Ubuntu
cacti package

0.8.7i needs packaging for 10.04 and up, including PIA

Bug #924050 reported by James
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
cacti (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

Hi

It doesn't appear that 0.8.7i is officially packaged for any production release of Ubuntu. It was released in Dec 2011.

Release notes:
http://www.cacti.net/release_notes_0_8_7i.php
http://forums.cacti.net/viewtopic.php?f=4&t=45871

Important Security Fixes
* SQL injection issues
* Cross-site scripting issues

In addition the Plugin Architecture (PIA) patch is provided in a new source code release, as noted here:
* http://www.cacti.net/download_cacti.php

Previously, PIA had to be manually patched. PIA provides added useful functionality including Threshold reporting.

Interestingly, the EPEL repo for Redhat/Fedora has released 0.8.7i but it is without the PIA. They are treating Cacti+PIA as a fork:
https://bugzilla.redhat.com/show_bug.cgi?id=766573

Thanks
James

Revision history for this message
Micah Gersten (micahg) wrote :

Thank you for reporting this to Ubuntu. Stable release security updates are handled by cherry picking patches and preparing a debdiff, please see https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation for more information. If there are new features that you'd like from 0.8.7i, we could backport cacti and cacti-spine from precise (0.8.7i-1ubuntu1) if there is someone to test each backport before we release it.

Changed in cacti (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for cacti (Ubuntu) because there has been no activity for 60 days.]

Changed in cacti (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.