rpms / cacti

Clone
Source Code
GIT

e04c03e patchs for CVEs

Authored and Committed by ktdreyer 10 years ago
raw patch tree parent
4 files changed. 199 lines added. 4 lines removed.
cacti-0.8.8b-html-injection.patch
file added
+19
cacti-0.8.8b-remote-command-execution.patch
file added
+28
cacti-0.8.8b-sql-injection-shell-escaping.patch
file added
+117
cacti.spec
file modified
+35 -4 
    patchs for CVEs
    
    - Patch for CVE-2014-2708 SQL injection issues in graph_xport.php
      (RHBZ #1084258)
    - Patch for CVE-2014-2709 shell escaping issues in lib/rrd.php
      (RHBZ #1084258)
    - Patch for CVE-2014-2326 stored XSS attack (RHBZ #1082122)
    - Patch for CVE-2014-2327 missing CSRF token (RHBZ #1082122)
    - Patch for CVE-2014-2328 use of exec-like function calls without safety
      checks allow arbitrary command execution (RHBZ #1082122)
file added
+19
file added
+28
file added
+117
file modified
+35 -4
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.