Edit include/config.php and specify the MySQL user, password and database for your Cacti configuration.
-+Edit /etc/cacti/db.php and specify the MySQL user, password and database for your Cacti configuration.
-- $database_default = "cacti"; - $database_hostname = "localhost"; ---- ./docs/html/install_unix.html.orig 2006-01-13 15:32:28.000000000 -0600 -+++ ./docs/html/install_unix.html 2006-01-13 15:35:26.000000000 -0600 -@@ -67,7 +67,7 @@ -
Edit include/config.php and specify the MySQL user, password and database for your Cacti configuration.
-+Edit /etc/cacti/db.php and specify the MySQL user, password and database for your Cacti configuration.
-
- $database_default = "cacti";
- $database_hostname = "localhost";
diff --git a/cacti.spec b/cacti.spec
index 8b05c68..1545bbd 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
Name: cacti
-Version: 0.8.7
-Release: 2%{?dist}
+Version: 0.8.7a
+Release: 1%{?dist}
Summary: An rrd based graphing tool
Group: Applications/System
@@ -100,6 +100,10 @@ fi
%attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
%changelog
+* Tue Nov 20 2007 Mike McGrath - 0.8.7a-1
+- Upstream released new version
+- Fixes for bug #391691 - CVE-2007-6035
+
* Fri Oct 13 2007 Mike McGrath - 0.8.7-2
- Upstream released new version
- No longer need to patch for /etc/cacti/*
diff --git a/graph_debug_lockup_fix.patch b/graph_debug_lockup_fix.patch
deleted file mode 100644
index d740a2a..0000000
--- a/graph_debug_lockup_fix.patch
+++ /dev/null
@@ -1,18 +0,0 @@
---- cacti-0.8.6j/lib/rrd.php 2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/rrd.php 2007-03-01 15:32:18.609375000 -0500
-@@ -83,6 +83,7 @@
- if ($config["cacti_server_os"] == "unix") {
- /* an empty $rrd_struc array means no fp is available */
- if (sizeof($rrd_struc) == 0) {
-+ session_write_close();
- $fp = popen(read_config_option("path_rrdtool") . escape_command(" $command_line"), "r");
- }else{
- fwrite(rrd_get_fd($rrd_struc, RRDTOOL_PIPE_CHILD_READ), escape_command(" $command_line") . "\r\n");
-@@ -91,6 +92,7 @@
- }elseif ($config["cacti_server_os"] == "win32") {
- /* an empty $rrd_struc array means no fp is available */
- if (sizeof($rrd_struc) == 0) {
-+ session_write_close();
- $fp = popen(read_config_option("path_rrdtool") . escape_command(" $command_line"), "rb");
- }else{
- fwrite(rrd_get_fd($rrd_struc, RRDTOOL_PIPE_CHILD_READ), escape_command(" $command_line") . "\r\n");
diff --git a/ping_php_version4_snmpgetnext.patch b/ping_php_version4_snmpgetnext.patch
deleted file mode 100644
index 10576f6..0000000
--- a/ping_php_version4_snmpgetnext.patch
+++ /dev/null
@@ -1,42 +0,0 @@
---- cacti-0.8.6j/lib/ping.php 2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/ping.php 2007-01-20 19:45:55.015625000 -0500
-@@ -281,7 +281,13 @@
-
- /* poll sysUptime for status */
- $retry_count = 0;
-+
-+ /* getnext does not work in php versions less than 5 */
-+ if (version_compare("5", phpversion(), "<")) {
- $oid = ".1";
-+ }else{
$oid = ".1.3.6.1.2.1.1.3.0";
-+ }
-+
- while (1) {
- if ($retry_count >= $this->retries) {
- $this->snmp_status = "down";
-@@ -289,6 +295,8 @@
- return false;
- }
-
-+ /* getnext does not work in php versions less than 5 */
-+ if (version_compare("5", phpversion(), "<")) {
- $output = cacti_snmp_getnext($this->host["hostname"],
- $this->host["snmp_community"],
- $oid,
-@@ -298,6 +306,16 @@
- $this->host["snmp_port"],
- $this->host["snmp_timeout"],
- SNMP_CMDPHP);
-+ }else{
$output = cacti_snmp_get($this->host["hostname"],
-+ $this->host["snmp_community"],
-+ $oid,
-+ $this->host["snmp_version"],
-+ $this->host["snmp_username"],
-+ $this->host["snmp_password"],
-+ $this->host["snmp_port"],
-+ $this->host["snmp_timeout"],
-+ SNMP_CMDPHP);
-+ }
-
- /* determine total time +- ~10% */
- $this->time = $this->get_time($this->precision);
diff --git a/snmpwalk_fix.patch b/snmpwalk_fix.patch
deleted file mode 100644
index 9661ac6..0000000
--- a/snmpwalk_fix.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff -ruBbd cacti-0.8.6j/lib/snmp.php cacti-0.8.6j-patched/lib/snmp.php
---- cacti-0.8.6j/lib/snmp.php 2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patched/lib/snmp.php 2007-05-15 21:26:14.000000000 -0400
-@@ -221,9 +219,9 @@
- $temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -v$version -t $timeout -r $retries $hostname:$port $snmp_auth $oid");
- }else {
- if (file_exists($path_snmpbulkwalk) && ($version > 1)) {
-- $temp_array = exec_into_array($path_snmpbulkwalk . " -O n $snmp_auth -v $version -t $timeout -r $retries -Cr50 $hostname:$port $oid");
-+ $temp_array = exec_into_array($path_snmpbulkwalk . " -O Qn $snmp_auth -v $version -t $timeout -r $retries -Cr50 $hostname:$port $oid");
- }else{
-- $temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O n $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
-+ $temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O Qn $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
- }
- }
-
diff --git a/sources b/sources
index 57cb59e..4d4cbe5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-d28e8f9fd4b657c2ad79c4bcf1e3694d cacti-0.8.7.tar.gz
+7d298e496058ec91f6d1ecdc97e0cca5 cacti-0.8.7a.tar.gz
diff --git a/thumbnail_graphs_not_working.patch b/thumbnail_graphs_not_working.patch
deleted file mode 100644
index badb558..0000000
--- a/thumbnail_graphs_not_working.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- cacti-0.8.6j/lib/rrd.php 2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/rrd.php 2007-02-01 20:29:59.687500000 -0500
-@@ -1080,9 +1080,15 @@
-
- if ($graph_item_types{$graph_item["graph_type_id"]} == "COMMENT") {
- if (read_config_option("rrdtool_version") == "rrd-1.2.x") {
-- $txt_graph_items .= $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]) . $hardreturn[$graph_item_id] . "\" ";
-+ $comment_string = $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]) . $hardreturn[$graph_item_id] . "\" ";
-+ if (trim($comment_string) != "COMMENT:\"\"") {
-+ $txt_graph_items .= $comment_string;
-+ }
- }else {
-- $txt_graph_items .= $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . $graph_variables["text_format"][$graph_item_id] . $hardreturn[$graph_item_id] . "\" ";
-+ $comment_string = $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . $graph_variables["text_format"][$graph_item_id] . $hardreturn[$graph_item_id] . "\" ";
-+ if (trim($comment_string) != "COMMENT:\"\"") {
-+ $txt_graph_items .= $comment_string;
-+ }
- }
- }elseif (($graph_item_types{$graph_item["graph_type_id"]} == "GPRINT") && (!isset($graph_data_array["graph_nolegend"]))) {
- $graph_variables["text_format"][$graph_item_id] = str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]); /* escape colons */
diff --git a/tree_console_missing_hosts.patch b/tree_console_missing_hosts.patch
deleted file mode 100644
index dde7a00..0000000
--- a/tree_console_missing_hosts.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- cacti-0.8.6j/lib/html_tree.php 2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/html_tree.php 2007-01-27 15:48:50.390625000 -0500
-@@ -328,7 +328,7 @@
- while ($i > 1) {
- $i--;
-
-- $parent_tier = substr($tier_string, 0, $i * CHARS_PER_TIER);
-+ $parent_tier = tree_tier_string(substr($tier_string, 0, $i * CHARS_PER_TIER));
- $parent_variable = "sess_tree_leaf_expand_" . $leaf["graph_tree_id"] . "_" . $parent_tier;
-
- $effective = @$_SESSION[$parent_variable];
-@@ -365,8 +365,6 @@
- @returns - the string representing the leaf position
- */
- function tree_tier_string($order_key, $chars_per_tier = CHARS_PER_TIER) {
-- $root_test = str_pad('', $chars_per_tier, '0');
--
- $new_string = preg_replace("/0+$/",'',$order_key);
-
- return $new_string;