From c2bf1096f1539a56da8bbb5894c24da8d488e363 Mon Sep 17 00:00:00 2001 From: Mike McGrath Date: Sep 14 2007 21:30:16 +0000 Subject: Release bump because Its friday and I'm stupid --- diff --git a/CVE-2007-3112.patch b/CVE-2007-3112.patch new file mode 100644 index 0000000..e77b2b4 --- /dev/null +++ b/CVE-2007-3112.patch @@ -0,0 +1,29 @@ +--- branches/BRANCH_0_8_6/cacti/graph_image.php 2007/03/04 20:17:57 3898 ++++ branches/BRANCH_0_8_6/cacti/graph_image.php 2007/06/04 06:41:13 3956 +@@ -49,22 +49,22 @@ + $graph_data_array = array(); + + /* override: graph start time (unix time) */ +-if (!empty($_GET["graph_start"])) { ++if (!empty($_GET["graph_start"]) && $_GET["graph_start"] < 1600000000) { + $graph_data_array["graph_start"] = $_GET["graph_start"]; + } + + /* override: graph end time (unix time) */ +-if (!empty($_GET["graph_end"])) { ++if (!empty($_GET["graph_end"]) && $_GET["graph_end"] < 1600000000) { + $graph_data_array["graph_end"] = $_GET["graph_end"]; + } + + /* override: graph height (in pixels) */ +-if (!empty($_GET["graph_height"])) { ++if (!empty($_GET["graph_height"]) && $_GET["graph_height"] < 3000) { + $graph_data_array["graph_height"] = $_GET["graph_height"]; + } + + /* override: graph width (in pixels) */ +-if (!empty($_GET["graph_width"])) { ++if (!empty($_GET["graph_width"]) && $_GET["graph_width"] < 3000) { + $graph_data_array["graph_width"] = $_GET["graph_width"]; + } + diff --git a/cacti.spec b/cacti.spec index 5dcf174..8c0121b 100644 --- a/cacti.spec +++ b/cacti.spec @@ -1,6 +1,6 @@ Name: cacti Version: 0.8.6j -Release: 7%{?dist} +Release: 8%{?dist} Summary: An rrd based graphing tool Group: Applications/System @@ -105,7 +105,7 @@ fi %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib %changelog -* Fri Sep 14 2007 Mike McGrath - 0.8.6j-7 +* Fri Sep 14 2007 Mike McGrath - 0.8.6j-8 - Fix for CVE-2007-3112 bz#243592 * Sat Sep 08 2007 Mike McGrath - 0.8.6j-6