Security uploads for cacti (trusty and xenial)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cacti (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Trusty |
Fix Released
|
High
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Since the last uploads in security upload in Trusty and the last upload in Xenial, multiple CVE's have been reported against cacti.
Please upload the attached debdiff's to fix all open issues in Trusty and Xenial. Because the state in Debian's LTS Wheezy is similar to Trusty, I applied all the changes since the last common change-set. For Xenial, I based the changes on Jessie's stable uploads.
To be perfectly clear, I did verify that all the patches apply cleanly (and build cleanly on debomatic, although that doesn't say much for a php package), but I haven't verified functionality as I could bring myself to do that for Ubuntu (I already did that too often for the Debian packages). But because this all is php and the patches are already exposed in Debian for an extremely long time, I don't see much risk (please judge yourself though).
information type: | Public → Public Security |
Changed in cacti (Ubuntu Xenial): | |
importance: | Undecided → Medium |
Changed in cacti (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in cacti (Ubuntu): | |
status: | New → Fix Released |
importance: | Undecided → Medium |
tags: | removed: security |
typo: "I could bring myself" -> "I couldn't bring myself"