 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=284583
and finishing the tests.

regards
-- rodrigo

On 05/02/25 08:20, Andrea Venturoli wrote:
> Hello.
>
> First off, thanks for all your work as Cacti maintainer.
>
> We have version 1.2.28 in port tree, but this was recently deemed as 
> vulnerabile and 1.2.29 has been out since a few days.
>
> Are you planning the upgrade?
> Can you give a timeframe?
>
> Just asking, because otherwise we'll need to think about some other 
> kind of remediations. :(
>
>  bye & Thanks
>     av.
>