From 65fa7122f4e7785f42530f713072c32f4f9b9945 Mon Sep 17 00:00:00 2001 From: Mike McGrath Date: Apr 23 2010 13:54:04 +0000 Subject: fixing sql injection issues - 585207 --- diff --git a/cacti.spec b/cacti.spec index 1be25b8..f4efec6 100644 --- a/cacti.spec +++ b/cacti.spec @@ -1,6 +1,6 @@ Name: cacti Version: 0.8.7e -Release: 3%{?dist} +Release: 4%{?dist} Summary: An rrd based graphing tool Group: Applications/System @@ -15,6 +15,7 @@ Patch0: cli_add_graph.patch Patch1: snmp_invalid_response.patch Patch2: template_duplication.patch Patch3: cross_site_fix.patch +Patch4: sql_injection_template_export.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -38,6 +39,7 @@ used to creating traffic graphs with MRTG. %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 echo "#*/5 * * * * cacti %{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron @@ -113,6 +115,11 @@ fi %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib %changelog +* Fri Apr 23 2010 Mike McGrath - 0.8.7e-4 +- Pulling in patches from upstream +- SQL injection fix +- BZ #541279 + * Tue Dec 1 2009 Mike McGrath - 0.8.7e-3 - Pulling in some official patches - #541279 diff --git a/sql_injection_template_export.patch b/sql_injection_template_export.patch new file mode 100644 index 0000000..397990c --- /dev/null +++ b/sql_injection_template_export.patch @@ -0,0 +1,13 @@ +--- cacti-0.8.7e/templates_export.php 2009-06-28 12:07:11.000000000 -0400 ++++ cacti-fixed/templates_export.php 2010-04-17 14:08:42.000000000 -0400 +@@ -49,6 +49,10 @@ + function form_save() { + global $export_types; + ++ /* ================= input validation ================= */ ++ input_validate_input_number(get_request_var_post("export_item_id")); ++ /* ==================================================== */ ++ + if (isset($_POST["save_component_export"])) { + $xml_data = get_item_xml($_POST["export_type"], $_POST["export_item_id"], (((isset($_POST["include_deps"]) ? $_POST["include_deps"] : "") == "") ? false : true)); +