0.8.7i needs packaging for 10.04 and up, including PIA
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cacti (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
Hi
It doesn't appear that 0.8.7i is officially packaged for any production release of Ubuntu. It was released in Dec 2011.
Release notes:
http://
http://
Important Security Fixes
* SQL injection issues
* Cross-site scripting issues
In addition the Plugin Architecture (PIA) patch is provided in a new source code release, as noted here:
* http://
Previously, PIA had to be manually patched. PIA provides added useful functionality including Threshold reporting.
Interestingly, the EPEL repo for Redhat/Fedora has released 0.8.7i but it is without the PIA. They are treating Cacti+PIA as a fork:
https:/
Thanks
James
Thank you for reporting this to Ubuntu. Stable release security updates are handled by cherry picking patches and preparing a debdiff, please see https:/ /wiki.ubuntu. com/SecurityTea m/UpdatePrepara tion for more information. If there are new features that you'd like from 0.8.7i, we could backport cacti and cacti-spine from precise (0.8.7i-1ubuntu1) if there is someone to test each backport before we release it.